placement for flash
Skip Navigation Links Home > Products > eSafe > Attack Intelligence Research Center > AIRC Publications

AIRC Publications

 
AIRC May Report PDF

In this month's threat report we will examine an incident of a Web attack which we discovered while routinely checking the AID's (Attack Intelligence Datacenter) records. Once again, a legitimate website appears to have been compromised in order to serve malicious content to its unsuspecting visitors. Our interest was sparked by the Neobit.org website belonging to a company with that name, offering security dongle emulators, which appeared on our AID system. Upon realizing that – ironically – Neobit offers substitute software which copies SafeNet and Aladdin hardware keys, we were motivated to investigate further. NeoBit presents itself as a company "that specializes in making software copies of hardware keys (dongles)... [they] offer dongle emulators for SafeNet (Rainbow) Sentinel dongles and Aladdin HASP and Hardlock dongles as reliable insurance against possible problems".

A Holiday Mix PDF

In this month's threat report we'll take a look at what the holiday season has brought us in terms of Web security. Interestingly enough, and just as we predicted, a lot of "relevant" attacks showed up in the past month or so – from holiday greetings to sites that cater for current news (be it Natasha Richardson's premature departure, March-madness related sites, Conficker/Downadup "removal" tools towards April, and even the Boyle effect started to be noticed later in April). All these attacks were riddled with an assortment of MalWeb and the resulting Trojans that are installed upon successful exploitation.

NUKE SPLOITS P4CK PDF

In this month's threat report, we investigate an exploitation kit discovered and tracked through our AID (Attack Intelligence Datacenter) system. This attack was discovered when an entry in our AID, named JS.Shellcode.b, caught our attention.

Flash gets a boost, AID is introduced PDF

In this month's threat report we focus on an attack that has been discovered and tracked through our AID (Attack Intelligence Datacenter) system, which incorporates the classic Malweb techniques in an Adobe Flash format. This adoption of the Flash format for attacks renders the malicious code almost undetectable by traditional means, and exemplifies the need for deeper inspection through methods that are capable of handling Web 2.0.

AIRC Annual Threat Report: 2008 Overview and 2009 Predictions PDF

The Aladdin Annual Threat Report is a compilation of research and trend analysis provided by the Aladdin Attack Intelligence Center (AIRC). This report provides an overview of threats discovered in 2008 along with insights and predictions for the threat evolution in 2009.

Through the Looking Glass: Predicting the Next Moves of a Criminal Server PDF

In this AIRC Threat Report, we are uncovering what is likely one of the largest single criminal servers used to conduct an eCrime attack. Through this new discovery, we have identified the means to not just manage the threat, but to predict and preempt eCrime on the Web.

MalWeb Evolution and Predictions PDF

"Web security" has been struggling for a long time with its own definition. Traditionally, "Web security" referred to the securing of websites, as attackers would try to break into a site by exploiting the logic of the application running on the site, or its infrastructure (the Web server).These days, with the decline in the amount of Web application vulnerabilities and the rise in client targeted attacks carried over the Internet, the definition of Web security has changed.

MalWeb Continues to Make Waves on Legitimate Sites PDF

Following up on some recent attacks, the AIRC team wanted to see how the Web "looks" these days in terms of lessons learned, and the impact that MalWeb has on the average user. In completely subjective research, we hit our browsers in an attempt to emulate a benign business user and see how we would fare finding MalWeb-infested sites....

How much IS a picture worth? PDF

How criminals are operating behind the scenes of web security and SPAM operations. During our recent research activities, we have come across some interesting incidents that involve celebrities, herders, and a common desire for money...

 

 
 
© Aladdin Knowledge Systems Ltd. 1985-2010. All rights reserved.