Security Blog

Chris Larsen's picture
Written by
Chris Larsen

Last week, while digging into a site with relatively high traffic and a weird name (zupaluzutirtuf.net), I came across a classic "snooper page" -- a page put up by malicious or shady sites as camouflage for their activities, or to convince people like me who come snooping around that there's "nothing to see here":

Jason Carpenter's picture
Written by
Jason Carpenter
Virus Total 15/47 Detected as Generic Trojan – Not all malicious samples are after your data. Some simply want to redirect your browser. Often this is less about stealing your data, and more about getting ‘hits’ on their website. Sometimes it’s an easy fix, change your home page, and its fine. Other times it warrants a bit deeper of an investigation.
Chris Larsen's picture
Written by
Chris Larsen

Last week, I was taking a look at some traffic when an interesting domain name jumped out at me. (Well, it didn't literally jump out at me, of course. I'd probably describe its behavior more along the lines of "a needle trying to hide behind a bunch of hay"...)

Anonymous's picture
Written by
Trygve Brox
Clicking buttons for a living – With the huge and ever-growing volume of malicious samples we see today, automation has become increasingly important. Security vendors and companies with an interest in securing their networks expend more and more resources analyzing files and network traffic looking for malware, targeted attacks and other threats.
Anonymous's picture
Written by
Caleb Pope
RSA recently announced the newest iteration of banking Trojan – “KINS” (see below). Despite its efforts for vm detection, this commercially available variant’s behavior was processed in our Malware Analyzer G2, including the rerunning of its dropped files and its active connection with C&C.
Anonymous's picture
Written by
Caleb Pope
Information is Beautiful recently released a visualization of the “World’s Biggest Data Breaches” allowing for filtration between sector, tactic and sensitivity. Although this only displays the data of known breaches of more than 30,000 records, it is apparent that the concept of common-sector targets is no longer true.