Andrea Fortuna
Just some random thoughts about the Meaning of Life, The Universe, and Everything

  • About
  • Cybersecurity
  • Music

Wietze Beukema: almost 300 Windows 10 executables are vulnerable to DLL hijacking

I’ve already written about DLL Hijacking, but today I’d like to share a really interesting research by Wietze Beukema.

Continue…
  • Malware Analysis

RIPlace: a new evasion technique that allows ransomware to bypass most antivirus

Researchers by cybersecurity firm Nyotron has discovered a new way that lets windows malware to modify files in a unique style that current anti-ransomware solutions are unable to identify.

Continue…
  • Malware Analysis

Also Node.js has been used to perform a Living off the Land (LotL) attack

Researchers from Cisco Talos recently discovered a new malware loader being used to deliver and infect systems using NodeJS as well as the legitimate open-source utility WinDivert.

Continue…
  • Malware Analysis

PEpper: a python script to perform malware static analysis on Portable Executable format

A useful tool: fast and easy to use.

Continue…
  • Cybersecurity
  • Malware Analysis

CVE-2019-1132: a Windows Zero-Day exploited by Buhtrap Group in espionage campaigns

According to experts at ESET, the Windows zero-day vulnerability CVE-2019-1132 was exploited by the Buhtrap threat group in a targeted attack aimed at a government organization in Eastern Europe.

Continue…
  • Cybersecurity
  • Malware Analysis

New version of FinFisher spyware used to spy on iOS and Android users in 20 countries

Malware researchers from Kaspersky have discovered new and improved versions of the FinFisher spyware, able o infect both Android and iOS devices.

According to the experts, the new versions have been active at least since 2018, one of the samples analyzed was used last month in Myanmar, where local government is accused of violating human rights.

Continue…
  • Cybersecurity
  • Malware Analysis

‘Agent Smith’ malware has infected Android apps on 25 million devices

According to security firm Check Point, a newly discovered Android malware that replaces portions of apps with its own code has infected more than 25 million devices.

Continue…
  • Cybersecurity
  • Malware Analysis

SNDBOX: using Artificial Intelligence for malware analysis

Cybersecurity researchers Ran Dubin and Ariel Koren have developed a new platform form malware analysis, based on an AI engine.

Continue…
  • Malware Analysis

Process Injection and Persistence using Application Shimming

Microsoft provides Shims to developers mainly for backward compatibility, but malware can take advantage of shims to target an executable for both persistence and injection.

Continue…
  • Malware Analysis

Some thoughts about Windows Userland Rootkits

Rootkits are tools and techniques used to hide malicious modules from being noticed by system monitoring.

Continue…
  • Malware Analysis
« Older
Proudly developed by Andrea Fortuna
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok