How a research project at Fox-IT enhances your security career

Internships are a great way to assess a student’s capabilities, Fox-IT is always looking for talented individuals, that have proven that they have what it takes to be 'a foxer'. At Fox-IT we hold our colleagues to the highest (technical) knowledge standard. If everyone is held to this high standard, we can insure the quality … Continue reading How a research project at Fox-IT enhances your security career →

Seen in the wild: Updated Exploit Kits

In early March, after one of our network sensors flagged an incident at one of our customers, we noticed some traffic going to a rather suspicious .biz domain. When looking into the details of this domain, we found it to be registered to a guy named "Lukas Vask". When doing a reverse whois on just the … Continue reading Seen in the wild: Updated Exploit Kits →

Writeup on nbc.com distributing Citadel malware

Every now and then, an incident occurs in the SOC (Security Operation Center) that really captures everyone involved's imagination. NBC's websites getting hacked, is just one case, in point. At 16:43 CET, this afternoon we noticed that the NBC.com website links to the redkit exploit kit that is spreading Citadel malware, targeting US financials institutions. This version of … Continue reading Writeup on nbc.com distributing Citadel malware →

Oracle getting serious about Java

Recently, Oracle released new a version of Java with a difference. Java/1.7.0_13 is the latest version. Its increased the default security from ‘Medium’ to ‘High’, which restricts execution of unsigned applets. It also introduced a new warning to people executing Java code which checks if Java is using the latest version. You might notice the … Continue reading Oracle getting serious about Java →