Threat analysis: The emergent URSA trojan impacts many countries using a sophisticated loader
Threat analysis: The emergent URSA trojan impacts many countries using a sophisticated loader.
Categoria: reverse engineering
New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader
New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader.
TroyStealer – A new info stealer targeting Portuguese Internet users
TroyStealer – A new info stealer targeting Portuguese internet users.
In-depth analysis of a trojan banker impacting Portugal and Brazil
In-depth analysis of a trojan banker impacting users in Portugal and Brazil at the end of May 2020.
Trojan Lampion is back after 3 months
Trojan Lampion is back after 3 months. The malware was observed last days with a new obfuscation layer, new C2, and distributed inside an MSI file.
Brazilian trojan banker is targeting Portuguese users using browser overlay
Brazilian trojan banker is targeting Portuguese users using browser overlay.
Targeting Portugal: A new trojan ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax
Targeting Portugal: A new trojan ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax.
SI-LAB: O backstage da campanha de phishing do BPI
Modus operandi da campanha de phishing do BPI – os ficheiros maliciosos que suportam a campanha.
[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services
EMOTET spread in Chile targeted financial and banking services. SI-LAB detected hundreds of users that were impacted by this malware between March 18th and 26th of 2019.
Workshop: Strategies to develop FUD malware
A workshop titled Strategies for Developing FUD Malware was conducted during Infoweb days at UBI on March 21th, 2019.
NSA lança finalmente o GHIDRA 9.0 — Uma poderosa ferramenta para Reverse Engineering
NSA lança finalmente o GHIDRA 9.0 — Uma poderosa ferramenta para Reverse Engineering.
[SI-LAB] The story of the JCry ransomware spread in #OpJerusalem2019 is now infecting Windows users
[SI-LAB] The story of the JCry ransomware spread in #OpJerusalem2019 is now infecting Windows users
[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle
FlawedAmmyy is leveraging undetected XLM macros as an Infection Vehicle to compromise user’s devices.
[SI-LAB] The Muncy malware is on the rise
The recent malware dubbed Muncy has been distributed via DHL phishing campaigns worldwide.