Explained: WMI hijackers

This post describes how WMI hijackers work and why they are hard to find on an affected system. It also shows an example of such a hijacker called Yeabests after the domain it hijacks to.

Read more

A week in security (Sep 25 – Oct 01)

A compilation of notable security news and blog posts from September 25th to October 1st. This week, we discussed Komplex, that new Snap eyewear, a fake browser extension, more malvertising campaigns, and some little known truths about spoofing file extensions.

Read more

PUP Friday: Nikoff Security redux

Last Friday, I wrote about a set of 6 PUP apps by Nikoff Security. This week, there have been some new developments in the story, some good news and some bad news.

Read more

PUP Friday: Nikoff Security

My attention was drawn a few weeks ago to a group of 6 apps in the Mac App Store, all made by someone named Nicholas Ebner. I downloaded the apps and ran them through their paces, and quickly my suspicions were confirmed.

Read more

PUP Friday: MPlayerX

MPlayerX has been around for over 2 years. With it’s adware installer, adware, analysis avoidance behavior, and other PUPs calling it a PUP is a no-brainer.

Read more

Select your language