We’ve recently been conducting some reverse engineering and vulnerability analysis on an Anti Virus (AV) product and wanted to attach Rohitab API Monitor to one of the AV’s running processes so that I could log the Windows API function calls in order to better understand how the AV was implemented. The AV in question was […]
Author Archive for: Tom Wilson
About Tom Wilson
This author has yet to write their bio.Meanwhile lets just say that we are proud Tom Wilson contributed a whooping 11 entries.
Entries by Tom Wilson
In the last few days, Nettitude’s threat intelligence platform has picked up a mass phishing campaign – involving the distribution over nearly two million individual emails – targeting HMRC customers. The attackers attempt to obtain personal details by directing the user to click a link in the e-mail, which then redirects them to a compromised […]
Overview Two years after first gaining notoriety, the Pony Botnet remains very active. The malware is primarily targeted at the theft of user credentials from applications such as web browsers and email applications, for example, Outlook. Pony is also capable of stealing a victim’s bitcoin wallet. A typical attack is executed through the use of […]
At Nettitude we collect a large amount of malware binary samples, both from our Honeypot network, from our customers and from incident response. One of the first steps we take is to calculate the MD5 hash of the malware and compare this hash to known samples, while unknown samples can be examined further by an […]