Cobalt Strike 3.2, the third release in the 3.x series, is now available. The 3.2 release focuses on fixes and improvements across the Cobalt Strike product.
Emsisoft has announced the release of Emsisoft Anti-Malware 11 and Emsisoft Internet Security 11. Scanning has improved with better detection of ransomware, file-less malware, and threats which try to exploit script parsers and other host processes.
New infections with Havex remote access Trojan (RAT) have been discovered by security researchers, who observed that malware authors attempt to bypass detection by signing the threat themselves. The files with the spoofed digital signature attempt to pass as components created by IBM’s software division.
In announcing the release of the 64-bit version for Chrome last month, Google mentioned that one of the primary drivers of the move was that majority of Windows users are now using 64-bit operating systems. The adoption rate for 64-bit for Windows has been a tad slower than what Microsoft had initially predicted, but it has been steady, and it is evident in the availability of support by software developers.
In the previous articles I was describing how to install and run 64bit OSX in KVM (in this example it is Mountain Lion 10.8.2), now lest focus on some simple exercise in creating an installer via Iceberg which would contain a meterpreter payload and will get executed once installed on the host.
Back in December 2013, Kaspersky reported spotting a 64-bit version of the notorious ZeuS banking Trojan. At the time, experts revealed that the threat was relying on Tor in order to protect its command and control infrastructure.
Reports have surfaced that ZeuS/ZBOT, the notorious online banking malware, is now targeting 64-bit systems. During our own investigation, we have confirmed that several ZBOT 32-bit samples (detected as TSPY_ZBOT.AAMV) do have an embedded 64-bit version (detected as TSPY64_ZBOT.AANP). However, our investigation also lead us to confirm other noteworthy routines of the malware, including its antimalware evasion techniques.
New version! - The web may be free, but we all know that to safely bank online, buy music, software, or books, or even simply surf the web, there is a price to pay. To combat online threats, firewall, anti-virus and anti-spyware software have become essential investments for any home or business computer. These programs monitor and control system access and scan and remove your system of malicious or spying software.
Without a doubt, ZeuS is the most notorious banking Trojan in the world. However, until recently, the threat didn’t have a 64-bit version. Security researchers from Kaspersky say that the 64-bit ZeuS might have been compiled as early as April 2013, with the first samples being spotted in the wild around June.
Earlier this year, Microsoft announced several security bounty programs one of which was a bounty program for bugs in Internet Explorer 11. I participated in this program and relatively quickly found a memory corruption bug.
A long time has passed since its authors improved it, but experts found that the latest versions of the Xpiro family of file infectors came with a series of interesting capabilities. According to Symantec researchers, the new Xpiro file infectors are persistent in nature. Secondly, they’re designed to infect both 32-bit and 64-bit executable files, particularly Intel 386 (32-bit), Intel 64 (64-bit) and AMD64 (64-bit) architectures.
Those of us old enough to remember the Twitpocalypse of 2009 know how close Twitter came to utter destruction. Not that close, it turned out. Surprisingly, it seems that bloggers and journalists alike made it sound like a much bigger problem than it was, much like the Y2K bug before it.
After almost two years without a significant update, you might have been forgiven for thinking that rootkit detector GMER was on its way out. Version 2.0 has just been released, and it’s the most important GMER update for a very long time.
64-bit versions of Microsoft’s very own Windows operating system are expected to face a new wave of attacks next year, especially from more advanced malware specifically developed for this type of platform.
A few years ago, I wrote a Blog post about false positive problems that I have in many of my tools, and I received many responses from users and developers that experience the same problem. Today the false positive issues still exist, but it seems that people are more aware to the false positive problems, because I get less complaints about virus alerts in my software than what I have gotten in the past.