This blog post was authored by Malwarebytes’ Roberto Santos and Fortinet’s Hossein Jazi While the official conflict between Russia and Ukraine…

Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs. - GitHub - iknowjason/Awesome-CloudSec-Labs: Awesome free clou...

Analysis of a Multi-Stage Loader for AgentTesla. Covering Ghidra, Dnspy, X32dbg, API Hashing and more!

Introduction In this blog series, we will cover the topic of rootkits — how they are built and the basics of kernel driver analysis — specifically on the Windows platform. In this first part, we...

Hello cybermen, I’m about to present a repo about the Medusa locker

Dive deeper into the technical details gathered during eSentire’s Threat Response Unit (TRU) team’s research and threat analysis of the Vidar Stealer…

Presentation given at Carneige Mellon SEI DevSecOps Days 2023 - ghidragolf/DevSecOpsDays_GolfingWithDragons

360高级威胁研究院监测到了SideCopy在早期伪装注册邀请表格的攻击活动样本，我们推测是之前行动未被发现的样本，样本利用诱饵文档最终释放木马

Lightweight fuzzing of a memory snapshot using KVM - awslabs/snapchange

Author: HOTSAUCE (위협탐지팀) | S2W TALON

Malvertising seems to be enjoying a renaissance as of late, whether it is from ads on search engine results pages or…

This blog post breaks down a taxonomy for endpoint security products. It suggests using complementary feature set descriptions, each with strengths and weaknesses, rather than a generational definition with concentric features.