Lastline’s Top 10 Blogs of 2017

Lastline’s Top 10 Blogs of 2017

One could argue that cybercriminals had a real break-out year in 2017. Huge data breaches, new malware techniques, and some headline-grabbing attacks. Our top 10 blog posts demonstrate the interest in what the bad guys are up to, and how to defend against it. From the WannaCry attack to malware being downloaded from simply hovering over a link, to scriptlets embedded in Microsoft Office documents, the attacks, and our coverage of them, clearly captured many readers’ interest. Here is a short walk down memory lane as we provide our 10 most-read blog posts of 2017.


By Patrick Bedwell

WannaCry Ransomware – What We Know, and What You Can Do

Here is our summary of what we knew about the WannaCry attack that struck 150 countries (affecting over 200,000 systems) during May 2017.


By Patrick Bedwell

A Deep Dive into the NotPetya Ransomware Attack

Here is our summary of the NotPetya ransomware attack that started in Ukraine. The attack was widespread and did not appear to target any particular industry, region, or country.

Scriptlets Attack Abstract

By David Wells

 When Scriptlets Attack: Excel’s Alternative to DDE Code Execution

Lastline Labs discovered a malicious Office Excel file that appeared to have the ability to download and execute malware. Examining the file, researchers saw no evidence of macros, shellcode, or DDE functionality.

Targeted attacks HWP Example

By Alexander Sevtsov

Uncovering Nation-Specific, Targeted Attacks ( . . . without Knowing Korean)

These attackers exploit nation-specific applications to propagate malware.

Ransomware Delivery Mechanisms part 1 featured

By Alexander Sevtsov & Clemens Kolbitsch

Ransomware Delivery Mechanisms [Part 1]

Part 1 of this ransomware blog series looks into the delivery mechanisms for ransomware, which file types are commonly used for ransomware distribution, and how an infection typically takes place.

ransomware behavior part 2 featured

By Alexander Sevtsov & Clemens Kolbitsch

Ransomware: Too Overt to Hide [Part 2]

Part 2 of this ransomware blog series Lastline Labs dives into how ransomware works.

Intelligently Detect Network Compromises Featured

By Giovanni Vigna

From Trapping to Hunting: Intelligently Analyzing Anomalies to Detect Network Compromises

To detect network compromises, companies should use a hunting tool that collects, models, reports, presents, and expands the analysis.

same wolf malware evasion

By Arunpreet Singh

Malware Evasion Techniques: Same Wolf – Different Clothing

Lastline Labs explains how advanced malware detection systems can identify and defeat emerging malware evasion techniques.

Malicious Email

By Bert Rankin

Top 10 Malicious Email Threats

Malicious email authors can be clever and relentless . . . Cybercriminals use a variety of email-based attacks to deliver malware, lure victims to malicious websites, and steal login credentials.

hovering mouse

By Bert Rankin

 Malware Analysis—Mouse Hovering Can Cause Infection

The dangers of clicking on a link are well understood, but in this attack, merely hovering over the link can trigger the malware to load.

John Love

John Love

John Love has been in hi-tech marketing for over 30 years. After spending his first 18 years at Apple, he worked at Logitech and several startups, and has been in security since 2010.
John Love