Yes, we did it again. We played against the best teams in the world at the 24th DEFCON CTF Finals in Las Vegas. However, it was not as easy as it seems to be.
This year was fairly different from any other years before. For the first time in human history, teams had to play […]
Yeah yeah yeah yeah yeah
Yeah yeah yeah yeah yeah yeah
We think we did it again
We made you believe it’s more than just luck
One year ago, we were proud to announce that the CTF team of the CrySyS Lab qualified for the DEFCON CTF Finals, which is […]
Stuxnet is well-known in the IT security community. Its fame stems from the facts that it targeted a very specific industrial facility, it aimed at physical destruction, and it apparently accomplished its mission successfully. In addition to all these characteristics, IT security experts also appreciate its technical sophistication and the zero-day exploits that it used. […]
DEFCON CTF in Las Vegas – 07 Aug 2015
Our CTF team, !SpamAndHex qualified for the DEFCON CTF 2015 finals in Las Vegas. The competition is scheduled to start on August 7 and lasts for 3 days.
We are really proud of having achieved this for the first time in our history. There are many […]
Stuxnet is probably the most well-known malware of our times. Its fame stems from the facts that it targeted a very specific industrial facility, namely a uranium enrichment plant in Iran, it aimed at physical destruction of uranium centrifuges, and it apparently accomplished its mission successfully. In addition to all these characteristics, IT security experts […]
As we promised in our previous blog post, we release BAB0, the test sample that bypassed all 5 anti-APT products that we tested earlier in this year.
BAB0 is written in C++, and it has a server side written in PHP. BAB0 is downloaded by the victim as part of an HTML page, […]
New anti-APT tools are no silver bullets:
An independent test of APT attack detection appliances
CrySyS Lab, BME http://www.crysys.hu/
November 26, 2014.
The term Advanced Persistent Threat (APT) refers to a potential attacker that has the capability and the intent to carry out advanced attacks against specific high profile targets in […]
Together with international partners, we have investigated the Turla/Uroburos/Snake related Epic/Wipbot/TavDig/Wordlcupsec operations and the command and control server infrastructure of it. Although hundreds of servers related to the threats were discovered by the community, most of them are not alive as of the analysis. We tried to obtain as much information as possible on the […]
*UPDATE: fixed 4 hashes – 1 character was missing
*UPDATE: 93deb98d89b8acfa4115ce1ca89ac26a45aae4563c3a454bf8b2a26886f40a46 most likely is a False Positive (FP) and not evil
*UPDATE: 8290b324f5cdb5c3ea17fa48a74bc11c856f0da0b049d07d9316d161f71f26a5 is old miniduke sample from 2013
February, 2013 we conducted research together with Kaspersky Lab on a malware campaign called MiniDuke. The research on the threat has not stopped. In […]