Results for threat analysis

Threat Research

CVE-2020-0796 Memory Corruption Vulnerability in Windows 10 SMB Server

Microsoft recently released a patch for CVE-2020-0796, a critical SMB server vulnerability that affects Windows 10. In this blog post, we attempt to explain the root cause of the CVE-2020-0796 vulnerability and protections customers can apply.

By Yijie WangMarch 12, 2020

Threat Research

What's cooking? Dridex’s New and Undiscovered Recipes

Because of the recent outbreak of the Locky ransomware, Dridex has become synonymous with the distribution of ransomware more generally. However, Dridex is still taking good care of its notorious original business– banking Trojans. While preparing the materials for my upcoming HITBAMS2016 talk on Kernel Exploit hunting and mitigation, I came across this new variant of Dridex (SHA1: 455817A04F9D0A7094038D006518C85BE3892C99), which is rather interesting. The Master of Antivirus Killers Based on some simple string checks, we assumed...

By Wayne Chin Yick LowMarch 23, 2016