In-depth analysis of a trojan banker impacting Portugal and Brazil
In-depth analysis of a trojan banker impacting users in Portugal and Brazil at the end of May 2020.
Categoria: reverse engineering
Trojan Lampion is back after 3 months
Trojan Lampion is back after 3 months. The malware was observed last days with a new obfuscation layer, new C2, and distributed inside an MSI file.
Brazilian trojan banker is targeting Portuguese users using browser overlay
Brazilian trojan banker is targeting Portuguese users using browser overlay.
Targeting Portugal: A new trojan ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax
Targeting Portugal: A new trojan ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax.
SI-LAB: O backstage da campanha de phishing do BPI
Modus operandi da campanha de phishing do BPI – os ficheiros maliciosos que suportam a campanha.
[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services
EMOTET spread in Chile targeted financial and banking services. SI-LAB detected hundreds of users that were impacted by this malware between March 18th and 26th of 2019.
Workshop: Strategies to develop FUD malware
A workshop titled Strategies for Developing FUD Malware was conducted during Infoweb days at UBI on March 21th, 2019.
NSA lança finalmente o GHIDRA 9.0 — Uma poderosa ferramenta para Reverse Engineering
NSA lança finalmente o GHIDRA 9.0 — Uma poderosa ferramenta para Reverse Engineering.
[SI-LAB] The story of the JCry ransomware spread in #OpJerusalem2019 is now infecting Windows users
[SI-LAB] The story of the JCry ransomware spread in #OpJerusalem2019 is now infecting Windows users
[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle
FlawedAmmyy is leveraging undetected XLM macros as an Infection Vehicle to compromise user’s devices.
[SI-LAB] The Muncy malware is on the rise
The recent malware dubbed Muncy has been distributed via DHL phishing campaigns worldwide.
NSA irá apresentar a ferramenta de reverse GHIDRA na RSA Conference
O NSA irá apresentar a sua ferramenta de reverse engineering GHIDRA na RSA Conference.
[SI LAB] Trojan.VB.Crypt – New RAT has been distributed in-the-wild by criminals
SI LAB: Trojan.VB.Crypt – New RAT has been distributed in-the-wild by criminals
Drive-by download campaign targets Chinese websites
According to a research performed by Malwarebytes, sometimes are identified some bizarre findings or patterns we haven’t seen before. This was the case with a particular drive-by download attack planted on Chinese websites.
Vulnerabilidade zero-day no Telegram
Em outubro de 2017 foi descoberta uma vulnerabilidade no cliente Windows do Telegram que estava a ser explorada massivamente pelos hackers. A vulnerabilidade diz respeito a um ataque right-to-left override e que acontece quando um utilizador envia p.ex., um ficheiro.
Sonic apps in the Google Play published by SEGA leak users’ data
Android apps such as Sonic Dash, Sonic the Hedgehog™ Classic, and Sonic Dash 2: Sonic Boom, that have been totally downloaded millions of times are compromising user’s date.