Flashback OS X Malware
This report was originally presented and published at VB2012.
In 2011, we saw OS X come under siege by several malware families. Towards the end of the year, we saw new families or variants appear almost every week, where each was more sophisticated than the last. At the forefront of these developments was the Flashback malware.
It's Signed, therefore it's Clean, right?
This document was originally presented at CARO 2010
This presentation discusses Authenticode signing, its usage by developers (particularly in the antivirus industry) and ways that code signing can be abused in order to spread malware and allow it to install