Lastline Labs

Party like it’s 1999: Comeback of VBA Malware Downloaders [Part 3]

Posted by Clemens Kolbitsch on 11/10/16 2:25 PM

Authored by:  Clemens KolbitschAlexander Sevtsov, and Arunpreet Singh

Read More

Topics: Lastline Labs, lastline, vba, vba downloaders

Party like it’s 1999: Comeback of VBA Malware Downloaders [Part 2]

Posted by Alexander Sevtsov on 10/6/16 11:02 AM

Authored by: Alexander Sevtsov and Arunpreet Singh

Find more details on this series in Part 1 and Part 3.

Read More

Topics: Lastline Labs, lastline, vba, vba downloaders

Party like it’s 1999: Comeback of VBA Malware Downloaders [Part 1]

Posted by Alexander Sevtsov on 8/31/16 12:22 PM

Authored by: Alexander Sevtsov and Arunpreet Singh.

Find more details on this series in Part 2 and Part 3.

Read More

Topics: Lastline Labs, lastline, vba, vba downloaders

Lastline: It’s as easy as A-P-I

Posted by Dr. Giovanni Vigna on 4/18/16 9:19 AM

Lastline’s solutions analyze network traffic, programs, documents, and other artifacts to identify and block advanced malware in enterprise networks.

In order to be able to easily integrate its functionality in the security workflow of the enterprise, Lastline products provide access to their functionality through APIs.

Read More

Topics: Lastline Enterprise, Integration, Lastline Labs, APIs

Three interesting changes in malware activity over the past year

Posted by Dr. Christopher Kruegel on 3/31/16 5:00 AM

Every day, our Lastline sensors observe millions of files that our customers download from the Internet or receive as email attachments. These files are analyzed and, in many cases, executed or opened inside our sandbox. The sandbox is a secure, instrumented analysis environment where we can safely look for interesting behaviors that indicate bad intentions and outright malice. 

Every once in a while, we take a step back and look at the malicious behaviors that we have seen. Malware authors always look for new ways to make money, get access to sensitive data, and evade detection. They introduce new behaviors, refine ideas that they have tried in the past, and add tricks to bypass security controls. By looking over the data collected over the last year, we discovered a few interesting trends that show some of the directions that malware authors take. In this research note, we discuss three findings that struck us as interesting and worth reporting. As a forth bonus item, we also revisit evasive behaviors, something that we have been tracking for many years.

Read More

Topics: Evasive Malware, Bank Malware, Lastline Labs, Banking Trojan, Browser Modification, Code Signing

Subscribe to Email Updates