Threat Research

It’s what we do.

Compromising Windows via Windows Update Drivers

August 24, 2015By Tyler Moffitt

  While at Blackhat 2015, I saw a very interesting presentation on compromising the Windows Update service (“WSUSpect – Compromising The Windows Enterprise Via Windows Update” – Paul Stone & Alex Chapman). The…read more

Why are we using biometrics as passwords?

August 10, 2015By Cameron Palan

After seeing a great presentation on newly discovered biometrics/fingerprint vulnerabilities (“Fingerprints On Mobile Devices: Abusing And Leaking”, by Tao Wei and Yulong Zhang) at Blackhat 2015, I have to wonder why we are…read more

Encryptor RaaS (Ransomware as a Service)

July 28, 2015By Tyler Moffitt

A new ransomware has emerged and its very similar to tox as it is created for hackers to easily design encrypting ransomware payloads to distrube from their botnets. Since the creator of Tox was selling…read more

WhatsApp Spam Emails Making a Comeback

June 1, 2015By Daniel Slattery

In 2013 we shared a series of blog posts about several WhatsApp scams making the rounds redirecting people to pharmaceutical sites and malware. In recent weeks we have seen that these scams have made a…read more

Rombertik

May 6, 2015By Tyler Moffitt

Yesterday in the news we saw a huge spike in the interest of the Rombertik malware. Rombertik infiltrates the computer through email phishing attacks that drop as a .scr screen saver executable that contains the malware that…read more

AlphaCrypt

May 4, 2015By Tyler Moffitt

We’ve encountered yet another encrypting ransomware variant and at this point it’s expected since the scam has exploaded in popularity since it’s inception in late 2013. This one has a GUI that is almost…read more

Fake Security Scams – 2015 Edition

April 27, 2015By Roy Tobin

New Year, Similar Scams In 2013,  I wrote an article talking about the popular Fake Microsoft Security Scams that were doing the rounds. As expected, these type of scams have continued to grow…read more

Lenovo Support Page Hacked

February 25, 2015By Richard Melick

In possible retaliation to the Superfish MITM software installed on Lenovo consumer machines, hackers looking to be representing Lizard Squad have hacked Lenovo’s support page through DNS hijack.  Currently, if you head to http://support.lenovo.com/us/en/product_security/superfish,…read more

true