New “mexec” module delivers tertiary malware and allows TrickBot to pivot within a network, deploy a variety of payloads and evade common detection methods.
TA505 threat group use a crypter common to Clop/CryptoMix ransomware and others. We tear it down with a new unpacker utilizing SMT.
TrickBot’s loader has received much less attention than other components of the malware. Jason Reaves shows how to reverse engineer the TrickLoader function.
New threat intelligence on the ever-expanding toolset of North Korean APT Hidden Cobra (Lazarus) including IoCs for RATs, beacons, persistence and more.
Read how the Gamaredon group wages a silent cyber war against the Ukraine even when all other domains are denied by the strategic or political framework.
The ransomware crime spree continues with threat actors increasingly turning to Golang as their language of choice. New entrant Snake is just the latest.
SentinelLabs developed mock command-and-control panels to allow the institutions to utilize them for testing detections related to “PowerTrick”
The Wind of Time Shakes the Underground | High-Tech Cybercrime & APT | Most Sophisticated & Resourceful Crimeware Group
Researchers invest huge amounts of effort to uncover privilege escalations and develop exploits. What can we learn about macOS security from their work?
AdLoad adware evades Apple’s built-in protections, installs man-in-the-middle proxy & multiple persistence agents to thwart removal. Here’s how to fight it.
