A very convincing Amazon Prime scam landed in our mail server today and...went straight to spam. Here's why.

In 2013, over 40 million credit card numbers were exfiltrated directly from the point-of-sale systems in more than 1800 Target stores. The attackers achieved this by deploying malware across multiple systems inside Target infrastructure. This is how they…

The main() method in .NET applications is considered as the entry point. But it is not the first thing being executed, which is purposefully used to deter reverse engineers. We write Intermediate Language assembly code to find out what is actually executed…

Dive into how X-Force Red experts created hypothetical detections that could be implemented to detect publicly disclosed active call stack evasion techniques.

Introduction to dotnet configuration extraction. Leveraging RevengeRat and Python.

Delve into the tactics of the GoldDigger Trojan and discover ways to safeguard your customers.

In this overview, we discuss cybercriminal and hacktivist attacks on industrial organizations.

Major Cyber Incident: KA-SAT 9A Other incident names: Viasat, AcidRain 4 October 2023 Kerttunen, Mika; Schuck, Kim; Hemmelskamp, Jonas EN About KA-SAT 9A The GEO satellite broadband services of the US communications company Viasat (KA-SAT 9A network) were…

Bitsight has identified nearly 100,000 exposed industrial control systems (ICS) potentially allowing an attacker to access and control physical infrastructure.

SOCRadar is an Extended Threat Intelligence (XTI) tool that is enriched with External Attack Surface Management and Digital Risk Protection.

Dell SmartFabric Storage Software remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

IBM X-Force uncovered a campaign where attackers were exploiting the vulnerability identified in CVE-2023-3519 to attack NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user credentials.

In early July 2023, the threat actor "Storm-0324" was observed sending a phishing message through Microsoft Teams IM. Storm-0324 is a financially motivated threat actor group known for distributing phishing emails to gain initial access to compromised systems.…

Discover the technical overlaps between LostTrust Ransomware, SFile and Mindware in this in-depth analysis of the latest multi-extortion cyber threats.

We employ static and dynamic analysis to dissect two case studies using obfuscation in Android malware: a Cerberus banking trojan and HiddenAd adware.

Practical examples and breakdowns of indicators that can be used to produce effective yara rules.

PoC module to demonstrate automated lateral movement with the Havoc C2 framework. - icyguider/LatLoader

Cross-Architecture Function Similarity Search Model - https://arxiv.org/abs/2310.03605 - br0kej/FASER