We have discovered a new malware addressed to the Vietnamese government sent via email. Discover all the details in the full report.
News & Events
Investigation reports on Security Failures
Our objective is to go one step ahead of the attackers. At ElevenPaths we believe in securing the future, based on a labor of through research. For this reason, we continuously assess the current state of security from our Lab area, perfectly coordinated with our intelligence analysts – a feature that must be always present in technology.
Here you will discover from our experts about new security failures and attack methods, as well as get some piece of advice to safely browse in the Internet.
Rock Appround the Clock: Traking Malware developers by Android “AAPT” Time Zone Disclosure Bug… and Other Hour-related Tricks
Know the research that we presented last DefCOn about taking advantage of this kind of “time zone” bugs for tracking Android malware developers.
We have spotted an enhanced Brazilian banking trojan, through using a new technique to bypass the SmartScreen reputation system and avoid detection in Windows.
Our presentation in the Black Hat: Breaking Out HSTS (and HPKP) on Firefox, IE/Edge and (possibly) Chrome
As a side effect of the investigation in HSTS, HPKP, certificate pinning and TLS technologies, we have found some interesting weaknesses in the way in which Firefox, Chrome and IE/Edge implement both of these mechanisms: HSTS and HPKP.
What would you expect to find in the computers, which belong to terrorist groups? Read the second part of the post about Bin Laden hard drives.
What would you expect to find in the computers, which belong to terrorist groups? On 2017 the CIA made public materials; these were recovered from a raid which took place on 2nd May 2011 at Bin Laden’s complex and we
In this discover, we identify a peculiar (at times paranoid) story of a chain of text which turned out to be interestingly, a network signature of malicious traffic.
We discover that the WannaCry ransomware author likes footbal, is not ambitious and writes in Korean language on Word. All the details of the investigation here.
ElevenPaths’ discover, together with Kaspersky, uncovers several malicious applications on Google Play
Discover how the latest fraudulent apps campaigns on Google Play that subscribes users to special rate numbers are operating.
Did you know that traditional security solutions are not enough to tackle samples which are very fresh and which could be related to targeted attacks? Download our latest research and find out more information!
One of the main challenges for an attacker is always the gathering of information concerning the victims computer while keeping a low profile so the attacker cannot be found or traced while doing it or anytime later.
Did you know that malware samples that use email services as covert channels for data exfiltration are becoming part of advanced persistent attacks?
Did you know that Gmail is being used as C&C to exfiltrate corporate information?
Did you know that browsing through Tor is not enough to guarantee anonymity? At ElevenPaths we found out that some gateways linked to the contents of the TOR network may disclose your identity.