Breaking TA505’s Crypter with an SMT Solver
TA505 threat group use a crypter common to Clop/CryptoMix ransomware and others. We tear it down with a new unpacker utilizing SMT.
Read More
Revealing the Trick | A Deep Dive into TrickLoader Obfuscation
TrickBot’s loader has received much less attention than other components of the malware. Jason Reaves shows how to reverse engineer the TrickLoader function.
Read More
DPRK Hidden Cobra Update: North Korean Malicious Cyber Activity
New threat intelligence on the ever-expanding toolset of North Korean APT Hidden Cobra (Lazarus) including IoCs for RATs, beacons, persistence and more.
Read More
Pro-Russian CyberSpy Gamaredon Intensifies Ukrainian Security Targeting
Read how the Gamaredon group wages a silent cyber war against the Ukraine even when all other domains are denied by the strategic or political framework.
Read More
New Snake Ransomware Adds Itself to the Increasing Collection of Golang Crimeware
The ransomware crime spree continues with threat actors increasingly turning to Golang as their language of choice. New entrant Snake is just the latest.
Read More
Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets
SentinelLabs developed mock command-and-control panels to allow the institutions to utilize them for testing detections related to “PowerTrick”
Read More
Anchor Project | The Deadly Planeswalker: How The TrickBot Group United High-Tech Crimeware & APT
The Wind of Time Shakes the Underground | High-Tech Cybercrime & APT | Most Sophisticated & Resourceful Crimeware Group
Read More
Privilege Escalation | macOS Malware & The Path to Root Part 1
Researchers invest huge amounts of effort to uncover privilege escalations and develop exploits. What can we learn about macOS security from their work?
Read More
How AdLoad macOS Malware Continues to Adapt & Evade
AdLoad adware evades Apple’s built-in protections, installs man-in-the-middle proxy & multiple persistence agents to thwart removal. Here’s how to fight it.
Read More
How TrickBot Malware Hooking Engine Targets Windows 10 Browsers
Vitali Kremez revealing how TrickBot’s hooking engine targets Chrome, Firefox, Explorer and Edge in Windows 10
Read More