Collaborate Disseminate
The ability of these simple files to open Excel and download any data from the internet makes them extremely dangerous. Continue reading Creative Spam Thinks Outside the Macro with .IQY Attachments
In this episode of Tradecraft Security Weekly hosts Beau Bullock (@dafthack) and Mike Felch (@ustayready) discuss methods for evading network-based detection mechanisms. Many commercial IDS/IPS devices do a pretty decent job of detecting standard pente… Continue reading Evading Network-Based Detection Mechanisms – Tradecraft Security Weekly #24
I published the following diary on isc.sans.org: “Example of Getting Analysts & Researchers Away“. It is well-known that bad guys implement pieces of code to defeat security analysts and researchers. Modern malware’s have VM evasion techniques to detect as soon as possible if they are executed in a sandbox environment. The same applies
[The post [SANS ISC Diary] Example of Getting Analysts & Researchers Away has been first published on /dev/random]
Continue reading [SANS ISC Diary] Example of Getting Analysts & Researchers Away
We’ve been tracking some more spam dropping Zepto ransomware variants. Like earlier posts, we’re seeing infected attachments with malicious macro scripts used as the entry point for the threat actor. (See images below of some recent spam samples.) As we dig deeper into our analysis, we found out that these macro scripts are not crafted […]
The post Zepto Evasion Techniques appeared first on ThreatTrack Security Labs Blog.