AlphaGolang | A Step-by-Step Go Malware Reversing Methodology for IDA Pro
SentinelLabs sets off to dispel the myth that Go malware is hard to reverse engineer. This suite of IDApython scripts will set you well on your way
Read More
Karma Ransomware | An Emerging Threat With A Hint of Nemty Pedigree
Exploring the links between Karma and other well-known malware families such as NEMTY and JSWorm, we find further IoCs and an evolving threat.
Read More
Techniques for String Decryption in macOS Malware with Radare2
In Part 3 of our macOS reversing series, we look at three different macOS malware samples and walk you through how to decipher encrypted strings.
Read More
New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education
Agrius has continued to evolve its toolkit from wiper to ransomware operations, including a recent attack on a higher education facility.
Read More
Defeating macOS Malware Anti-Analysis Tricks with Radare2
Learn how to beat malware authors' control flow and avoid executing unwanted parts of their code to analyze macOS malware in radare2.
Read More
CVE-2021-3437 | HP OMEN Gaming Hub Privilege Escalation Bug Hits Millions of Gaming Devices
A high severity flaw in HP's OMEN Gaming Hub software allows any user to escalate privileges to kernel-level mode.
Read More
Hide and Seek | New Zloader Infection Chain Comes With Improved Stealth and Evasion Mechanisms
A new ZLoader campaign abuses Google Ads to target European banking institutions with signed MSI payloads and more than 300 domains.
Read More
EGoManiac | An Unscrupulous Turkish-Nexus Threat Actor
EGoManiac is a threat actor willing to spy on friend and foe and entrap journalists without compunction. Read our groundbreaking research.
Read More
6 Pro Tricks for Rapid macOS Malware Triage with Radare2
Learn more about reversing real-world macOS malware in this new series for intermediate to advanced analysts, starting with these r2 tips!
Read More
Hive Attacks | Analysis of the Human-Operated Ransomware Targeting Healthcare
Hive is a double-extortion ransomware group that’s hit over 30 organizations. Read our deep-dive into the ransomware toolkit.
Read More