Ransomware : Spreading and Prevention
Ransomware became the threats of the web. Learn how they work, their effects, and how to protect yourself from such malware.
Infected PDF: Extract the payload
Infected PDF: Extract the payload – Infected PDFs have always been a popular way to infect computers, learn how it malicious PDF files are built.
RunPE: How to hide code behind a legit process
RunPE: How to hide code behind a legit process – RunPE is a trick used by some malware to hide code into a legit process. Learn how to detect.
Of PUPs and other demons
PUPs (for potentially unwanted programs) are harmless by design, most of the time. Here we will study a case where such program behaves like a rootkit.
BHO: A spy in your browser
Internet Explorer extensions (BHO) are a very stealth way to inject code in a web browser. Learn how it works to better prevent further infections.
Userland Rootkits: Part 1, IAT hooks
Userland Rootkits explained. This is the first part of this rootkit writing tutorial in which we will detail the basics about userland rootkits.
KernelMode Rootkits: Part 3, kernel filters
KernelMode Rootkits explained. This is the third part of this rootkit writing tutorial in which we will detail the basics about kernel rootkits.
KernelMode Rootkits: Part 2, IRP hooks
KernelMode Rootkits explained. This is the second part of this rootkit writing tutorial in which we will detail the basics about kernel rootkits.
KernelMode Rootkits: Part 1, SSDT hooks
KernelMode Rootkits explained. This is the first part of this rootkit writing tutorial in which we will detail the basics about kernel rootkits.
Facebook scams: A look behind the scene
You’ve all seen Facebook posts shared by your friends with attractive titles, waiting for you to click. We’ve clicked for you, and you will be deceived.