Labs

Privilege Escalation   MacOS Malware The Path To Root Part 1 1

Privilege Escalation | macOS Malware & The Path to Root Part 1

Researchers invest huge amounts of effort to uncover privilege escalations and develop exploits. What can we learn about macOS security from their work?

Read More
AdLoad MacOS Malware   How It Continues To Adapt Evade 1

How AdLoad macOS Malware Continues to Adapt & Evade

AdLoad adware evades Apple’s built-in protections, installs man-in-the-middle proxy & multiple persistence agents to thwart removal. Here’s how to fight it.

Read More
How TrickBot Hooking Engine Targets Windows 10 Browsers 5

How TrickBot Malware Hooking Engine Targets Windows 10 Browsers

Vitali Kremez revealing how TrickBot’s hooking engine targets Chrome, Firefox, Explorer and Edge in Windows 10

Read More
Writing Malware Traffic Decrypters For ISFB Ursnif 3 1

Writing Malware Traffic Decrypters for ISFB/Ursnif

Daniel Bunce explains how to decrypt traffic between an attacker’s C2 and an endpoint infected with ISFB malware

Read More
Writing Malware Configuration Extractors For ISFB Ursnif 3

Writing Malware Configuration Extractors for ISFB/Ursnif

Daniel Bunce demonstrating automated IOC extraction using a python script and an example of ISFB/Ursnif malware.

Read More
From Office Macro Malware To Lightweight JS Loader 10 1

Deep Insight into “FIN7” Malware Chain: From Office Macro Malware to Lightweight JS Loader

Vitali Kremez dissecting the ‘Fin7’ malware chain that leverages malicious MS Office Macros and a JS loader.

Read More
INFO STEALERS   HOW MALWARE HACKS PRIVATE USER DATA 1

Info Stealers | How Malware Hacks Private User Data

Continuing our free Zero2Hero malware reverse engineering course, Daniel Bunce dives into the details of KPot, Vidar & Raccoon Info Stealers.

Read More
Detecting MacOS.GMERA Malware Through Behavioral Inspection 1

Detecting macOS.GMERA Malware Through Behavioral Inspection

New malware hits macOS with well-worn techniques. Can behavioral detection prevent attacks that evade legacy AV and built-in Apple security?

Read More
Trickbot Update  Brief Analysis Of A Recent Trickbot Payload 1

Trickbot Update: Brief Analysis of a Recent Trickbot Payload

In many ways, Trickbot parallels the evolution of contemporary threats (such as #Emotet) via its modular and expandable architecture. We took it for a test

Read More
FIN6 “FrameworkPOS”  Point Of Sale Malware Analysis Internals 1

FIN6 “FrameworkPOS”: Point-of-Sale Malware Analysis & Internals

Vitali Kremez diving into the FIN6 “FrameworkPOS”, targeting payment card data from Point-of-Sale (POS) or eCommerce systems.

Read More