TA505 threat group use a crypter common to Clop/CryptoMix ransomware and others. We tear it down with a new unpacker utilizing SMT.
Revealing the Trick | A Deep Dive into TrickLoader Obfuscation
TrickBot’s loader has received much less attention than other components of the malware. Jason Reaves shows how to reverse engineer the TrickLoader function.
DPRK Hidden Cobra Update: North Korean Malicious Cyber Activity
New threat intelligence on the ever-expanding toolset of North Korean APT Hidden Cobra (Lazarus) including IoCs for RATs, beacons, persistence and more.
Pro-Russian CyberSpy Gamaredon Intensifies Ukrainian Security Targeting
Read how the Gamaredon group wages a silent cyber war against the Ukraine even when all other domains are denied by the strategic or political framework.
New Snake Ransomware Adds Itself to the Increasing Collection of Golang Crimeware
The ransomware crime spree continues with threat actors increasingly turning to Golang as their language of choice. New entrant Snake is just the latest.
Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets
SentinelLabs developed mock command-and-control panels to allow the institutions to utilize them for testing detections related to “PowerTrick”
Anchor Project | The Deadly Planeswalker: How The TrickBot Group United High-Tech Crimeware & APT
The Wind of Time Shakes the Underground | High-Tech Cybercrime & APT | Most Sophisticated & Resourceful Crimeware Group
Privilege Escalation | macOS Malware & The Path to Root Part 1
Researchers invest huge amounts of effort to uncover privilege escalations and develop exploits. What can we learn about macOS security from their work?
How AdLoad macOS Malware Continues to Adapt & Evade
AdLoad adware evades Apple’s built-in protections, installs man-in-the-middle proxy & multiple persistence agents to thwart removal. Here’s how to fight it.
How TrickBot Malware Hooking Engine Targets Windows 10 Browsers
Vitali Kremez revealing how TrickBot’s hooking engine targets Chrome, Firefox, Explorer and Edge in Windows 10