-
Jan 28, 2023
Cyber security firm ESET has reported that Ukraine has been hit by a new cyber attack from Russia using a previously undocumented data wiper called SwiftSlicer. … read more »
-
Jan 27, 2023
Cyber-security researchers at Palo Alto Networks’ Unit 42 have discovered a new variant of the PlugX malware that can infect connected USB removable media devices to spread to additional systems.… read more »
-
Jan 25, 2023
Researchers at threat analytics firm Securonix have uncovered a new Python-based malware named PY#RATION, a remote access trojan (RAT) that gives its operators control over breached systems… read more »
-
Jan 25, 2023
Static malware analysis is the process of analysing malware samples without executing them. In this post, I'd like to share my basic workflow for static malware analysis, with tools and techniques that can be used at each stage.… read more »
-
Jan 22, 2023
A very short article that I think will be useful to DFIR colleagues. According to an article from Microsoft, after installing Windows 11 build 22H2, Windows events 4688 stopped working correctly.… read more »
-
Jan 21, 2023
The Russian state-sponsored cyber espionage group known as Gamaredon has been found to be using the popular messaging app Telegram in its recent attacks against Ukraine. The group has been known to target Ukrainian entities since at least 2013.… read more »
-
Jan 20, 2023
A critical RCE (remote code execution) vulnerability has been discovered impacting multiple services related to Microsoft Azure, potentially allowing a malicious actor to completely take control of a targeted application. The vulnerability was discovered by Israeli cloud infrastructure security firm… read more »
-
Jan 19, 2023
A recent study by Cisco Talos has revealed that it is possible to identify relationships between different threat actors by analyzing the metadata of these malicious LNK files. This information includes the specific tools and techniques used by different groups… read more »