Incident Response Analyst Report 2019
Download full report (PDF) As an incident response service provider, Kaspersky delivers a global service that results in global visibility...
TA551 (Shathak) Word docs push IcedID (Bokbot)
Introduction I've been tracking malicious Word documents from the TA551 (Shathak) campaign This year, we've seen a lot of Valak...
A Fork of the FTCode Powershell Ransomware, (Thu, Aug 6th)
Yesterday, I found a new malicious Powershell script that deserved to be analyzed due to the way it was dropped...
Gtunnel – A Robust Tunelling Solution Written In Golang
A TCP tunneling suite built with golang and gRPC. gTunnel can manage multiple forward and reverse tunnels that are all...
Taowu – A CobaltStrike Toolkit
TaoWu(檮杌) is a CobaltStrike toolkit. All the scripts are gathered on the Internet and slightly modified by myself. You can...
Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 1 Sessions
Boy, oh boy, has Black Hat changed. Where we once looked up at the neon lights of Las Vegas, we...
Metasploit 6 Now Under Active Development
Today the Metasploit team is pleased to announce active development of Metasploit Framework 6.0, available now for testing and community...
Data Accountability and Transparency Act of 2020 looks beyond consent
In the United States, data privacy is hard work—particularly for the American people. But one US Senator believes it shouldn’t...
Business email compromise: gunning for goal
The evergreen peril of business email compromise (BEC) finds itself in the news once more. This time, major English Premier...
Lock and Code S1Ep12: Pinpointing identity and access management’s future with Chuck Brooks
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the...
Here’s All you Need to Know About Instagram Reels; Launched Globally in Over 50 Countries
As TikTok fell prey to extensive criticism and was labeled as a 'threat to security' by governments, resulting in the...
The scale of data leaks of patients with coronavirus in Russia has become known
More than a third of all cases of leaks of personal data of patients with coronavirus, as well as suspected...
WastedLocker ransomware uses a sophisticated trick by abusing Windows features to avoid detection
WastedLocker has been in the highlights for a successful attack on wearable tech and smartwatch manufacturer Garmin and was paid...
UEFI_RETool – A Tool For UEFI Firmware Reverse Engineering
A tool for UEFI firmware reverse engineering.UEFI firmware analysis with uefi_retool.py scriptUsage:Copy ida_plugin/uefi_analyser.py script and ida_plugin/uefi_analyser directory to IDA plugins...
Netenum – A Tool To Passively Discover Active Hosts On A Network
Network reconnaisance tool that sniffs for active hostsIntroductionNetenum passively monitors the ARP traffic on the network. It extracts basic data...
Google Bans Hacked Political Content Ahead of the US Elections, Implements New Google Ads Policy
The presidential elections in the US are near. Keeping this in mind, Google has announced a new policy that will...
Personal data of one million Moscow car owners were put up for sale on the Internet
On July 24, an archive with a database of motorists was put up for sale on one of the forums...
DLInjector-GUI – DLL Injector Graphical User Interface
DLInjector for Graphical User Interface.Faster DLL Injector for processes. It targets the process name to identify the target. The process...
Xeca – PowerShell Payload Generator
xeca is a project that creates encrypted PowerShell payloads for offensive purposes.Creating position independent shellcode from DLL files is also...
InsightIDR Now Connects to Zoom for Easy Monitoring
Zoom adoption has skyrocketed with spikes in remote working, but web application security needs to be a top priority to...
Why are Frida and QBDI a Great Blend on Android?
Introduction Reverse engineering of Android applications is usually considered as somewhat effortless because of the possibility of retrieving the Java...
The Council of the EU and Its First-Ever Sanctions against Persons or Entities Involved in Various Cyber-Attacks
The Council of the European Union imposed its first-ever sanction against persons or entities engaged with different cyber-attacks focusing on...
Cnitch – Container Snitch Checks Running Processes Under The Docker Engine And Alerts If Any Are Found To Be Running As Root
cnitch (snitch or container snitch) is a simple framework and command line tool for monitoring Docker containers to identify any...
Mistica – An Open Source Swiss Army Knife For Arbitrary Communication Over Application Protocols
Mística is a tool that allows to embed data into application layer protocol fields, with the goal of establishing a...
