WMI-based attacks impact all versions of Windows and can severely impact EDRs. Claudiu Teodorescu explores how they work and how they can be detected.
Paul Rascagneres explores a macOS port of the Windows RokRAT malware and how it bypasses Apple security protections.
The first public discussion of changes in the UEFI firmware security runtime from an offensive security perspective with Alex Matrosov.
New PolyVice ransomware is likely in use by multiple threat actors building re-branded payloads with the same custom encryption scheme.
ChatGPT has captured the imagination of many across infosec. Here's how it can superpower the efforts of reversers and malware analysts.
Vulnerability disclosure in the US lags behind China's NVD, which has a history of providing APT groups with exploits. How can researchers close the gap?
Threat actors are abusing legitimately signed Microsoft drivers in active intrusions into telecommunication, BPO, MSSP, and financial services businesses.
Discover the anti-analysis techniques of the Mafalda implant, a unique, feature-rich backdoor used by the Metador threat actor.
An elusive APT is attacking telcos, ISPs and Universities with custom backdoors and attack chains designed to bypass native security solutions.
Satellite communications are an integral part of many Industrial Control Systems, but their usage in critical infrastructure continues to be misunderstood.
