AcidRain | A Modem Wiper Rains Down on Europe
As the most impactful cyber attack of the Ukrainian invasion gets downplayed, SentinelLabs uncovers a more plausible explanation.
Read More
Pwning Microsoft Azure Defender for IoT | Multiple Flaws Allow Remote Code Execution for All
As if IoT & OT aren't hard enough to defend, we dive into five critical vulnerabilities in Microsoft Defender for IoT that leave the door wide open.
Read More
Chinese Threat Actor Scarab Targeting Ukraine
Chinese threat actor Scarab is targeting Ukrainian organizations. In this report, we share technical details and IOCs on attacks over the past two years.
Read More
The Art and Science of macOS Malware Hunting with radare2 | Leveraging Xrefs, YARA and Zignatures
In the next part of our series on reversing macOS malware, we dig into identifying reused code across malware samples for hunting and detection.
Read More
Another Brick in the Wall: Uncovering SMM Vulnerabilities in HP Firmware
How we used Brick to discover six different vulnerabilities affecting HP laptops' firmware
Read More
Zen and the Art of SMM Bug Hunting | Finding, Mitigating and Detecting UEFI Vulnerabilities
In Part 5 of our ongoing series on UEFI security research, we dive into the fascinating world of hunting and exploiting SMM vulnerabilities.
Read More
HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine
A new malware is attacking Ukrainian organizations and erasing Windows devices. In this early analysis, we provide technical details, IOCS and hunting rules.
Read More
Sanctions Be Damned | From Dridex to Macaw, The Evolution of Evil Corp
What really happened to Evil Corp after the OFAC sanctions? Did they cut and run, or are they still operating with impunity?
Read More
Log4j2 In The Wild | Iranian-Aligned Threat Actor “TunnelVision” Actively Exploiting VMware Horizon
Threat actor exploits Log4j2 vulnerabilities to drop PowerShell backdoors, harvest credentials, and communicate via legitimate services.
Read More
ModifiedElephant APT and a Decade of Fabricating Evidence
A previously unreported threat actor has been targeting civil society for over a decade. Read about how it operates and its relationships to other threats.
Read More