Labs

Cybercrime   Banload  Banking Malware Implements New Techniques For Fraud 1

RIG Exploit Kit Chain Internals

Vitali Kremez explaining the RIG Exploit Kit and the infection chain internals that led to the Amadey Stealer and Clipboard Hijacker.

Read More
Gootkit Banking Trojan   Part 3  Retrieving The Final Payload 1

Gootkit Banking Trojan | Part 3: Retrieving the Final Payload

Gootkit’s final payload contains multiple Node.js scripts. Join Daniel Bunce as he reverse engineers the malware to take a deeper look at what it delivers.

Read More
MacOS Incident Response   Part 3  System Manipulation 1

macOS Incident Response | Part 3: System Manipulation

How can you detect system manipulations by malware, local or remote attackers on macOS? Find out in the final part of our series on macOS Incident Response.

Read More
Copy Of Copy Of Gootkit Banking Trojan   Deep Dive Into Anti Analysis Features 1

Gootkit Banking Trojan | Part 2: Persistence & Other Capabilities

Reverse engineering Gootkit reveals tricks for persistence, self-updating and a kill switch. Join us as we continue our deep dive into this banking malware

Read More
MacOS Incident Response   Part 2  User Data Activity And Behavior 2

macOS Incident Response | Part 2: User Data, Activity and Behavior

What can we learn about user activity and behavior on a compromised Mac? Learn about the hidden and obfuscated data stores Apple use on the macOS platform.

Read More
MacOS Incident Response   Part 1  Collecting Device File System Data 1

macOS Incident Response | Part 1: Collecting Device, File & System Data

How should you investigate an infected Mac? Has there been lateral movement, data exfiltration, system manipulation? Learn macOS incident response here.

Read More
Gootkit Banking Trojan   Deep Dive Into Anti Analysis Features 1

Gootkit Banking Trojan | Deep Dive into Anti-Analysis Features

Gootkit packs plenty of Anti-Analysis features to evade sandboxes, prevent execution in a Virtual Machine, and slow down analysis. Let’s take a dive inside!

Read More
Cybercrime   Banload  Banking Malware Implements New Techniques For Fraud 1

Cybercrime: Groups Behind “Banload” Banking Malware Implement New Techniques

Cybercriminals aren’t deterred by legacy AV. Learn how the gang behind “Banload” malware used a new kernel driver to remove popular anti-malware solutions.

Read More
Sebastian Unrau 47679 Unsplash 1

RobinHood Ransomware “CoolMaker” Functions Not So Cool

Robinhood Ransomware is attacking government institutions from Greenville to Baltimore. How does it work and how could you stop it? Find out here.

Read More
Lazarus APT Targets Mac Users With Poisoned Word Document 4 Scaled 1600x900

Lazarus APT Targets Mac Users with Poisoned Word Document

Threat actors have the know-how to develop campaigns that target your weakest link. Learn how Lazarus APT took their malware to Apple’s macOS platform.

Read More