Virlock is a polymorphic, file-infecting ransomware. It deploys an impressive triple-instance attack strategy and a location-specific ransom screen threatening users with fake legal action. Our Threat Research team recently analyzed this threat to unpack exactly how it bypasses signature-based antivirus solutions.
This blog shares a methodology used to develop Hex-Rays' Interactive Disassembler (IDA) signatures created as part of pre-analysis for a recently published APT28 sample. This will allow an analyst to focus on the malicious code while disregarding the statically linked Poco framework functions.
Sodinokibi is a new ransomware that has infected thousands of clients through managed security service providers (MSSPs). This paper contains fresh analysis of a Sodinokibi sample uncovered by the BlackBerry Cylance threat research team.
In this week’s episode of the InSecurity Podcast, Matt Stephenson chats with Cheryl Biswas about why the time was right to co-create 'The Diana Initiative' - an organization with a mission to encourage diversity and support women who want to pursue careers in information security, and to promote diverse and supportive workplaces.