Most new articles on high profile cyberattacks call these attacks sophisticated, but are they really? At the RSA 2015 conference a few days ago, researchers Ira Winkler and Araceli Treu Gomes, wrote ‘the Irari rules for declaring a cyberattack sophisticated’. The summary article can be found here, and the conference slide pack here. The main message is … Continue reading What makes malware “sophisticated”?
Month: April 2015
Malware Steganography
6 years ago (yikes!) I wrote about image steganography as a concept. At the moment there are a couple of pieces of malware that use steganography, such as Vawtrak (aka Neverquest) and ZeuS, to hide the command and control servers (C&C) or configuration files in images. This means that the malware does not need to contain a … Continue reading Malware Steganography