It is pretty usual when you try to analyze some malware that does not run in virtual machine or emulator. Using usually very well known tricks it can prevent itself from being analyzed. But what if it does not run even on real computer? The following sample, part of the zbot family, uses volume CLSID […]
Adobe’s head of product security, Brad Arkin, published a very interesting post on Thursday. As it turns out, one of Adobe’s build servers was compromised and was used to create malicious files with Adobe’s digital signature. Inappropriate Use of Adobe Code Signing Certificate: According to accompanying Security Advisory, there are two “utilities” using three files. […]
I’m sure some of you verify SSH fingerprints before you use a SSH server for the first time. You obtain the fingerprint via another channel, and you compare it with the fingerprint your SSH client presents you.But have you done this with Cisco devices too? Recently I tried to obtain the SSH fingerprint of a […]
Latest Comments