Generative AI Assistant Makes Hunting Threats Faster
Credit to Author: Shannon Murphy| Date: Tue, 20 Jun 2023 00:00:00 +0000
Learn how analysts can search for threats with greater accuracy, speed, and effectiveness.
Read MoreRSS Reader for Computer Security Articles
Credit to Author: Shannon Murphy| Date: Tue, 20 Jun 2023 00:00:00 +0000
Learn how analysts can search for threats with greater accuracy, speed, and effectiveness.
Read MoreCredit to Author: Peter Girnus| Date: Tue, 20 Jun 2023 00:00:00 +0000
This is the third installment of a three-part technical analysis of the fully undetectable (FUD) obfuscation engine BatCloak and SeroXen malware. In this entry, we document the techniques used to spread and abuse SeroXen, as well as the security risks, impact, implications of, and insights into highly evasive FUD batch obfuscators.
Read MoreCredit to Author: Peter Girnus| Date: Fri, 09 Jun 2023 00:00:00 +0000
We look into BatCloak engine, its modular integration into modern malware, proliferation mechanisms, and interoperability implications as malicious actors take advantage of its fully undetectable (FUD) capabilities.
Read MoreCredit to Author: Nitesh Surana| Date: Fri, 19 May 2023 00:00:00 +0000
This is the first part of our security analysis of an information stealer targeting GitHub Codespaces (CS) that discusses how attackers can abuse these cloud services for a variety of malicious activities.
Read MoreCredit to Author: Fyodor Yarochkin| Date: Wed, 17 May 2023 00:00:00 +0000
An overview of the Lemon Group’s use of preinfected mobile devices, and how this scheme is potentially being developed and expanded to other internet of things (IoT) devices. This research was presented in full at the Black Hat Asia 2023 Conference in Singapore in May 2023.
Read MoreCredit to Author: Sunil Bharti| Date: Tue, 16 May 2023 00:00:00 +0000
We observed the threat actor group known as “8220 Gang” employing new strategies for their respective campaigns, including exploits for the Linux utility “lwp-download” and CVE-2017-3506, an Oracle WebLogic vulnerability.
Read MoreCredit to Author: Alfredo Oliveira| Date: Wed, 26 Apr 2023 00:00:00 +0000
We found TrafficStealer abusing open container APIs in order to redirect traffic to specific websites and manipulate engagement with ads.
Read MoreCredit to Author: Don Ovid Ladores| Date: Mon, 24 Apr 2023 00:00:00 +0000
We observed cryptocurrency and information stealer ViperSoftX evading initial loader detection and making its lure more believable by making the initial package loader via cracks, keygens, activators, and packers non-malicious. We also noted more sophisticated encryption and basic anti-analysis techniques, such as byte remapping and web browser communication blocking.
Read More