Greg Lesnewich explores how to to pursue an apex predator using little more than a local instance of YARA and some publicly available open-source tooling.
Threat actor targets experts in North Korean affairs with spoofed URLs and weaponized Office documents to steal Google and other credentials.
Learn how to customize radare2 with user-defined aliases, macros and functions for faster and easier binary diffing and analysis.
A Brazilian threat actor is targeting users of over 30 Portuguese financial institutions with custom backdoors.
North Korean APT group focuses on file reconnaissance and information exfiltration with latest variant of RandomQuery malware.
Mandiant researchers Van Ta and Rufus Brown take us on a journey of discovery into the compromise of multiple U.S. Government networks by APT41.
Silas Cutler, founder of MalShare, explores some of the challenges and rewards of developing and maintaining a free malware repository for researchers.
Availability of leaked Babuk source code is fuelling a proliferation of file lockers targeting VMware ESXi.
DPRK-linked threat actor deploys previously unseen reconnaissance tool 'ReconShark' in wave of ongoing attacks.
SentinelLabs has been tracking a cluster of malicious documents that stage the Crimson RAT malware distributed by APT36 (Transparent Tribe).
