You might be interested in …

[ThreatPost] Effective Threat-Hunting Queries in a Redacted World

All posts, ThreatPost

Chad Anderson, senior security researcher for DomainTools, demonstrates how seemingly disparate pieces of infrastructure information can form perfect fingerprints for tracking cyberattackers’ infrastructure. Source: Read More (Threatpost)

Read More

[HackerNews] Google Warns of a New Way Hackers Can Make Malware Undetectable on Windows

All posts, HackerNews

Cybersecurity researchers have disclosed a novel technique adopted by threat actors to deliberately evade detection with the help of malformed digital signatures of its malware payloads. “Attackers created malformed code signatures that are treated as valid by Windows but are not able to be decoded or checked by OpenSSL code — which is used in […]

Read More

[SANS ISC] Waiting for the C2 to Show Up, (Fri, Aug 20th)

All posts, Sans-ISC

Keep this in mind: “Patience is key”. Sometimes when you are working on a malware sample, you depend on online resources. I’m working on a classic case: a Powershell script decodes then injects a shellcode into a process. There are plenty of tools that help you to have a good idea of a shellcode behavior (like scdbg[1]): […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.