Month: May 2016


Ransomware IOCs and Trends in Late 2015 and Early 2016

Ransomware continues to evolve and there are many articles online that detail its continual changes. For that reason I won’t be rehashing all the evolutionary changes of ransomware. Instead this post seeks to point out some of the key trends in 2015 and 2016, as well as give analysts extra resources that will hopefully help ...


Update for the EITest Gate

I’ve been following the EITest campaign for a couple months now and I have just recently noticed something different in the traffic. The threat actors are still using compromised sites by injecting them with the same EITest script:   The EITest script above causes the host to retrieve a Flash file from EITest gate. However, ...