Researchers from Cyble Research and Intelligence Labs (CRIL) have uncovered a targeted spear phishing attack on a prominent Russian semiconductor supplier.
The threat actors behind this atta… Read More
Code injectionCode injection is a way to transfer your payload from one process to another. In order for Payload Injection to work, the memory buffer needs to be at least the size of the she… Read More
Nem o céu é o limite quando falamos de ataques cibernéticos. Agora, os hackers norte-coreanos do grupo Lazarus invadem empresa aeroespacial com novo malware LightlessCan… Read More
In a recent discovery, cybersecurity experts have unveiled an advanced backdoor known as Deadglyph, previously undocumented and attributed to the threat actor Stealth Falcon.
One notable… Read More
Member-only storyKarol MazurekFollowSystem Weakness--ShareThis walkthrough refers to the methodology described here. It will be:There is 18B + 9B space split by 4 Bytes for the EIP register… Read More
The Russian-speaking ransomware gang continues to update its tactics while managing to steal highly sensitive information from its victims. Researchers have uncovered fresh malware samp… Read More
Can AI replace human jobs?
AI is buzzing again thanks to the recent release of ChatGPT, a natural language chatbot that people are using to write emails, poems, so… Read More
An updated version of a malware loader known as BLISTER is being used as part of SocGholish infection chains to distribute an open-source command-and-control (C2) framework called Mythic."Ne… Read More
Recently disclosed security flaws impacting Juniper firewalls, Openfire, and Apache RocketMQ servers have come under active exploitation in the wild, according to multiple reports.The Shadow… Read More
Devon GriffithFollowSystem Weakness--ListenShareDepending on how secure a remote server is, some of the simplest attacks could give you access, like a buffer overflow.A buffer overflow is a… Read More
The Cuba ransomware syndicate has emerged as a significant threat vector against critical infrastructure institutions across the United States. Additionally, they have set their sights on IT… Read More
Hackers use multi-stage attacks to inject multiple remote-access trojans (RAT). The scheme involves Freeze.rs – open-source greyware used to circumvent protective mechanisms and execut… Read More
Noul raport Kaspersky descoperă tactici complicate de infectare a tulpinilor de malware DarkGate, Emotet și LokiBot. Pe fondul criptării unice a DarkGate și al revenirii… Read More
Cybersecurity experts have recently identified a phishing campaign targeting organizations in Italy. This threat employs a novel strain of malware called WikiLoader, with its primary objecti… Read More
The financially motivated threat actor known as FIN8 has recently caught the attention of cybersecurity experts due to its “revamped” version of the backdoor named Sardonic, whic… Read More
Morphisec Labs has been tracking a GuLoader campaign since April of this year. The campaign has been specifically targeting American law firms, along with healthcare and investment fir… Read More
LenaFollowSystem Weakness--ListenShareThis blog post contains my writeup for HackTheBox’s Blue. This box was about EternalBlue, an exploit used for WannaCry and NotPetya. The flag can… Read More
Kaspersky a descoperit o nouă campanie sofisticată de atac în mai multe etape, care vizează portofelele digitale de criptomonede în Europa, SUA și America Lat… Read More
Only a secure exchange with a hardware token can implement what requested. Pseudorandom AES-256 encryption designed to protect shellcode and arbitrary strings. Documentation-related encrypt… Read More
A new malicious campaign has been targeting Middle East countries since at least May 2020. It uses a malicious driver, called WinTapix.sys (or simply WinTapix), which has been attributed to… Read More