Lastline Labs Blog

A Look at Advanced Targeted Attacks Through the Lense of a Human-Rights NGO, World Uyghur Congress

Posted by Dr. Engin Kirda ON Aug 12, 2014

In my capacity as an academic researcher at Northeastern University, I collaborated with computer scientists Stevens Le Blond, Adina Uritesc...

Exploit Analysis via Process Snapshotting

Posted by Roman Vasilenko ON Jul 29, 2014

In this third post in our blog series on process snapshotting (see previous posts on PlugX and Shiz’ code injection),...

Dissecting Payload Injection Using LLama Process Snapshots

Posted by Roman Vasilenko ON Jun 17, 2014

In our last blog-post on process snapshotting, we showed how process snapshots (or “dumps”) allow bridging the gap between dynamic...

An Analysis of PlugX Using Process Dumps from High-Resolution Malware Analysis

Posted by Roman Vasilenko ON Jun 5, 2014

Targeted attacks and so-called APTs (advanced persistent threats) come in many forms and colors. Very often, in-house malware analysis teams...

Analyzing an “Ultra-Advanced APT Tool” Using High-Resolution Dynamic Analysis

Posted by Clemens Kolbitsch ON May 30, 2014

Every AV I've tested is helpless against Violent Python attacks; the only good defense I've found is...

Detecting Keyloggers on Dynamic Analysis Systems

Posted by Clemens Kolbitsch ON May 28, 2014

Authored by: Kevin Hamacher, Dario Filho, Clemens Kolbitsch One notorious functionality present in many variants of today’s advanced malware is the ability...

Antivirus Isn’t Dead, It Just Can’t Keep Up

Posted by Giovanni Vigna ON May 21, 2014

Much has been said in recent weeks about the state of antivirus technology. To add facts to the debate, Lastline...

Analyzing a banking Trojan

Posted by Sebastian Poeplau ON Apr 17, 2014

In our effort to detect threats to the users of Android devices, we analyze a lot of malicious apps. This...

A Pipeline for Scalable Analysis Capability

Posted by Marco Cova ON Apr 16, 2014

An area where we spend quite some effort here at Lastline is scaling up our malware analysis capabilities, that is...

How To Build An Effective Malware Analysis Sandbox

Posted by Dr. Christopher Kruegel ON Mar 27, 2014

Automated malware analysis systems (or sandboxes) are one of the latest weapons in the arsenal of security vendors. Such systems...

Lastline Labs Blog

A Look at Advanced Targeted Attacks Through the Lense of a Human-Rights NGO, World Uyghur Congress

Exploit Analysis via Process Snapshotting

Dissecting Payload Injection Using LLama Process Snapshots

An Analysis of PlugX Using Process Dumps from High-Resolution Malware Analysis

Analyzing an “Ultra-Advanced APT Tool” Using High-Resolution Dynamic Analysis

Detecting Keyloggers on Dynamic Analysis Systems

Antivirus Isn’t Dead, It Just Can’t Keep Up

Analyzing a banking Trojan

A Pipeline for Scalable Analysis Capability

How To Build An Effective Malware Analysis Sandbox

Ransomware Network Communication [Part 3]

Ransomware: Too Overt to Hide [Part 2]

Ransomware Delivery Mechanisms [Part 1]

LATEST PRESS RELEASES

Lastline CEO Dr. Christopher Kruegel to Discuss Malware Analysis for Non-Windows Operating Systems at Black Hat USA

MEDIA MENTIONS

3 Biggest Cyber Security Mistakes By Employees, How To Protect Against Them

FROM THE BLOG

Avanti Breach – Does This Signify IoT Attacks Have Become Mainstream?