Reverse engineering Gootkit reveals tricks for persistence, self-updating and a kill switch. Join us as we continue our deep dive into this banking malware
macOS Incident Response | Part 2: User Data, Activity and Behavior
What can we learn about user activity and behavior on a compromised Mac? Learn about the hidden and obfuscated data stores Apple use on the macOS platform.
macOS Incident Response | Part 1: Collecting Device, File & System Data
How should you investigate an infected Mac? Has there been lateral movement, data exfiltration, system manipulation? Learn macOS incident response here.
Gootkit Banking Trojan | Deep Dive into Anti-Analysis Features
Gootkit packs plenty of Anti-Analysis features to evade sandboxes, prevent execution in a Virtual Machine, and slow down analysis. Let’s take a dive inside!
Cybercrime: Groups Behind “Banload” Banking Malware Implement New Techniques
Cybercriminals aren’t deterred by legacy AV. Learn how the gang behind “Banload” malware used a new kernel driver to remove popular anti-malware solutions.