The Problem of Data Loss Intelligence

Data Loss Intelligence (DLI) concerns the information that is available to you when your data has been compromised. It’s distinct from Data Loss Protection (DLP) technologies, which are more concerned with preventing your data being compromised in the first place. Think of DLI as your last line; it tries to let you know when DLP […]

Context Triggered Piecewise Hashing To Detect Malware Similarity

At Nettitude we collect a large amount of malware binary samples, both from our Honeypot network, from our customers and from incident response. One of the first steps we take is to calculate the MD5 hash of the malware and compare this hash to known samples, while unknown samples can be examined further by an […]

Shellter – A Dynamic Shellcode Injector

Recently, Shellter has been added to the official repository of Kali Linux. This is a very important milestone in the course of development for this project. Since there are not many tools that can be used to assist penetration testers evading anti-virus (AV), we decided to write a few words about it. What is Shellter? […]

The Prestige in Malware Persistence

Introduction Just like in magic tricks, a malware infection very often consists of three parts or acts. Paraphrasing the following narration from the film “The Prestige (2006)” gives an idea of what we are going to talk about. “Every malware infection consists of three parts or acts. The first part is called the pledge; the […]

VoIP attacks are on the rise, particularly in the UK, according to new research by Nettitude

Voice over IP (VoIP) infrastructure has become more susceptible to cyber attacks in recent years due to the proliferation of both its use and the tools that can be used for malicious purposes. During the first quarter of 2015, our security researchers have observed a large amount of VoIP attacks worldwide; however, the majority were […]

Malware Is Changing Daily! Are You Still Protected?

A look at recent malware techniques One of the biggest challenges in detecting and protecting against malware is that attackers continually change their techniques and behaviours. We have observed some interesting activities recently that are worth discussing in more detail. Office macro security bypass  Traditionally, when malware is embedded into Microsoft Office documents, it will […]