Las Vegas has a tendency to overload all of your senses. Similarly Black Hat, too, has the effect of inducing information overload on nearly every participant.
Las Vegas has a tendency to overload all of your senses. Similarly Black Hat, too, has the effect of inducing information overload on nearly every participant.
Tags: malware, cybersecurity, phishing, sandbox, trends, threats, isolation, security, black hat
Cisco Threat Blog recently published information on the Rombertik Malware which takes a fair number of steps to evade sandboxes (not exactly rocket science), but goes even further to disrupt reverse engineering and analysis by malware experts. Fundamentally the Rombertik malware follows the well trodden exploitation life cycle:
Tags: malware, cybersecurity, blog, sandbox
According to researchers at Cisco, the Chanitor dropper malware is targeting enterprises via Phishing emails that purport to come from Microsoft Volume Licensing Center (MVLC). Interestingly the Chanitor is using Red Pill techniques to actively figure out if it's running inside of a sandbox and lies dormant up to 30 minutes before making active connections out to the Internet. Some interesting observations about Chanitor:
