As mentioned in our previous1 report about VPNFilter malware, the rst stage implant relies on connecting either to one of 12 hardcoded Photobucket URLs or the Toknowall website to fetch an image that had been specially crafted to contain an encoded form of the command-and-control server’s IP address. The stage one sample extracts the address from the image’s EXIF metadata.

A technical investigation of the malicious components involved in the attack that infected over 500,000 routers and network storage devices

Cyber thieves are using aggressive ad platforms more and more to monetize free Android apps. The number of such apps in this disturbing trend finding their way into Google Play continues to grow every day. Find out more about these dangerous apps and what you can do to avoid them.

On the surface, it looked like a helpful toolbox app. But Super Clean Plus hid malicious intentions.

So what exactly is an adversarial autoencoder, and why might you want to use one? They are a clever idea leading to a flexible and general framework for a lot of interesting tasks. Take a deeper dive into AAEs in this paper.

As the year 2016 began, a ransomware threat appeared that attacked its victims unlike any previous ransomware attack. SamSam, named after the filename of the earliest sample we uncovered, uses a brutally minimalist, manual approach to target and compromise victims.