Malware Manual Unpacking – [Custom + UPX]

SHA-1: 1E6CF952D9F0D507A6AA98AD2B3327B83702BC17 Introduction Implementing all sort of methods to bypass anti-virus (AV) scanners and/or to make the analysis of a malware sample a lot harder, at least from a static point of view, is an old dog’s trick. At Nettitude, we see a lot of these techniques in evidence in malware that we come across […]

Vulnerability discovered in unsupported Cisco Systems VPN Client

Mitre assigned CVE-2015-7600 Introduction An alternative, but no less accurate title to this article would be ‘why you shouldn’t stick with non-supported software’. On the 30th of July 2014, the widely used Cisco Systems VPN Client v5.x went out of support. Unfortunately announcing the end-of-life support for a software product doesn’t necessarily mean that whoever […]

Reducing The Attack Surface: A Human Error Perspective

The efforts required for a successful cyber-attack do not match the efforts that are invested to build a successful business. It only takes one human error to reduce many years of hard work to dust. Verizon research suggests that in 60% of breach incidents, it only takes minutes for the attacker to be successful. In […]

Cyber Fighting Power – Who Has The Upper Hand?

Reading through the British Army Military Doctrine manual the other day (as you do!) the concept of Fighting Power in the context of cyber warfare got me thinking. How could a traditional approach from a historically renowned army be applied to the cyber world? Cyber, or the internet – if we remove the hyped buzz […]

The Ashley Madison Saga Continues

On July 15th news articles began to appear, claiming that the one of the world’s most controversial online dating sites “Ashley Madison” had been compromised. As the story developed, more information became available including a demand, apparently issued by the hackers known as “The Impact Team”. This demand called for Avid Life Media (the company […]

Nettitude Uncovers WordPress Vulnerabilities

Nettitude has recently observed multiple attacks utilising existing and known vulnerabilities in the WordPress blogging and publishing platform. The issue, described in the accompanying threat advisory, allows an attacker whom is able to post content to a WordPress installation, such as via a comment or blog entry, to craft a message that will bypass data […]