22 March

In this blog post, a new approach to help scanning for deserialization bugs with DNS exfiltration is presented. Along with the explanations, a scanning tool is released that could help both the defensive and the auditing teams in your enterprise.

December 08, 2016

For those who missed it, here is the video of our BlackHat Europe 2016 presentation titled EGO-MARKET: When People's Greed for Fame Benefits Large-Scale Botnets...

November 23, 2016

roslyn

In the past six months, we have been working on a new static analysis tool for the .NET ecosystem called Roslyn Security Guard. It is a Visual Studio extension that analyzes C# code. It was first released at Black Hat USA this year. This article will cover the latest milestone reached which brings a new taint analysis mechanism and the introduction of automated code fixes.

November 02, 2016

Linux/Moose's Clever SchemeCybercrime is an evolving phenomenon and offenders are continuously adapting to find new techniques to monetize their illicit activities. Our research paper and upcoming BlackHat Europe presentation - EGO MARKET: When People’s Greed for Fame Benefits Large-Scale Botnets - is about Linux/Moose, a botnet that conducts social media fraud. This blog post is a summary of our paper.