Havex RAT Authors Self-Sign Malware to Appear from IBM, 64-Bit Version Spotted

Start64!New infections with Havex remote access Trojan (RAT) have been discovered by security researchers, who observed that malware authors attempt to bypass detection by signing the threat themselves. The files with the spoofed digital signature attempt to pass as components created by IBM’s software division.

KIVARS With Venom: Targeted Attacks Upgrade with 64-bit “Support”

Start64!In announcing the release of the 64-bit version for Chrome last month, Google mentioned that one of the primary drivers of the move was that majority of Windows users are now using 64-bit operating systems. The adoption rate for 64-bit for Windows has been a tad slower than what Microsoft had initially predicted, but it has been steady, and it is evident in the availability of support by software developers.

64bit OSX hacking with Metasploit

Start64!In the previous articles I was describing how to install and run 64bit OSX in KVM (in this example it is Mountain Lion 10.8.2), now lest focus on some simple exercise in creating an installer via Iceberg which would contain a meterpreter payload and will get executed once installed on the host.

64-bit ZBOT Leverages Tor, Improves Evasion Techniques

Start64!Reports have surfaced that ZeuS/ZBOT, the notorious online banking malware, is now targeting 64-bit systems. During our own investigation, we have confirmed that several ZBOT 32-bit samples (detected as TSPY_ZBOT.AAMV) do have an embedded 64-bit version (detected as TSPY64_ZBOT.AANP). However, our investigation also lead us to confirm other noteworthy routines of the malware, including its antimalware evasion techniques.

Privatefirewall - 64bit support

Start64!New version! - The web may be free, but we all know that to safely bank online, buy music, software, or books, or even simply surf the web, there is a price to pay. To combat online threats, firewall, anti-virus and anti-spyware software have become essential investments for any home or business computer. These programs monitor and control system access and scan and remove your system of malicious or spying software.

New Xpiro Infectors Are Persistent and Can Infect Both 32-bit and 64-bit Files

Start64!A long time has passed since its authors improved it, but experts found that the latest versions of the Xpiro family of file infectors came with a series of interesting capabilities. According to Symantec researchers, the new Xpiro file infectors are persistent in nature. Secondly, they’re designed to infect both 32-bit and 64-bit executable files, particularly Intel 386 (32-bit), Intel 64 (64-bit) and AMD64 (64-bit) architectures.

Amazing difference between Antivirus false alerts on 32-bit and 64-bit builds of exactly the same tool

Start64!A few years ago, I wrote a Blog post about false positive problems that I have in many of my tools, and I received many responses from users and developers that experience the same problem. Today the false positive issues still exist, but it seems that people are more aware to the false positive problems, because I get less complaints about virus alerts in my software than what I have gotten in the past.

facebook-3 twitter-3 rss-3 email-3