The Threat in the Cloud: Phishing Abuses Amazon AWS S3 Buckets

An ongoing campaign is hosting its phishing landing pages on enterprise-class public cloud storage services — a nascent trend meant to throw defenders off. Continue reading The Threat in the Cloud: Phishing Abuses Amazon AWS S3 Buckets

Evading Network-Based Detection Mechanisms – Tradecraft Security Weekly #24

In this episode of Tradecraft Security Weekly hosts Beau Bullock (@dafthack) and Mike Felch (@ustayready) discuss methods for evading network-based detection mechanisms. Many commercial IDS/IPS devices do a pretty decent job of detecting standard pente… Continue reading Evading Network-Based Detection Mechanisms – Tradecraft Security Weekly #24

[SANS ISC Diary] Example of Getting Analysts & Researchers Away

I published the following diary on isc.sans.org: “Example of Getting Analysts & Researchers Away“. It is well-known that bad guys implement pieces of code to defeat security analysts and researchers. Modern malware’s have VM evasion techniques to detect as soon as possible if they are executed in a sandbox environment. The same applies

[The post [SANS ISC Diary] Example of Getting Analysts & Researchers Away has been first published on /dev/random]

Continue reading [SANS ISC Diary] Example of Getting Analysts & Researchers Away

Zepto Evasion Techniques

We’ve been tracking some more spam dropping Zepto ransomware variants. Like earlier posts, we’re seeing infected attachments with malicious macro scripts used as the entry point for the threat actor. (See images below of some recent spam samples.) As we dig deeper into our analysis, we found out that these macro scripts are not crafted […]

The post Zepto Evasion Techniques appeared first on ThreatTrack Security Labs Blog.

Continue reading Zepto Evasion Techniques