18 June 2018

We developed a data-driven method for identifying, quantifying, and comparing ransom payments in the Bitcoin ecosystem from 35 ransomware families. The study was conducted in partnership with Bernhard Haslhofer from the Austrian Institute of Technology (AIT) and Benoît Dupont from the Université de Montréal (UdeM). It resulted in a paper that will be presented at the 17th Annual Workshop on the Economics of Information Security (WEIS2018) in Innsbruck, Austria, along other renown academic researchers. This blog post provides a quick summary of the methodology developed for tracing ransomware payments and the study's findings. 

June 30, 2017

A Wolf in a Suit

In the last few days, we closely followed the malicious software outbreak that took control of about 12,500 devices, mostly in Ukraine and Russia, demanding a $300 ransom from the infected device’s owner. Although this new attack is fascinating, we noticed that the associated stories quickly got out of hand.

April 26, 2017

A Bank VaultBeyond securing the infrastructure, how can one defend their applications against hackers? The answer is: the proper design of the application’s source code. There you have it: application security. Read more...

March 22, 2017

In this blog post, a new approach to help scanning for deserialization bugs with DNS exfiltration is presented. Along with the explanations, a scanning tool is released that could help both the defensive and the auditing teams in your enterprise.