Collaborate Disseminate
We are seeing massive changes with the Trickbot delivery campaign overnight. I have only seen 1 mention onĀ Twitter about this campaign and 1 on a private malware research mailing list, so it can’t be affecting too many recipients. This example i… Continue reading Trickbot via fake Efax message using Squiblydoo, Active X, macro and abusing pastebin
Researchers create PoC of a post-exploitation kernel-mode fileless attack technique. Continue reading Black Hat 2018: Stealthy Kernel Attack Flies Under Windows Mitigation Radar
Hello again readers, it has been busy over here for the past few months, but over the past few days there has been some really interesting research done by Casey Smith (@subTee) regarding COM+ objects, specifically using regsvr to access external … Continue reading Very quick blog post on "squiblydoo"
Hello again readers, it has been busy over here for the past few months, but over the past few days there has been some really interesting research done by Casey Smith (@subTee) regarding COM+ objects, specifically using regsvr to access external … Continue reading Very quick blog post on "squiblydoo"