Browser extensions: Hidden behind good, can be very bad

Visitinga website is a standard task for any user that uses the internet. The primary tool for viewing or visiting a website is called a web browser. A web browser allows web pages to render and…


All your passwords are belong to us

The compromise and leak of people’s passwords has become so prevalent and frequent that it is almost accepted as a normal fact of life. Recently the disclosure of a Twitter password bug that allows…


How botnets are built on mass CMS exploitation

Recent public disclosures related to very popular open-source content management systems have shed some light into the cybercrime underground’s drive for obtaining access to infrastructure that can…


Rig Exploit Kit delivering ransomware via Adobe Flash exploit (CVE-2018-4878)

Exploit kits are very efficient tools used in the cybercrime underground. These frameworks are packed with a number of exploits and mechanisms to detect vulnerabilities in systems/applications and…


Drupalgeddon2

A new vulnerability affecting the popular content management system (CMS) framework Drupal has been announced. This vulnerability is said to affect over 1 Million websites.  The vulnerability has…


New Samba Vulnerabilities

The importance of behavioral multi-contextual threat detection A new set of vulnerabilities found in the SAMBA service protocol highlight the need for approaches that go beyond the simple use of…


Domain Hijacking Impersonation Campaigns

A number of domain “forgeries” or tricky, translated look-alikes have been observed recently. These attack campaigns cleverly abuse International Domain Names (IDN) which, once translated into ASCII…


Cryptocoin Mining Attack Vectors Reshaping the Threatscape

The rise in value of cryptocurrencies is driving malicious actors to implement payloads that allow the use of CPU/GPU of compromised hosts in order to mine cryptocurrency.  The process of mining is…


Introducing CHIRON: A Case for Home Network Monitoring and Defense

Chiron is an innovative solution developed by JASK’s Director of Security Research, Rod Soto, and Director of Data Science, Joseph Zadeh.  While JASK fully supports our team’s innovation, CHIRON is…


Meltdown - The mirror in the CPU

A new series of vulnerabilities have been disclosed (CVE-2017-5753/5715/5754) affecting the most popular computer processors, and leaving millions of devices exposed to exploitation. These…