♣️Analyzing a Fully Undetectable (FUD) macOS Backdoor
🔴Blog : https://denwp.com/fully-undetectable-fud-macos-backdoor
⭐️@APTANALYSIS

♣️From Credit Card Skimming to Exploiting Zero-Days
📺Blog : https://intezer.com/blog/research/xe-group-exploiting-zero-days/
⭐️@APTANALYSIS

♣️The Anatomy of Abyss Locker Ransomware Attack
😈Blog : https://www.sygnia.co/blog/abyss-locker-ransomware-attack-analysis
⭐️@APTANALYSIS

♣️LegionLoader exposed ...
💀Blog : https://tehtris.com/en/blog/legionloader-exposed
⭐️@APTANALYSIS

♣️Unmasking : Technological Advancement and Evolution of MuddyWater in 2024
🖐Blog : https://www.gov.il/BlobFolder/reports/maddy_water_2024/en/ALERT_CERT_IL_W_1858.pdf
⭐️@APTANALYSIS

♣️ASyncRAT [IR/Malware Analysis]
🧪Blog : https://ventdrop.github.io/posts/asyncrat
⭐️@APTANALYSIS

♣️AiTM/ MFA phishing attacks in combination with “new” Microsoft protections (2025 edition)
🎣Blog : https://jeffreyappel.nl/aitm-mfa-phishing-attacks-in-combination-with-new-microsoft-protections-2023-edt
⭐️@APTANALYSIS

♣️Bitcoin to the moon: Trump endorsing, scammers exploiting
👁Blog : https://www.cloudflare.com/en-au/threat-intelligence/research/report/bitcoin-to-the-moon-trump-endorsing-scammers-exploiting/
♣️Analyzing ELF/Sshdinjector.A!tr with a Human and Artificial Analyst
📺Blog : https://www.fortinet.com/blog/threat-research/analyzing-elf-sshdinjector-with-a-human-and-artificial-analyst
♣️GetSmoked: UAC-0006 Returns With SmokeLoader Targeting Ukraine's Largest State-Owned Bank
👁 Blog : https://www.cloudsek.com/blog/getsmoked-uac-0006-returns-with-smokeloader-targeting-ukraines-largest-state-owned-bank
♣️Dual Injection Undermines Chromes App-Bound Encryption
📺Blog : https://cyble.com/blog/dual-injection-undermines-chromes-encryption/
⭐️@APTANALYSIS

♣️ALPHV Ransomware : Analyzing the BlackCat After Change Healthcare Attack
🐈‍⬛Blog : https://www.picussecurity.com/resource/blog/alphv-ransomware
⭐️@APTANALYSIS

♣️Funksec Ransomware Teams Up with Another Ransomware Group to Double Down on Targets
🐦Blog : https://www.sonicwall.com/blog/funksec-ransomware-teams-up-with-another-ransomware-group-to-double-down-on-targets
⭐️@APTANALYSIS

♣️CVE-2023-6080: A Case Study on Third-Party Installer Abuse
👁Blog : https://cloud.google.com/blog/topics/threat-intelligence/cve-2023-6080-third-party-installer-abuse
♣️Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations
👁Blog : https://www.seqrite.com/blog/silent-lynx-apt-targeting-central-asian-entities/
♣️Scalable Vector Graphics files pose a novel phishing threat
👁‍🗨Blog : https://news.sophos.com/en-us/2025/02/05/svg-phishing/
⭐️@APTANALYSIS

♣️NowSecure Uncovers Multiple Security and Privacy Flaws in DeepSeek iOS Mobile App
🐦Blog : https://www.nowsecure.com/blog/2025/02/06/nowsecure-uncovers-multiple-security-and-privacy-flaws-in-deepseek-ios-mobile-app/
♣️Malicious NPM packages target marked-js library
😶Blog : https://sourcecodered.com/npm-packages-target-marked-js
⭐️@APTANALYSIS

♣️Hidden in Plain Sight: PDF Mishing Attack
😈Blog : https://zimpstage.wpengine.com/blog/hidden-in-plain-sight-pdf-mishing-attack/
♣️ROPing our way to RCE
😈Blog : https://modzero.com/en/blog/roping-our-way-to-rce/
♣️Beyond the Chatbot: Meta Phishing with Fake Live Support
😈Blog : https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/beyond-the-chatbot-meta-phishing-with-fake-live-support/
♣️Lynx Ransomware: Exposing How INC Ransomware Rebrands Itself
😈Blog : https://www.picussecurity.com/resource/blog/lynx-ransomware
♣️Premium Panel : phishing tool used in longstanding campaigns worldwide
😈Blog : https://www.intrinsec.com/wp-content/uploads/2025/01/TLP-CLEAR-Live-Control-Panel-Premium-EN.pdf
♣️FinStealer
😈Blog : https://www.cyfirma.com/research/finstealer/
♣️SiphonDNS: covert data exfiltration via DNS
😈Blog :https://ttp.report/evasion/2025/02/03/siphondns-covert-dns-exfiltration.html
⭐️@APTANALYSIS

♣️Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated…(claroty-t82)
👁Blog : https://claroty.com/team82/research/are-contec-cms8000-patient-monitors-infected-with-a-chinese-backdoor-the-reality-is-more-complicated
⭐️@APTANALYSIS

♣️Exploitable Episode One - Breaking IoT
🦖Blog : https://blog.doyensec.com/2025/02/11/exploitable-iot.html
⭐️@APTANALYSIS

♣️Build Your Own Offensive Security Lab A Step-by-Step Guide with Ludus
✝️Blog : https://xphantom.nl/posts/Offensive-Security-Lab
⭐️@APTANALYSIS

♣️Fault Injection – Looking for a Unicorn
🔮Blog : https://security.humanativaspa.it/fault-injection-looking-for-a-unicorn

♣️PsExec’ing the right way and why zero trust is mandatory
😈Blog : https://sensepost.com/blog/2025/psexecing-the-right-way-and-why-zero-trust-is-mandatory
⭐️@APTANALYSIS

♣️Exploring a VPN Appliance: A Researcher’s Journey
🔴Blog : https://www.akamai.com/blog/security-research/2025-february-fortinet-critical-vulnerabilities#vulnerabilities
♣️CVE-2025-0693: AWS IAM User Enumeration
🔴Blog : https://rhinosecuritylabs.com/research/unauthenticated-username-enumeration-in-aws
♣️How auto-generated passwords in Sitevision leads to signing key leakage - CVE-2022-35202
🔴Blog : https://www.shelltrail.com/research/how-auto-generated-passwords-in-sitevision-leads-to-signing-key-leakage-cve-2022-35202
⭐️@APTANALYSIS