Troystealer malware analysis
We are living in an era where malware is part of our daily lives. Emergent campaigns are increasing, each more sophisticated and harder to detect…
How to create a subdomain enumeration toolkit
Introduction A domain name is an important part of the reconnaissance process during a security assessment or even for many bug bounty challenges. In this…
Using Merlin agents to evade detection
Introduction While penetration testing and Red Teaming are crucial to check a system’s security and to validate potential entry-points in the infrastructure, sometimes establishing an…
Fuzzing introduction: Definition, types and tools for cybersecurity pros
Introduction Fuzzing is a black-box software testing technique and consists of finding implementation flaws and bugs by using malformed/semi-malformed payloads via automation. Fuzzing an application…
Malware analysis: Details on LockBit ransomware
Introduction LockBit is a data encryption malware in operation since September 2019 and a recent Ransomware-as-a-Service (RaaS), in which developers are in charge of the payment site…
Ransomware deletion methods and the canary in the coal mine
Introduction Ransomware is an emergent threat. Every week, there is a new and notable outbreak of this class of data encryption malware. From Ragnar Locker to Netwalker, the threats…
The new maxtrilha trojan is being disseminated and targeting several banks
A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and…
Bypassing security products via DNS data exfiltration
Criminals are using different strategies to compromise computer networks, infrastructures, and organizations. Cyber incidents have increased in number and complexity since the exploitation of public…
Netwalker ransomware full analysis
Netwalker is a data encryption malware that represents an evolution of the well-known Kokoklock ransomware and has been active since September 2019. This article will detail the specific technical features of the Netwalker ransomware. We will analyze what Netwalker is, how it works, and how you can avoid falling victim to this threat.
Phishing+Telegram: Solicitação de reembolso da Autoridade Tributária?
Phishing+Telegram: Solicitação de reembolso da Autoridade Tributária?
Fraude personificando a marca Continente espalha-se através do WhatsApp: Não se deixe enganar!
Nos últimos dias, uma nova campanha fraudulenta personificando a marca Continente tem atingido os utilizadores portugueses. A campanha tem a capacidade de se auto-propagar via WhatsApp.
NIST ransomware recovery guide: What you need to know
NIST ransomware recovery guide: What you need to know.
How to protect files with canary tokens
This article provides some hints and tricks on keeping data away from hackers. However, we will not describe an approach to stop the exploitation of vulnerabilities and the leak of information. Instead, a method based on canary tokens can be used by developers and IT professionals to receive alerts when something strange happens in their infrastructures and applications.
Ragnar Locker – Malware analysis
Ragnar Locker is ransomware that affects devices running Microsoft Windows operating systems. It was initially observed towards the end of December 2019 as part of a series of attacks against compromised networks.
Secrets behind the Lazarus’s VHD ransomware
Data encryption malware is one of the most popular malware families in recent years and targets mass volumes of users and companies around the world. In this article, we will take a deep dive into a new VHD ransomware distributed in the wild by the Lazarus group — the criminals behind the WannaCry incident in 2017.
The clandestine Horus Eyes RAT: From the underground to criminals’ arsenal
The clandestine Horus Eyes RAT: From the underground to criminals’ arsenal.