Tales from the Crypter: Thwarting Malware Obfuscation with Threat Emulation

 
Summary Malware writers employ a variety of specialized obfuscation techniques to render known malware invisible to existing antivirus defenses. These techniques, known as “crypting,” enable malware writers to create unknown variants of proven, highly effective malware that evade AV detection and extend the reach of existing bot infrastructure. Check Point Threat Emulation recently demonstrated that not all defenses are so easily evaded when it detected and blocked a crypted and previously unknown malware variant designed to deliver the DarkComet remote administration tool (RAT). Although this sample was able to evade most AV solutions, Threat Emulation was able to reveal it and ...

Malware Evolution: PC-based vs. Mobile

 
2012 signified the year where people started seriously thinking about mobile security and asking: how do we handle this new threat? The question was not merely one asked by uber-defense agencies (think back to Obama’s 2008 election and the debate surrounding the security of his Blackberry), but got the whole security industry thinking. A quick look at the multitude of 2013 predictions security trends published by the different vendors shows the rising concern regarding both cyber targeted attacks AND mobile threats. Mobile security and targeted attacks are already receiving the attention of the main press. The NYTimes featured in August the uncovering of ...