javascript

February 18, 2019

THREAT RESEARCH

JavaScript bridge makes malware analysis with WinDbg easier

1 min read

As malware researchers, we spend several days a week debugging malware in order to learn more about it. For that, we have several powerful and popular user mode tools to...

August 9, 2017

THREAT RESEARCH

WinDBG and JavaScript Analysis

1 min read

This blog was authored by Paul Rascagneres. Introduction JavaScript is frequently used by malware authors to execute malicious code on Windows systems because it is powerful, natively available and rarely disabled. Our previous article on .NET analysis generated much interest relating to how to use WinDBG to analyse .js files. In this post we extend our description of […]

A supercomputer in your browser

1 min read

Cisco is pleased to announce the “Supercomputer in your browser” (SiYB) project, designed to bring the rich High Performance Computing (HPC) ecosystem to the world’s most popular software: web browsers. The free SiYB software is a web browser plugin that is easily installed on any desktop or laptop computer running Windows, OS X, or Linux. “I’ve […]

May 19, 2014

SECURITY

Angling for Silverlight Exploits

6 min read

This post is co-authored by Andrew Tsonchev, Jaeson Schultz, Alex Chiu, Seth Hanford, Craig Williams, Steven Poulson, and Joel Esler. Special thanks to co-author Brandon Stultz for the exploit reverse engineering.  Silverlight exploits are the drive-by flavor of the month. Exploit Kit (EK) owners are adding Silverlight to their update releases, and since April 23rd we have […]

August 23, 2013

SECURITY

Crumbling to the Cookiebomb

2 min read

Recently we have seen a spate of government websites hosting malicious Cookiebomb JavaScript. We have observed URLs with the top level domains such as ‘.gov.uk’, ‘.gov.tr’, ‘.gov.pl’ and the website of a middle eastern embassy in the US become compromised and expose visitors to malware infection. For malicious actors, highly reputable websites are a valuable […]