How your VPN can be a front door access to your system
Tld;dr: double check your local software firewall settings while using commercial VPN! Introduction VPNs are used by different people for different purposes. Some use it …
Read moreHow companies can stop most RAT attacks – spoiler alert, enforce HTTP proxy
RATs (Remote Admin Tools a.k.a Remote Access Trojans) are mainly used by two groups. Script kiddies and nation state attackers. Script kitties love RATs because of …
Read moreGeneric bypass of next-gen intrusion / threat / breach detection systems
The focus of this blog post is to bypass network monitoring tools, e.g. good-old IDS or next-generation threat detection systems in a generic way. The focus is …
Read moreStop using Virustotal to measure how AV sucks!
We recently came across an article which again is a FUD regarding how AV sucks. VirusTotal has been writing about this years ago. Although we …
Read moreThe many fails of Internet Security Suites
This blog post is a follow-up post on our quarterly Online Banking Certification project. During our Q3 tests – especially the Botnet test – we have witnessed …
Read moreNew anti-APT tools are no silver bullets: An independent test of APT attack detection appliances
New anti-APT tools are no silver bullets: An independent test of APT attack detection appliances CrySyS Lab, BME http://www.crysys.hu/ MRG-Effitas https://www.mrg-effitas.com/ November 26, 2014. The …
Read moreBypass hardware firewalls – DEF CON 22
This is a follow-up post in connection with my DEF CON 22 presentation. TL;DR: attackers having admin privileges on Linux/Windows systems can mess with the …
Read moreHow deep is the rabbit hole? A tale about exploit kits and layers of obfuscation
We at MRG are always amazed about malware writers and operators putting so much work into obfuscating their code and keep everything under the radar. This story …
Read more