2014 Articles
13 DEC 2014
Added the following packs: Null Hole, "Hanjuan EK", "Archie EK", "Astrum EK"...
6 DEC 2014
The cybercriminals behind Poweliks implemented two clever techniques in...
26 NOV 2014
Cybercriminals are now stealing password managers so it's time to make them more...
2 NOV 2014
There's a lot of sites covering this vulnerability but I wanted to document some...
5 OCT 2014
No significant updates, just several enhancements and bug fixes to four tools...
23 SEP 2014
Back in 2011, I took a look at several tools used to deobfuscate Javascript...
12 SEP 2014
I recently read the Anti-Phishing Working Group's 2Q 2014 report and saw the number...
20 AUG 2014
Like many of you, I've been looking at the various NSA document leaks to see what...
25 JUL 2014
Added the following packs: RIG Exploit Kit, Niteris aka "CottonCastle", "Snet"...
11 JUL 2014
A reader sent me two PHP scripts because the PHP Converter program I wrote wasn't...
1 JUN 2014
Occasionally people send me PHP scripts to help them analyze it. Most of the time...
23 MAY 2014
VirusTotal is showing 0 out of 51 for RIG EK's SWFIE exploit. Here's a really quick...
12 MAY 2014
A new exploit pack has been marketed in the underground since last month and appears...
6 APR 2014
The "8x8" script I'm referring to includes a link that looks like this...
5 APR 2014
sorry this is so late. added the following packs: "Zuponcic", Infinity (aka "RedKit"...
5 APR 2014
I only stumbled on this at the middle so I don't know how this is being targeted...
25 MAR 2014
Here's another tool that you might find useful when analyzing potentially infected...
17 FEB 2014
The latest version includes several new features and bug fixes...
11 FEB 2014
The use of XOR encryption to keep anti-virus, web filters, and even researchers...
8 FEB 2014
Cybercriminals are constantly thinking up new ways to redirect unsuspecting visitors...
6 FEB 2014
I've been noticing obfuscated Javascript using a function that returns the deobfuscated...
30 JAN 2014
I've been researching that fake Adobe Flash update and Neutrino EK redirect that...
12 JAN 2014
While I was testing a Pinpoint update, I found a sneaky method to redirect...
9 JAN 2014
Exploit packs are normally set up on a hacker-controlled server. Compromised websites...
7 JAN 2014
"RedKit" was once a thriving exploit pack then faded away leaving behind artifacts...
2 JAN 2014
There are many times where I come across a drive-by download, especially malvertisements...
