You might be interested in …

Daily NCSC-FI news followup 2020-12-11

AIVD exposes espionage network in the Netherlands; two Russian intelligence officers forced to leave the country Recently the General Intelligence and Security Service (“Algemene Inlichtingen- en Veiligheidsdienst” AIVD) disrupted the covert activities of an intelligence officer of the Russian civil intelligence agency SVR. The intelligence officer – who worked at the Russian Embassy in […]

Read More

[SANS ISC] Obfuscated Maldoc: Reversed BASE64, (Sat, Nov 13th)

All posts, Sans-ISC

Reader Colin submitted a malicious document. It’s a Word document with VBA code, as we can see in oledump‘s report: As streams A3 and A10 with VBA code don’t look that large, I use options -s a -v to extract all VBA code with one command: The VBA code is accessing keywords and the content […]

Read More

[TheRecord] Microsoft finds Shrootless, a macOS bug that lets malware install rootkits

Apple has patched on Monday a vulnerability in the macOS Big Sur and Monterey operating systems that can be abused to bypass the SIP security feature and install kernel rootkits. Described for the first time in a blog post published today by Jonathan Bar Or, a security researcher at Microsoft, the vulnerability is tracked under the CVE-2021-30892 identifier, but […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.