Researchers from Cisco Talos recently discovered a new malware loader being used to deliver and infect systems using NodeJS as well as the legitimate open-source utility WinDivert.Continue reading
During a penetration test, once you get a local access to a target, you should start a local assessment of the machine in order to plan a correct tactic for privileges escalation and lateral movement.Continue reading
During the #malware #analysis process is useful to know how a #keylogger works, so I want to share a brief #example, written in #Powershell – #DFIR #cybersecurityContinue reading
How attackers can exploit Group Policy Preferences file in order to discover passwords?
And how SysAdmins can mitigate this vulnerability?
During the creation of a long article about lateral movement using WMI, i’ve collected a good number of techniques to remotely manipulate Windows Services using WMI and Powershell.Continue reading