To start, you’ll need your MetaDefender Cloud API key ready. You can sign up for MetaDefender’s free API key at opswat.com.  You can download the latest extension DLL and configuration file from our Github repo, consisting of MetaDefenderXTension.dll and mdconfig.txt. Save the DLL and the text file locally in the same folder you will remember.

Vulnerability scanners assist in the identification and detection of vulnerabilities arising from misconfigurations or insecure coding within a network-based asset, such as a firewall, router, web server, application server, etc. Modern vulnerability scanners are typically available as SaaS (Software as a service), provided over the internet and delivered as a web application. The modern vulnerability scanner often has the ab...

One of the latest trends in penetration testing and malware development is to weaponize the so-called Living Off the Land Binaries and Scripts (LOLBAS), i.e. scripts and binaries normally installed by default in Microsoft Windows. Attackers and pen testers have long relied on LOLBAS techniques, but there seems to be a resurgence of interest. Some built-in Windows binaries may support functionalities potentially allowing for co...

As we all learn to deal with this new, temporary norm, we must not sacrifice our convictions for strong cybersecurity. Hackers are currently taking advantage of the overnight vulnerability of panic and impulse decision making that arose with the novel coronavirus. By being proactive and thoughtful in our decision making, organizations and individuals can and will rise above this challenge. Although it can seem daunting during...

Today’s malware authors and exploit developers have automated methods of obfuscating their software, When these techniques are combined with other techniques (such as encryption and packers), they make automated and manual analysis very difficult. Static detection and blacklisting signatures are highly ineffective. YARA rules based on static signatures of assembly instructions can be easily circumvented by a tool like O-LLVM....

However, sometimes the answer to this question cannot be so clear-cut. Much depends on how valuable the information being held for ransom is for the organization and on how much downtime an organization can afford.

The executive’s laptop had the very latest version of a cloud-based, next-generation antivirus endpoint detection and response software, which is likely very good at stopping the majority of attacks and threats his organization might face. Unfortunately, these systems still rely on signatures and known TTPs (tactics, techniques, and procedures) to protect the user and even heuristics will not guarantee detection.

To sniff Wi-Fi, we use Alfa USB Wi-Fi adapter which connects to laptop via USB. For longer range sniffing, the 16 dBi Yagi antenna can be connected to the Wi-Fi adapter, and then to the laptop.

Today, much of the malware still operates via the same concept of infecting machines and spreading throughout networks. Due to this, it only makes sense to approach malware at its genetic level in order to find relationships, origins, and leads that may aid in investigations of malware and threat actors, and add value to organizations that are trying to defend against various types of threats. Polito has tested a tool called I...

Speakers at the event were CEOs and Managing Directors from companies such as, Accenture Federal Services, RunSafe Security, George Mason University, and the Sovrin Foundation. Starting us off, Ira A. (Gus) Hunt, Managing Director and Cyber Strategy Lead of Accenture, covered an interesting topic of Cyber Resilience and how there is no such thing as absolute security. He asserted that it is the job of each Cyber Security compa...