SophosLabs

@SophosLabs

A global network of highly skilled analysts, protecting customers from known and emerging malware, ransomware, exploits, and evildoers everywhere

Global
Vrijeme pridruživanja: listopad 2008.

Tweetovi

Blokirali ste korisnika/cu @SophosLabs

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @SophosLabs

  1. Prikvačeni tweet
    27. sij

    How can the CVE-2020-0601 (Chain of Fools and Curveball) vulnerability be abused? Our PoC video shows you how the vulnerability can be used to fool crypt32 into believing a certificate has been signed by a trusted root certificate authority when it hasn’t.

    Poništi
  2. 31. sij

    The SophosLabs Offensive Security team answers your questions on how to mitigate the CVE-2020-0601 (aka Chain of Fools and Curveball) vulnerability in the latest SophosLabs Uncut article. See the article here:

    Poništi
  3. proslijedio/la je Tweet
    29. sij

    2\ I've put a PoC powershell logistic regression rule up at the github link. Idea here is by Yara-ifing ML we make ML more transparent--the ML logic is right there in the text. And we allow blue teams to mix and match ML rules with signatures, and quickly swap in new models.

    Prikaži ovu nit
    Poništi
  4. 30. sij

    There are two ways the CVE-2020-0601 (aka Chain of Fools and Curveball) vulnerability can be abused. See more in the article here:

    Poništi
  5. proslijedio/la je Tweet
    29. sij

    1\ I've written a little compiler to ship ML models as standalone Yara rules, and done proof of concept detectors for Macho-O, RTF files, and powershell scripts. So far I have decision trees, random forests, and logistic regression (LR) working.

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    30. sij

    Large scale malware similarity visualization work by , myself, and others. We built a prototype set of analytics and accompanying GUI to accelerate malware analysis over many samples, and did a user study showing efficacy.

    Poništi
  7. 29. sij

    The SophosLabs Offensive Security team is answering your questions on the CVE-2020-0601 (aka Chain of Fools and Curveball) vulnerability. Read the article here:

    Poništi
  8. 28. sij

    To address the many questions we’ve received over the past week, we’ve done a question and answer session with members of the SophosLabs Offensive Security team on the CVE-2020-0601 (aka Chain of Fools and Curveball) vulnerability. Read the article here:

    Poništi
  9. 27. sij

    We're answering your questions about the CVE-2020-0601 (aka Chain of Fools and Curveball) vulnerability in the latest SophosLabs Uncut article. Read the article here:

    Poništi
  10. proslijedio/la je Tweet
    24. sij

    (1/2) Latest work on malware description and file similarity via NN embeddings AI. TL;DR: train NNs to annotate malicious files with descriptive tags via joint embedding, and measure malware similarities in the resulting latent space.

    Prikaži ovu nit
    Poništi
  11. 20. sij

    How can you spot apps? One way is to look for high install counts and suspiciously positive reviews... One-to-three word, five star reviews have a propensity to be “sockpuppet” reviews. Read the SophosLabs Uncut article here:

    Poništi
  12. 17. sij

    More on : Confusing things even further, some of the apps prompt users to pay for a monthly subscription rate on one screen, and a much different, weekly rate on another screen. Read the SophosLabs Uncut article here:

    Poništi
  13. 16. sij

    charges excessive amounts of money for apps if users don’t cancel a “subscription” before the short free trial window closes. The app below displays daily horoscopes for $69.99 a week, which adds up to an annual price of $3,639.48 More:

    Poništi
  14. proslijedio/la je Tweet
    15. sij

    This goes to show that the "Verified by Play Protect" and the shield next to it is just an opinion and not a guarantee. Just because an app is on the official app store doesn't mean it's safe to install.

    Poništi
  15. proslijedio/la je Tweet
    15. sij

    None of my payment cards are contactless. For those who have 2 or more of them, do you keep them both in your wallet, and if so, what happens when you try to pay by waving your wallet at the RFID reader at point-of-sale? Does one card preferentially get used?

    Poništi
  16. proslijedio/la je Tweet
    16. sij
    Poništi
  17. 15. sij

    On : The total number of installations of these apps, as reported on Google’s own Play pages, is high: nearly 600 million in total, across fewer than 25 apps. Read the SophosLabs Uncut article here:

    Poništi
  18. proslijedio/la je Tweet
    14. sij

    This is just tip of iceberg, there are many more subscription scam apps, for ex: just aging/face scan theme has following on play store

    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    14. sij

    The latest from : "Fleeceware remains a problem on Google Play, where Android users still run the risk of being charged hundreds of dollars or euros for “subscriptions” to apps"

    Poništi
  20. proslijedio/la je Tweet
    14. sij

    NEW research: Since we first reported on the Fleeceware phenomenon back in September, we've seen many more Fleeceware apps appear on the official Android app store... Read the SophosLabs Uncut article here:

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·