Introduction This research began with finding a simple malware sample to extract strings for an unrelated topic. In my day-to-day malware analysis workflow, I stumbled upon a JavaScript (JS) file with what I would call trivial obfuscation. I knew it was malware but wanted to understand the infection chain. After some cleanup, I understood it to be a downloader of an … [Read more...]
Learning JavaScript: A Few Days In
It’s time to put my own words into action and take on a new endeavor: learn JavaScript (JS). Previously, I wrote about What to Know About Programming Languages, which details a way to break into coding. Continuing with the Python narrative, I will compare what I’ve learned from JS so far to what I know about Python. Also, JS is a scripting language such as Python is, … [Read more...]
Bart Ransomware – Daily Security Byte EP. 280
You might be sick of ransomware, but that won't stop criminals from releasing new variants. Bart is the latest extortion malware that arrives as a zipped JavaScript file. Watch Monday's Byte for a Firebox tip on how you might avoid this new threat. (Episode Runtime: 3:03 Direct YouTube Link: https://www.youtube.com/watch?v=20VCvOgML-0 EPISODE REFERENCES: Locky attackers … [Read more...]
Tool Tip: ScriptSafe – Daily Security Byte EP. 276
In today's video I share a quick security tool tip. NoScript is one of my favorite security extensions for Firefox, as it can help block web-based attacks. Unfortunately, it doesn't work with other browsers. In the episode below, I cover ScriptSafe, a NoScript like extension for Chrome. (Episode Runtime: 2:25 Direct YouTube … [Read more...]
Mobile DDoS from China – Daily Security Byte EP.151
A hosting and security company discovered attackers leveraging mobile devices in China to launch a DDoS attack against one of its customers. Watch today's video to learn how this DDoS attack is unique, and what you can do to prevent your computer from becoming a pawn in some criminal's attack. (Episode Runtime: 2:50) Direct YouTube … [Read more...]