The Latest in IT Security

Posts Tagged ‘thread context’

During the last couple of weeks I’ve come across three malware samples packed using compiled AutoIt scripts, so I decided to explore the connection between AutoIt and the malware world. I took the latest 50 samples marked as AutoIt that were submitted to the free scanning site VirusTotal.Here are the statistics: 11 wrongly classified as malware. Four […]

Read more ...

In previous post, my colleague talked about new way to inject virus codes into other normal processes in order to bypass firewall’s detection. During the continuous research of ZeroAccess, we found there’re some improvements for this series of anti-detection and anti-debug methods. And what’s most interesting is ZeroAccess seems to really like lsass.exe. It often […]

Read more ...

24
Sep
2011

Injecting code to system process is common way malware use to avoid being detected by antivirus engine, but now we found a brand new way of such injection. According to the samples we received, they are based on command lines, so we guess this way still remain in demo stage, but we think it may […]

Read more ...


Categories

THURSDAY, MAY 28, 2020
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments