Research by: Jiri Vinopal Key Points Introduction For a malware researcher, analyst, or reverse engineer, the ability to alter the functionality of certain parts of code is a crucial step, often necessary to reach a meaningful result during the analysis process.…

In October 2023, was in Flipper Zero’s unofficial Xtreme firmware implemented functionality that would perform Denial of Service attack (DoS) that resulted in freezing and crashing any iPhones running the latest iOS 17. This bug was fixed in December 2023…

Cisco Talos obtained executable code capable of decrypting files affected by the Babuk Tortilla ransomware variant, allowing Talos to extract and share the private decryption key used by the threat actor.

Increasingly large companies are utilising Rust in their systems, either existing or new. Most uses focus on how it can help in managed environments, such as within a system with a r…

Welcome to the first patch Tuesday of 2024. As expected, Microsoft and Adobe have released their latest security patches. Take a break from your other activities and join us as we review the details of their latest advisories. If you’d rather watch the video…

We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group.

Mac users should be aware of an active distribution campaign via malicious ads delivering Atomic Stealer. The latest iteration of the malware is stealthy thanks to added encryption and obfuscation of its code.

Volexity has uncovered active in-the-wild exploitation of two vulnerabilities allowing unauthenticated remote code execution in Ivanti Connect Secure VPN appliances. An official security advisory and knowledge base article have been released by Ivanti that…

WhatsApp, Telegram and Signal clones and mods remain a popular vehicle for malware distribution.Here's how to avoid getting taken for a ride.

Discover how GitHub is increasingly exploited for cyberattacks in our latest report.

A threat actor we track under the Intrusion set Water Curupira (known to employ the Black Basta ransomware) has been actively using Pikabot. a loader malware with similarities to Qakbot, in spam campaigns throughout 2023.

Trend Micro collaborates with INTERPOL to defend FIFA World Cup by preventing attacks & mitigating risks to fight against the rising threat of cybercrime.

This blog delves into the Phemedrone Stealer campaign's exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware's payload.

Learn advanced root detection techniques on Android and practical methods to bypass them using Frida. Covers common detection libraries and evasion strategies.

Learn ARM64 Binary Exploitation and get around ASLR and NX constraints in our Part 7 of the ARM64 Reversing and Exploitation Series. Read more !

Doctor Web is reporting on an increase in cases of cryptocurrency-mining trojans being found hidden in pirated software that is available in Telegram and on some Internet sites.

GitLab has warned about a critical vulnerability that allows an attacker to change passwords without user interaction.