鑑識分析挑戰 6:分析惡意編碼 PDF 檔案

鑑識分析挑戰 6:分析惡意編碼 PDF 檔案 - (由來自馬來西亞團隊的Mahmud Ab Rahman和Ahmad Azizan Idris提供) 利用含惡意編碼 PDF檔案進行的典型攻擊。
Read more »

Waledac's Anti-Debugging Tricks

The last spreading malware version of Waledac, a notorious spamming botnet that has been taken down in a collaborative effort lead by Microsoft earlier this year, contained some neat anti-debugging tricks in order to make reverse-engineering more difficult. Felix Leder and I have been presenting about the approach at SIGINT 2010 in Cologne yesterday, and as the method seems to be not publicly known yet, I will quickly describe it here as well. Read more »

A view on Conficker's inside

Many people have asked us, how Conficker looks like. That's a tough question for something that's hidden and tries to be as stealthy as possible. The last time somebody asked me: "Can you show me Conficker?", I decided to visualize Conficker. Here is a little video that shows the evil core of Conficker.C.
  Read more »

Syndicate content