877.791.9571 |

About the Author:

Albert has five years experience in the information security field, encompassing SIEM, malware analysis, investigating security incidents, ISO 27001 audits and hardening of various devices. He has also carried out rule-based auditing for firewall forensics as well as PCI dss audits.
KuluozBackdoor07242014

Artifacts of Kuluoz Backdoor

Kuluoz is a known botnet which was released mid 2012 and was known by different names such as weelsof, win32, Dofoil, etc. Kuluoz is usually spread by sending suspicious […]

HoneyEncryption07142014

Honey Encryption

Current Scenario

In today’s world, cyber criminals often use software to brute force passwords, and some may lead to successful attacks. Since there are many third party tools and high […]

DNS-Sinkhole06262014

Understanding DNS Sinkholes – A weapon against malware

Overview

DNS sinkhole or black hole DNS is used to spoof DNS servers to prevent resolving host names of specified URLs. This can be achieved by configuring the DNS forwarder […]

xmas-dot-jpg06182014

Sality Malware

During the last Christmas season, a phishing email with an executable named as greetings.exe was broadly sent, and when the email was executed, an image named ‘xmas’ was drawn […]

activeX06102014

Active X Exploitation

ActiveX is a framework created by Microsoft to extend the functionality of the Component Object Model (COM) and Object Linking Embedding (OLE) and apply it to content downloaded from […]

windowsBootProcess-04042013

Windows 7 Security Features

Windows 7 is an Operating System developed and released by Microsoft in 2009. It was designed to be a successor to the Windows Vista range of operating systems. Windows […]

DirtyDecrypter05142014

Hidden face of a Dirty Decrypter malware

The Dirty decrypter is a crypto ransomware; its intention is to encrypt the compromised user’s pictures, documents, videos etc making them unusable. The malware coerces you to pay large […]

remote-access-04242014

Remote Access Tool

Remote Access Tool is a piece of software used to remotely access or control a computer. This tool can be used legitimately by system administrators for accessing the client […]

InfoSecPol04162014

Information Security Policies

Organisations are giving more priority to development of information security policies, as protecting their assets is one of the prominent things that needs to be considered. Lack of clarity […]

cryptoLocker-fig104032014

CryptoLocker

Released in September 2013, CryptoLocker is a ransomware program that targets all versions of Windows, including Windows XP, Windows Vista, Windows 7, and Windows 8. This trojan encrypts almost […]

DNS-Tunnel03252014

DNS Tunnelling

You all know what DNS is, and I don’t think any more information is needed on it. Our Internet world exists due to DNS technology, and exploiting DNS can […]

Shylock03172014

Hunting Shylock

Malware analysis is not a new topic for security analysts, and all engineers are pretty aware of the process and procedures that need to be followed, which are neatly […]

ICMP-attack03122014

ICMP Attacks

ICMP stands for Internet Control Message Protocol and is the most used protocol in networking technology. A connectionless protocol, ICMP does not use any port number and works in […]

CAPTCHA-02122014

Limiting Automated Access

Automated tools are used to carry out many security attacks to online services. There are different protection mechanisms to narrow down such attacks and one such mechanism is the […]

ThreatIntelligence01282014

Reinventing Threat Intelligence

Effective threat intelligence is one major service that most companies offer to alert about the latest threats. Threat intelligence alerts about the latest threats, vulnerabilities, malware attributes, malicious IPs, […]

HuntingMalware01162014

Hunting Malwares

Every organization is keener in investing in security because they don’t want to lose their entire assets by negligence. Most organizations have information security officers who implement policies, model […]

forensic-windows12302013

Forensic Investigation on Windows Machines

Digital forensics is the process of identifying and collecting digital evidence from any medium, while preserving its integrity for examination and reporting. It can be defined as the discipline […]

clickjacking12062013

Hijacking Clicks

Introduction

Clickjacking or the UI redress attack is a relatively new type of malicious attack that targets mainly web applications. It works by superimposing a webpage over another existing web […]

bank-fraud-2013-12032013

Banking Frauds of 2013

Introduction

Technology has changed the way that we work and operate; the flood of advances that we see daily are mind-boggling in their variety and quantity. While technological advances are […]

cookies-11152013-x

Risk Associated with Cookies

,

Overview

The Internet is surely the best resource to gather any kind of information about products, shops, customer complaints, user experience, etc. Companies are trying to attract users’ browsing interest […]