SentinelLabs - Page 2 of 9 - Intelligence Redefined

New macOS Malware XcodeSpy Targets Xcode Developers with EggShell Backdoor

Targeting software developers is one route to a successful supply chain attack. Now threat actors are going after Apple developers through the Xcode IDE.

Security Research

Top 15 Essential Malware Analysis Tools

Get your malware analysis toolkit up-to-speed! From disassemblers and debuggers to hex editors and SSL interception tools, you’ll find them all here.

Crimeware

HelloKitty Ransomware Lacks Stealth, But Still Strikes Home

HelloKitty lacks the stealth of Ryuk, REvil and Conti, but has still struck some notable targets, including CEMIGO. Ransomware overview and IoCs here.

Security Research

A Guide to Ghidra Scripting Development for Malware Researchers

Automation is the key to becoming a more effective malware analyst, and Ghidra scripting is an essential tool in your arsenal. Get started here!

Security Research

20 Common Tools & Techniques Used by macOS Threat Actors & Malware

Threat hunting on macOS? These are the tools malware most often leverages, with ITW examples, MITRE behavioral indicators and links to further research.

Security Research

CVE-2021-24092: 12 Years in Hiding – A Privilege Escalation Vulnerability in Windows Defender

Windows Defender has contained an elevation of privilege vulnerability since at least 2009. Learn more about SentinelOne’s discovery, CVE-2021-24092, here.

Crimeware

Zeoticus 2.0 | Ransomware With No C2 Required

Zeoticus is a Windows-specific ransomware that can execute fully offline with no callback to a C2, making network activity detection rules redundant.

Security Research

FADE DEAD | Adventures in Reversing Malicious Run-Only AppleScripts

We show how to statically reverse run-only AppleScripts for the first time, and in the process reveal new IoCs of a long-running macOS Cryptominer campaign.

Crimeware

Greyware’s Anatomy: The “Potentially Unwanted” are Upping Their Game

Adware infections may appear unremarkable at first, but in this example incident analysis we demonstrate their growing sophistication and risk.

Security Research

Building a Custom Malware Analysis Lab Environment

Building the right malware analysis environment is the first step for every researcher. We show how it’s done and offer some free custom tools for your use.

Unbreakable encryption, a data leak site and threats of DDoS attacks, #Avaddon has all the tricks of a modern… https://t.co/CMm401Vm3s20 hours ago
Switching to Kubernetes? In this post, we cover a number of different Kubernetes attack vectors along with best… https://t.co/Gl4ou4wOve22 hours ago
7 ways hackers can steal your passwords and what you can do to protect yourself. https://t.co/n3BMj9Ma7c #passwords #cybersecurity23 hours ago
️ The public sector is a growing target for threat actors - both state and local government are seeing #ransomware… https://t.co/dQsLnwlaUlyesterday

0 / 142

New macOS Malware XcodeSpy Targets Xcode Developers with EggShell Backdoor

Top 15 Essential Malware Analysis Tools

HelloKitty Ransomware Lacks Stealth, But Still Strikes Home

A Guide to Ghidra Scripting Development for Malware Researchers

20 Common Tools & Techniques Used by macOS Threat Actors & Malware

CVE-2021-24092: 12 Years in Hiding – A Privilege Escalation Vulnerability in Windows Defender

Zeoticus 2.0 | Ransomware With No C2 Required

FADE DEAD | Adventures in Reversing Malicious Run-Only AppleScripts

Greyware’s Anatomy: The “Potentially Unwanted” are Upping Their Game

Building a Custom Malware Analysis Lab Environment

Gootloader: ‘Initial Access as a Service’ Platform Expands Its Search for High Value Targets

ThunderCats Hack the FSB | Your Taxes Didn’t Pay For This Op

NobleBaron | New Poisoned Installers Could Be Used In Supply Chain Attacks

From Wiper to Ransomware | The Evolution of Agrius