Security Blog

Chris Larsen's picture
Written by
Chris Larsen

It's fun when two or more research lines intersect...

Chris Larsen's picture
Written by
Jeff Doty

Something old: Malvertising (using legitimate web advertisement companies to spread and install malicious software).

Something new: Flash zero day exploit. CVE-2015-0313. https://helpx.adobe.com/security/products/flash-player/apsa15-02.html

Chris Larsen's picture
Written by
Chris Larsen

One of the constants of life on the Web is that the Bad Guys can count on people searching for stuff to download -- and a lot of those people will click on anything that looks promising. Even if the site hosting it looks rather... low budget:

Chris Larsen's picture
Written by
Chris Larsen

Back in the way-old days of the Web, we had .com, .net, .org, .gov, .mil, and a bunch of two-letter "country code" Top Level Domains (TLDs).

Over the years, a few additional TLDs were approved, both familiar (.info, .biz, .mobi, .name, .pro) and less-familiar (.aero, .asia, .cat, .coop, .int, .jobs, .museum, .tel, .travel, .post).

Snorre Fagerland's picture
Written by
Basavaraj K. Biradar

 

 

After reading the Inception paper by Snorre Fagerland and Waylon Grange, I got curious about this threat and did some reversing. I felt that it would be good to write a technical blog about the process - maybe it could be helpful or interesting for some.

Chris Larsen's picture
Written by
Chris Larsen

In the previous post on recent Search Engine Poisoning (SEP) data, there were a few pieces of interesting research that "missed the cut-off". But they're worth a look...

 

Image Searches