Date Author Title
2023-12-15Xavier MertensCSharp Payload Phoning to a CobaltStrike Server
2023-07-12Brad DuncanLoader activity for Formbook "QM18"
2023-06-24Guy BruneauEmail Spam with Attachment Modiloader
2023-06-19Xavier MertensMalware Delivered Through .inf File
2023-05-30Brad DuncanMalspam pushes ModiLoader (DBatLoader) infection for Remcos RAT
2022-07-07Brad DuncanEmotet infection with Cobalt Strike
2022-05-30Xavier MertensNew Microsoft Office Attack Vector via "ms-msdt" Protocol Scheme (CVE-2022-30190)
2022-04-06Brad DuncanWindows MetaStealer Malware
2022-01-25Bojan ZdrnjaLocal privilege escalation vulnerability in polkit's pkexec (CVE-2021-4034)
2021-10-01Xavier MertensNew Tool to Add to Your LOLBAS List: cvtres.exe
2021-02-13Guy BruneauvSphere Replication updates address a command injection vulnerability (CVE-2021-21976) - https://www.vmware.com/security/advisories/VMSA-2021-0001.html
2020-09-15Brad DuncanTraffic Analysis Quiz: Oh No... Another Infection!
2020-08-05Brad DuncanTraffic Analysis Quiz: What's the Malware From This Infection?
2020-03-26Xavier MertensVery Large Sample as Evasion Technique?
2020-02-14Xavier MertensKeep an Eye on Command-Line Browsers
2019-11-13Brad DuncanAn example of malspam pushing Lokibot malware, November 2019
2019-08-28Xavier MertensMalware Samples Compiling Their Next Stage on Premise
2018-10-10Xavier MertensNew Campaign Using Old Equation Editor Vulnerability
2018-05-25Xavier MertensAntivirus Evasion? Easy as 1,2,3
2018-05-07Xavier MertensAdding Persistence Via Scheduled Tasks
2017-11-25Guy BruneauExim Remote Code Exploit
2017-03-19Xavier MertensSearching for Base64-encoded PE Files
2017-01-30Didier Stevenspy2exe Decompiling - Part 2
2016-04-15Xavier MertensWindows Command Line Persistence?
2016-02-18Xavier MertensHunting for Executable Code in Windows Environments
2015-10-12Guy BruneauCritical Vulnerability in Multiple Cisco Products - Apache Struts 2 Command Execution http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2
2015-04-08Tom WebbIs it a breach or not?
2013-09-18Rob VandenBrinkCisco DCNM Update Released
2013-05-20Guy BruneauSafe - Tools, Tactics and Techniques
2013-04-15Rob VandenBrinkOops - You Mean That Deleted Server was a Certificate Authority?
2013-02-16Lorna HutchesonFedora RedHat Vulnerabilty Released
2012-03-16Russ McReeMS12-020 RDP vulnerabilities: Patch, Mitigate, Detect
2011-08-11Guy BruneauBlackBerry Enterprise Server Critical Update
2010-05-12Rob VandenBrinkAdobe Shockwave Update
2010-03-10Rob VandenBrinkMicrosoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7
2010-02-28Mari NicholsDisasters take practice
2009-08-08Guy BruneauXML Libraries Data Parsing Vulnerabilities
2009-05-29Lorna HutchesonVMWare Patches Released
2009-05-11Mari NicholsSysinternals Updates 3 Applications
2009-03-10Swa Frantzenconspiracy fodder: pifts.exe