Compromising Windows via Windows Update Drivers

August 24, 2015By Tyler Moffitt

  While at Blackhat 2015, I saw a very interesting presentation on compromising the Windows Update service (“WSUSpect – Compromising The Windows Enterprise Via Windows Update” – Paul Stone & Alex Chapman). The…read more

We analyze Cryptobot, aka Paycrypt

November 7, 2014By Tyler Moffitt

Recently during some research on encrypting ransomware we came across a new variant that brings some new features to the table. It will encrypt by utilizing the following javascript from being opened as an attachment…read more


August 14, 2014By Tyler Moffitt

Recently in the news we saw FireEye and Fox-IT provide the ability to decrypt files encrypted by older crpytolocker variants. They used the command and control servers seized by the FBI during operation Tovar….read more

Cryptolocker is not dead

July 17, 2014By Tyler Moffitt

Recently in the news the FBI filed a status report updating on the court-authorized measures to neutralize GameOver Zeus and Cryptolocker. While the report states that “all or nearly all” of the active…read more

All About Windows Tech Support Scams

May 1, 2014By Adam McNeil

*Editors Notes:  The purpose of this research was to see exactly how this scam is carried out, and the extent to which it is done.  DO NOT TRY THIS AT HOME. We used…read more