Chinese state hackers are infiltrating operating systems to bypass antivirus detection. The Chinese state-backed hacking group known as Mustang Panda has been actively targeting Southeast Asian ...
The threat actor uses a signed driver file containing two user-mode shellcodes to execute its ToneShell backdoor. The Chinese espionage-focused APT Mustang Panda has been using a kernel-mode rootkit ...
A state-sponsored threat actor has launched a sophisticated cyber espionage campaign that exploits two vulnerabilities in Cisco firewall platforms, according to an advisory from Cisco Talos. The ...
A North Korea-linked threat actor hijacked the update mechanism of eScan antivirus to deploy backdoors and cryptocurrency miners. A threat actor linked to North Korean advanced persistent threat (APT) ...
StopCrypt ransomware is one of the most prolific yet underreported ransomware families due to its usual target of individuals rather than high-profile businesses or larger entities. We may not see ...
Update 3/15/24: Update added below where other researchers express concern the analyzed sample is old. Update 3/18/24: SonicWall explained to BleepingComputer that their original report incorrectly ...
Since version 0.3.9 PE-sieve offers also detection by custom set of patterns, that can be defined by the user. The file with the patterns need to be supplied after the parameter /pattern. Format: ...
Abstract: Code caves are used in cybersecurity and reverse engineering and describe the space in a PE file that consists of sequential and random unused or empty bytes. Malware writers and hackers ...
Threat hunters have unmasked the latest tricks adopted by a malware strain called GuLoader in an effort to make analysis more challenging. "While GuLoader's core functionality hasn't changed ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback