cybersecurity

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

News

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

Network traffic analysis often reveals hidden artifacts, including images transferred over HTTP. These images can contain valuable...

Advanced Shodan CLI Techniques for Security Professionals: xargs, Download & Parse

News

Advanced Shodan CLI Techniques for Security Professionals: xargs, Download & Parse

Security teams at enterprise organizations can leverage Shodan’s command-line interface (CLI) to enhance external threat intelligence gathering....

How to Use CSPLIT for Efficient Log Management in Security Operations

News

How to Use CSPLIT for Efficient Log Management in Security Operations

Security professionals often deal with large log files that can be cumbersome to analyze. The csplit utility...

Autonomous SOC Revolution: How AI is Transforming Cybersecurity Defense

Blue-Team

Autonomous SOC Revolution: How AI is Transforming Cybersecurity Defense

The security operations center (SOC) is undergoing a radical transformation through AI and cloud-native detection technologies. Traditional...

Trojan.PS1.POWLOAD.JKP: COVID-19 Themed PowerShell Malware Targeting Italian Users

Malware Analysis

Trojan.PS1.POWLOAD.JKP: COVID-19 Themed PowerShell Malware Targeting Italian Users

A new variant of the POWLOAD Trojan has emerged, leveraging COVID-19 themes to target Italian users through...

Trojanized Zoom Installers Deliver Cryptocurrency Miner: Analyzing Trojan.Win32.MOOZ.THCCABO

Malware Analysis

Trojanized Zoom Installers Deliver Cryptocurrency Miner: Analyzing Trojan.Win32.MOOZ.THCCABO

A new malware campaign has been identified distributing trojanized versions of Zoom installers bundled with cryptocurrency mining...

Fake Zoom Installers Deliver Backdoor.Win32.DEVILSHADOW.THEAABO Malware

Malware Analysis

Fake Zoom Installers Deliver Backdoor.Win32.DEVILSHADOW.THEAABO Malware

A newly identified backdoor malware, Backdoor.Win32.DEVILSHADOW.THEAABO, has been discovered embedded in counterfeit Zoom installer packages. This threat...

Backdoor.MSIL.BLADABINDI.THA: Analyzing the Persistent Windows Backdoor Threat

Malware Analysis

Backdoor.MSIL.BLADABINDI.THA: Analyzing the Persistent Windows Backdoor Threat

Backdoor.MSIL.BLADABINDI.THA represents a concerning Windows-based backdoor malware that security teams should monitor, particularly due to its recent...

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Malware Analysis

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Trojan.MSIL.SUPERNOVA.A represents a significant Windows-based threat with high damage potential despite its currently limited distribution. First identified...

Trojan.INF.HIDDENTEAR.THAOGBA: Analysis of a Low-Risk Windows Trojan with Autorun Persistence

Malware Analysis

Trojan.INF.HIDDENTEAR.THAOGBA: Analysis of a Low-Risk Windows Trojan with Autorun Persistence

Trojan.INF.HIDDENTEAR.THAOGBA is a Windows-based Trojan classified as low-risk by Trend Micro. It spreads through malicious downloads or...

Ransom.MSIL.COBRALOCKER.AA: Technical Analysis of an Evolving Ransomware Threat

Malware Analysis

Ransom.MSIL.COBRALOCKER.AA: Technical Analysis of an Evolving Ransomware Threat

Summary: Ransom.MSIL.COBRALOCKER.AA represents a Windows-targeting ransomware strain first identified in January 2021, demonstrating low distribution but high...

Understanding PUA.Win64.ProcHack.AC: A Low-Risk Windows PUA Security Teams Should Monitor

News

Understanding PUA.Win64.ProcHack.AC: A Low-Risk Windows PUA Security Teams Should Monitor

Security teams should be aware of PUA.Win64.ProcHack.AC, a Potentially Unwanted Application (PUA) targeting Windows systems that represents...

Trojan.Win64.COMBACKER.YABA-A: Analyzing the Persistent Low-Risk Threat to Windows Systems

News

Trojan.Win64.COMBACKER.YABA-A: Analyzing the Persistent Low-Risk Threat to Windows Systems

Trojan.Win64.COMBACKER.YABA-A represents a persistent though low-risk threat to Windows systems, first identified in January 2021 by Trend...

Ransom.MSIL.THANOS.THABGBA: A Low-Prevalence but High-Impact Ransomware Threat

Malware Analysis

Ransom.MSIL.THANOS.THABGBA: A Low-Prevalence but High-Impact Ransomware Threat

Ransom.MSIL.THANOS.THABGBA is a ransomware strain targeting Windows systems, classified as a low-risk threat due to its limited...

Trojan.MacOS.SLISP.A: Analyzing the Stealthy macOS Threat Targeting Sensitive Data

News

Trojan.MacOS.SLISP.A: Analyzing the Stealthy macOS Threat Targeting Sensitive Data

Trojan.MacOS.SLISP.A (also known as SilverSparrow) represents a sophisticated macOS threat with concerning data exfiltration capabilities. First identified...

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

Threat Intelligence

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

The Trojan.Win64.HAFNIUM.A malware represents a sophisticated threat targeting Microsoft Exchange servers, initially attributed to the Chinese state-sponsored...

ASTROLOCKER Ransomware: Technical Analysis and Defense Strategies

Malware Analysis

ASTROLOCKER Ransomware: Technical Analysis and Defense Strategies

The Ransom.Win64.ASTROLOCKER.THCBDBA ransomware represents a moderate-risk threat with high damage potential, primarily targeting Windows environments. First documented...

RedLine Stealer Malware: Analyzing the MSIL.YXBDM Variant’s Data Theft Capabilities

Malware Analysis

RedLine Stealer Malware: Analyzing the MSIL.YXBDM Variant’s Data Theft Capabilities

TrojanSpy.MSIL.REDLINESTEALER.YXBDM represents a sophisticated information-stealing malware targeting Windows systems, first identified by Trend Micro researchers in April...

RedLine Stealer Malware: Analyzing the Persistent Data-Theft Threat Targeting Credentials

Malware Analysis

RedLine Stealer Malware: Analyzing the Persistent Data-Theft Threat Targeting Credentials

TrojanSpy.MSIL.REDLINESTEALER.YXBDN represents a sophisticated Windows-based information stealer with demonstrated capabilities in credential harvesting across multiple applications. First...

Ransom.Win32.SODINOKIBI.YABGC: Technical Analysis of a REvil Ransomware Variant Targeting Windows Systems

Malware Analysis

Ransom.Win32.SODINOKIBI.YABGC: Technical Analysis of a REvil Ransomware Variant Targeting Windows Systems

The ransomware variant Ransom.Win32.SODINOKIBI.YABGC (a member of the REvil/Sodinokibi family) poses a significant threat to Windows environments...

Posts pagination

Previous 1 … 24 25 26 27 28 29 30 … 32 Next

cybersecurity

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

Advanced Shodan CLI Techniques for Security Professionals: xargs, Download & Parse

How to Use CSPLIT for Efficient Log Management in Security Operations

Trojan.PS1.POWLOAD.JKP: COVID-19 Themed PowerShell Malware Targeting Italian Users

Trojanized Zoom Installers Deliver Cryptocurrency Miner: Analyzing Trojan.Win32.MOOZ.THCCABO

Fake Zoom Installers Deliver Backdoor.Win32.DEVILSHADOW.THEAABO Malware

Backdoor.MSIL.BLADABINDI.THA: Analyzing the Persistent Windows Backdoor Threat

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Trojan.INF.HIDDENTEAR.THAOGBA: Analysis of a Low-Risk Windows Trojan with Autorun Persistence

Ransom.MSIL.COBRALOCKER.AA: Technical Analysis of an Evolving Ransomware Threat

Understanding PUA.Win64.ProcHack.AC: A Low-Risk Windows PUA Security Teams Should Monitor

Trojan.Win64.COMBACKER.YABA-A: Analyzing the Persistent Low-Risk Threat to Windows Systems

Ransom.MSIL.THANOS.THABGBA: A Low-Prevalence but High-Impact Ransomware Threat

Trojan.MacOS.SLISP.A: Analyzing the Stealthy macOS Threat Targeting Sensitive Data

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

ASTROLOCKER Ransomware: Technical Analysis and Defense Strategies

RedLine Stealer Malware: Analyzing the MSIL.YXBDM Variant’s Data Theft Capabilities

RedLine Stealer Malware: Analyzing the Persistent Data-Theft Threat Targeting Credentials

Ransom.Win32.SODINOKIBI.YABGC: Technical Analysis of a REvil Ransomware Variant Targeting Windows Systems

You may have missed

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

Google Chrome’s Security Update: Blocking Admin-Level Launches in Windows

Australian Human Rights Commission Data Breach: Technical Analysis and Impact