Discovering Hidden Twitter Amplification

April 3, 2019

Discovering Hidden Twitter Amplification 2019-04-03 As part of the Horizon 2020 SHERPA project, I’ve been studying adversarial attacks against smart information systems (systems that utilize a combination of big data and machine learning). Social networks fall into this category – they’re powered by recommendation algorithms (often based on machine learning techniques) that process large amounts of data in order to display relevant information to users. As such, I’ve been trying…

Read More >>

Mira Ransomware Decryptor

April 1, 2019

Mira Ransomware Decryptor 2019-04-01 We investigated some recent Ransomware called Mira (Trojan:W32/Ransomware.AN) in order to check if it’s feasible to decrypt the encrypted files. Most often, decryption can be very challenging because of missing keys that are needed for decryption. However, in the case of Mira ransomware, it appends all information required to decrypt an encrypted file into the encrypted file itself. Encryption Process The ransomware first initializes a new…

Read More >>

A Hammer Lurking In The Shadows

March 29, 2019

A Hammer Lurking In The Shadows 2019-03-29 And then there was ShadowHammer, the supply chain attack on the ASUS Live Update Utility between June and November 2018, which was discovered by Kaspersky earlier this year, and made public a few days ago. In short, this is how the trojanized Setup.exe works: An executable embedded in the Resources section has been overwritten by the first-stage payload. The program logic has been…

Read More >>

Analysis of LockerGoga Ransomware

March 27, 2019

Analysis of LockerGoga Ransomware 2019-03-27 We recently observed a new ransomware variant (which our products detect as Trojan.TR/LockerGoga.qnfzd) circulating in the wild. In this post, we’ll provide some technical details of the new variant’s functionalities, as well as some Indicators of Compromise (IOCs). Overview Compared to other ransomware variants that use Window’s CRT library functions, this new variant relies heavily on the less commonly used Boost library. For example, instead…

Read More >>

Analysis Of Brexit-Centric Twitter Activity

March 12, 2019

This is a rather long blog post, so we’ve created a PDF for you to download, if you’d like to read it offline. You can download that from here. Executive Summary This report explores Brexit-related Twitter activity occurring between December 4, 2018 and February 13, 2019. Using the standard Twitter API, researchers collected approximately 24 million tweets that matched the word “brexit” published by 1.65 million users. A node-edge graph…

Read More >>

Why Social Network Analysis Is Important

February 21, 2019

I got into social network analysis purely for nerdy reasons – I wanted to write some code in my free time, and python modules that wrap Twitter’s API (such as tweepy) allowed me to do simple things with just a few lines of code. I started off with toy tasks, (like mapping the time of day that @realDonaldTrump tweets) and then moved onto creating tools to fetch and process streaming…

Read More >>

Phishing Campaign targeting French Industry

November 26, 2018

We have recently observed an ongoing phishing campaign targeting the French industry. Among these targets are organizations involved in chemical manufacturing, aviation, automotive, banking, industry software providers, and IT service providers. Beginning October 2018, we have seen multiple phishing emails which follow a similar pattern, similar indicators, and obfuscation with quick evolution over the course of the campaign. This post will give a quick look into how the campaign has…

Read More >>

Ethics In Artificial Intelligence: Introducing The SHERPA Consortium

November 22, 2018

In May of this year, Horizon 2020 SHERPA project activities kicked off with a meeting in Brussels. F-Secure is a partner in the SHERPA consortium – a group consisting of 11 members from six European countries – whose mission is to understand how the combination of artificial intelligence and big data analytics will impact ethics and human rights issues today, and in the future (https://www.project-sherpa.eu/). As part of this project,…

Read More >>