Sandboxing Tag

One of the common misconceptions regarding a conventional sandbox is how much it can actually observe when evaluating an object for malicious behavior. Because a conventional sandbox runs in an isolated virtual machine environment, an object can safely execute without risk of...

Advanced malware solutions ("sandboxes") traditionally use virtual machines (VM) to analyze suspicious objects to find out if they are malicious. However, advanced malware is capable of detecting the presence of the virtual machine technology used by conventional sandboxes and leveraging this weakness to...

Bridging static and dynamic analysis using Lastline process snapshotting Authored by: Arunpreet Singh and Dr. Christopher Kruegel   Scareware is a type of malware that takes advantage of people’s fear of revealing their private information, losing their critical data, or facing irreversible...

New information about the Advanced Persistent Threat (APT) is hitting media headlines every day. In just the last few months alone, we have read horror stories of sophisticated malware like Duqu2 (which uses a kernel mode exploit to load its kernel mode component), targeted attacks...

As I took on a global manager role these past few years, I have had to evaluate different solutions that would help my team do their job better. Quite the reversal from being the vendor wanting to show prospects the solution I sell and proving...