Lastline Labs Blog

ModPOS: A Framework Lurking in Point-of-Sale System Kernels

Posted by Subrat Sarkar ON Apr 7, 2016

Authored by: Subrat Sarkar, Arunpreet Singh, and Clemens Kolbitsch Diving deeply into the ModPOS malware framework using sandbox process snapshotting Point-of-sale (POS)...

Three interesting changes in malware activity over the past year

Posted by Alexander Sevtsov ON Mar 31, 2016

Every day, our Lastline sensors observe millions of files that our customers download from the Internet or receive as email...

A Peek Behind the Cryptowall

Posted by Lastline ON Jan 28, 2016

Bridging static and dynamic analysis using Lastline process snapshotting Authored by: Arunpreet Singh and Dr. Christopher Kruegel ...

Defeating Darkhotel Just-In-Time Decryption

Posted by Lastline ON Nov 5, 2015

Authored by: Arunpreet Singh and Clemens Kolbitsch The use of runtime-packing of malware has long become the standard to defeat traditional AV products. At...

PathArmor: Practical ROP Protection Using Context-sensitive CFI

Posted by Lastline ON Nov 3, 2015

In October 2015, at the ACM CCS 2015 conference, my colleagues Dennis Andriesse and Victor van der Veen from the Vrije Universiteit...

Lifting the Seams of the Shifu “Patchwork” Malware

Posted by Clemens Kolbitsch ON Sep 4, 2015

Authored by: Clemens Kolbitsch and Arunpreet Singh Another week comes to an end, another wave of evasive malware is attacking users. This week: Shifu. This...

Awakening Dormant Functionality in Malware Programs

Posted by Clemens Kolbitsch ON Aug 26, 2015

Authored by: Clemens Kolbitsch, Joe Giron, and Arunpreet Singh Over recent years, we have seen a rapid evolution of security products. Whenever a...

Turla: APT Group Gives Their Kernel Exploit a Makeover

Posted by Lastline ON Jul 30, 2015

Authored by: Arunpreet Singh, Clemens Kolbitsch The Turla malware family is part of one of the most sophisticated malware families seen in...

Catching the Hacking Team’s System Access Token Thief Red-Handed

Posted by Lastline ON Jul 13, 2015

Authored by: Arunpreet Singh, Roman Vasilenko In their Youtube commercial, the infamous Hacking Team promises to their clients, who are typically government or law...

Unmasking Kernel Exploits

Posted by Lastline ON Jul 7, 2015

A large set of publicly disclosed Advanced Persistent Threat (APT) and nation state attacks use sophisticated malware (e.g Turla, Duqu,...

Lastline Labs Blog

ModPOS: A Framework Lurking in Point-of-Sale System Kernels

Three interesting changes in malware activity over the past year

A Peek Behind the Cryptowall

Defeating Darkhotel Just-In-Time Decryption

PathArmor: Practical ROP Protection Using Context-sensitive CFI

Lifting the Seams of the Shifu “Patchwork” Malware

Awakening Dormant Functionality in Malware Programs

Turla: APT Group Gives Their Kernel Exploit a Makeover

Catching the Hacking Team’s System Access Token Thief Red-Handed

Unmasking Kernel Exploits

Threat Actor “Cold River”: Network Traffic Analysis and a Deep Dive on Agent Drable

Tales From the Field: The Surge of Agent Tesla

Evading Static Analyzers by Solving the Equation (Editor)

LATEST PRESS RELEASES

Lastline Takes Gold for Best Security Software in the 2019 ISPG Global Excellence Awards

MEDIA MENTIONS

Coffee Meets Bagel alerts users their accounts have been hacked on the most romantic day of the year

FROM THE BLOG

AI Done Right – Not all AI-powered Network Security is Created Equal