Blog

Unicorn Just Got Real: Malware Analysis

Analysis of the Dropped Malware

Name: v3k.exe

MD5: 74CE6CB9F8B983297F936936BCABC698

SHA1: B76B514707CD560F973DD66124D2C1101D75078A

SHA-2/256: 11F5F243E07BFD173F8EEC248ADF457540926CD7E0725381DA04C46E8C39A15B

The malware is a little different to that which is typically dropped from regular exploit kits and malware campaigns. The difference lies in the way in which this malware is packaged, and in its method of operation.

Having Your Virtual Cake and Eating It Too

Today’s continuously evolving threat landscape and the need for business continuity mandate the need to rethink security workflows. Robust virtual data centers and considerable computing power are the ingredients for a new approach to securing critical data. With an adaptive approach, mission and business functions can continue at the same time that malware is encapsulated and monitored.

Unicorn Just Got Real

Through the Cyber Advanced Warning System, NSS Labs is already observing reliable exploits for CVE-2014-6332 in the wild. Microsoft released security updates on November 11, 2014 to patch this vulnerability.

Technology of the Future: BDS Market Set to Explode

“Assume you have been breached” has become standard advice from information security professionals today. As organizations continue to be breached, the conventional approach to information security – in which layers of best-of-breed security technologies are used to protect an organization – is being challenged. Many organizations are beginning to acknowledge that in fact it is not possible to guarantee protection.

Add a Dash of Cloud for a More Robust Security Infrastructure

As the hype around cloud computing settles, and as organizations begin to evaluate solutions, the ability of security as a service (SaaS) solutions to improve security infrastructure becomes apparent.

All’s Well That Ends Well

In my previous blog about the Palo Alto Networks results in our recent NGFW test I expressed the hope that “Palo Alto Network executives will take this issue seriously and move quickly to protect their customers."

Seriously?

We don’t follow up every NSS Labs test with a blog response to a vendor, but after the fun and games following our recent BDS test, we find ourselves in a similar position. This time it is Palo Alto Networks blogging about our NGFW group test, the results of which were published last week and can be found here.

Web Application Firewalls: Not just for PCI anymore

Unlike most security technologies that attempt to identify a broad range of bad traffic by means of traditional detection methods, a web application firewall (WAF) is like a finely honed sword designed for a singular purpose: monitoring HTTP traffic between clients and web-servers. The payment card industry (PCI) accelerated the development of the WAF market since it provided a tangibly financial application of this technology. This made WAF a must-have in the arsenal of weapons for many of today’s security administrators.

Some systems getting BASHed, but the sky isn’t falling

It has been barely 6 months since the Heartbleed vulnerability was revealed, but just as the global security community has recovered from this vulnerability, one that is more prevalent – and potentially far more damaging – has emerged. The Shellshock vulnerability exploits a weakness in the Bourne Again SHell (BASH) that is native to (and often the default for) many Unix derivatives across the globe. While the extent of the damage has yet to be determined, it is highly likely that any services running on a Unix distribution are exposed.

Next Generation Firewall: Firedrill or Firestop

Next Generation Firewall (NGFW) technology has finally become a mainstay in the enterprise. End users are finding that NGFWs are no longer as limiting in their performance or capability trade-offs as they once were. In fact, in this most recent NGFW group test several vendors submitted products that exceeded 10Gb throughput under load, demonstrating that performance meets or exceeds that of many firewalls just a few years ago.

Pages

Go to top