Explained: YARA rules

YARA is a tool that can be used to identify files that meet certain conditions. It is mainly in use by security researchers to classify malware.

Read more

Explained: False positives

False positives are alarms for non-specific files or behavior that is flagged as malicious, while in fact there were no bad intentions present.

Read more

Facebook worries: I didn’t post that

What could have happened when you find Facebook posts or messages that you didn’t post or send? And what are the actions you can take to prevent further abuse?

Read more

Explained: digital forensics

Digital forensics is different from cyber-security as it deals with the problem when it’s too late for precautions. It’s the science of figuring out what happened just before and after a breach.

Read more

Adware the series, the final: Tools section

The final episode of our adware series talks specifically about the tools that we use in identifying adware and the places where it lurks on a system.

Read more

Explained: Bayesian spam filtering

Bayesian spam filtering is based on Bayes rule, a statistical theorem that gives you the probability of an event. In Bayesian filtering it is used to give you the probability that a certain email is spam. The name Named after the statistician Rev. Thomas Bayes who provided an equation that basically allows new information to…

Read more

Explained: Environmental variables

This post is intended to make readers aware of the existence and use of environmental variables. A windows feature that is often only known to programmers and other advanced users.

Read more

Hosts file hijacks

The hosts file is the internet variant of a personal phonebook. We discuss a few malware variants that replace or change that phonebook, so you end up calling the wrong sites. The ones they want you to call.

Read more

Surfacing HTA infections

We show two examples of HTA induced infections we have seen recently. Nothing fancy, but feel free to consider it a general warning, that malware authors are expanding the number of file extensions they are using, to spread their payload.

Read more

Intentional security holes

Sinkholes and watering holes are two words not automatically associated with computer security, yet they are in use to describe two tactics that are used in this field.

Read more

Select your language