Blog

23
Feb

Decompiling Excel Formula/Macro 4.0 files to understand their execution

Office malware has been around for a long time. In the past I’ve written several blogs [1,2,3,4] about the basics and beyond. In this blog we’ll focus on Excel Formula (XF) 4.0. I wasn’t too familiar with XF 4.0 before I started looking into it, so learn with me. With VBA macros you’ll find these easily by decompressing some streams and

Read more

19
Feb

Cloud as an Attack Vector

As cloud services have grown in popularity, they have also become a fertile ground for cybercriminals to launch attacks that stay under the radar. Attackers are taking advantage of the trust that users, organizations, and security vendors place in popular cloud services. This blog post provides examples of four key ways in which attackers abuse cloud services, for: Malware delivery

Read more

12
Feb

Pay or Lose Your Critical Data — Deep Analysis of A Variant of Phobos Ransomware

Xiaopeng ZhangFortinet’s FortiGuard Labs The Phobos ransomware family is fairly recent, only having been first spotted by security researchers in early 2019. But since then, it has continued to push out new variants that not only evolve attack methods, but also frequently change the extension name of encrypted files in past variants. And in its short history, its victims have often

Read more

3
Feb

How Threat Sharing Hones Your Competitive Edge

Michael Daniel is the President and CEO of the Cyber Threat Alliance (CTA), a US-based non-profit organization that enables cybersecurity providers to share threat information with one another in both automated and human-to-human fashion. Introduction The industry has talked about the concept of threat intelligence sharing for decades, yet it has struggled to adopt mechanisms that facilitate high-quality sharing at scale

Read more

18
Sep

AVAR Concludes First Online Conclave with 500+ Registrants

Chennai, 17th September 2020 – The Association of anti Virus Asia Researchers (AVAR) conducted today its first online AVAR Cyber Conclave – India 2020: A Virtual Cyber Security Meet, which had more than 500 registrants. This is the first online event conducted by AVAR which regularly hosts international cyber security conferences. AVAR is a platform for cyber security experts and organizations to

Read more

X