Brian Wallace presents tool to optimize ssDeep comparisons.
Malware rarely comes as a single file, and to avoid having to analyse each sample in a set individually, a fuzzy hashing algorithm tool like ssDeep can tell a researcher whether two files are very similar — or not similar at all.
When working with a large set of samples, the number of comparisons (which grows quadratically with the set size) may soon become extremely large though. To make this task more manageable, Cylance researcher Brian Wallace devised an optimization to ssDeep comparisons.
This Throwback Thursday, we turn the clock back to November 2003, when spam was such a hot topic that VB decided to launch a dedicated 'VB Spam Supplement'.
While, today, spam is a problem that is generally very well mitigated, 12 years ago it was a subject of growing concern and was becoming of increasing interest to the AV industry, with a veritable stampede of AV vendors rushing to bring anti-spam solutions to market alongside their anti-virus products.
With volumes of unsolicited email growing almost by the day, there was great interest in the ways in which users were affected by it, so in November 2003, VB decided to launch the 'VB Spam Supplement', a section of Virus Bulletin magazine that would be dedicated to news and articles on spam and anti-spam techniques.
Aditya K. Sood and Rohit Bansal highlight a different side of an exploit kit.
Exploit kits are a serious plague on the Internet, made worse by the fact that the online advertisement ecosystem allows cybercriminals to run their malicious code on many websites. The kits are studied extensively by security researchers, who attempt to follow their development as the kits' authors try to make sure detection is evaded.
Today, we publish a paper by Aditya K. Sood (Elastica) and Rohit Bansal (SecNiche Security Labs), who look at another side of an exploit kit: the interface used by the malware authors who rely on exploit kits to get their malware installed on victims' machines.
This Throwback Thursday, we turn the clock back to March 2000, when DDoS attacks were a newly emerging menace.
Today, DDoS attacks are a well-known form of cyber abuse — indeed, even this week, Swiss encrypted webmail provider ProtonMail has been the target of a sustained DDoS attack.
In early 2000, however, DDoS attacks were far from common (even though the concept had been around for some time), so when, in February 2000, some of the Internet's largest websites including CNN, MSN, Yahoo and others were disrupted by DDoS attacks, the media went into overdrive with the story, describing 'cyber-attacks batter[ing] web heavyweights'.