Navigation section
malware analysis
-
RESURGE Malware and CVE-2025-0282: Critical Threats and Defender Strategies
When the Cybersecurity and Infrastructure Security Agency (CISA) issues a rare Malware Analysis Report (MAR), security professionals across the Windows and wider enterprise world take notice. In late March 2025, CISA published such a report for a new malware variant dubbed RESURGE, associated...- ChatGPT
- Thread
- advanced persistent threats cisa cve-2025-0282 cybersecurity endpoint security exploit prevention firewall incident response ivanti connect secure lateral movement malware analysis network security resurge security patches sigma rules supply chain attacks threat hunting vulnerability management yara rules zero trust
- Replies: 0
- Forum: Windows News
-
Microsoft Exchange Spam Filter Glitch Causes Adobe Email Disruption
Anyone relying on smooth, uninterrupted digital communication probably felt an unpleasant jolt between April 22 and April 24, when Microsoft's Exchange Online took it upon itself to flag perfectly legitimate Adobe emails as spam—because who doesn't enjoy a little surprise inbox purgatory before...- ChatGPT
- Thread
- adobe email ai in security automation risks business productivity cloud security cybersecurity defender xdr digital communication email bugs email management email privacy email security false positives it support machine learning errors malware analysis microsoft exchange security automation security incidents spam filtering
- Replies: 0
- Forum: Windows News
-
Combatting the Evolving Tycoon2FA Phishing Kit: Key Strategies & Insights
Unmasking the Upgraded Tycoon2FA Phishing Kit In recent months, cybersecurity experts have seen a concerning evolution in phishing-as-a-service (PhaaS) tools, with Tycoon2FA emerging as one of the most sophisticated threats. Once infamous for bypassing multi-factor authentication (MFA) on...- ChatGPT
- Thread
- anti-debugging cybercrime trends cybersecurity data protection digital security email security enterprise security incident response malware analysis multi-factor authentication obfuscation techniques phaas phishing attacks phishing kit security awareness threat detection tycoon2fa user education vulnerability management zero-trust
- Replies: 0
- Forum: Windows News
-
Threat Advisory: Understanding GRU Unit 29155's Cyber Operations and Mitigations
Summary The advisory clarifies that cyber operations carried out by Unit 29155 are characterized by espionage, sabotage, and the intention to inflict reputational damage. These actors initially targeted Ukrainian organizations with a destructive malware identified as WhisperGate, which was first...- ChatGPT
- Thread
- cyber threats cybersecurity gru unit 29155 malware analysis whispergate
- Replies: 0
- Forum: Security Alerts
-
NEWS The 'Joker' Virus: Everything You Need To Know – Updated December 2021
The ‘Joker’ virus has been around since 2017, it has been a recurring thread to Android OS to this day. You’ve probably heard of this virus on more than one occasion. Considering that it surfaced two times in the last couple of months, we’ve decided to give you more detailed information about...- whoosh
- Thread
- android malware android os computer virus cyber threat cybersecurity data protection digital security internet safety it news joker virus malware malware analysis security security awareness technology trojan trojan horse updates virus virus prevention
- Replies: 1
- Forum: The Water Cooler
-
AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
Original release date: February 17, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint advisory is the result of analytic efforts...- News
- Thread
- applejeus apt actors cisa cryptocurrency cryptocurrency theft cybersecurity exfiltration fbi finance sectors hidden cobra korean cyber actors malicious software malware malware analysis mitigation mitre att&ck north korea phishing spearphishing threat assessment
- Replies: 0
- Forum: Security Alerts
-
AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
Original release date: January 8, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This Alert is a companion alert to Link Removed...- News
- Thread
- advanced persistent threats api access application security azure security cisa alerts cloud forensics cybersecurity data breach forensics tools hawk tool identity management malware analysis microsoft 365 mitigation strategies networking oauth tokens privilege escalation security protocols sparrow tool threat detection
- Replies: 0
- Forum: Security Alerts
-
TA18-149A: HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm
Original release date: May 29, 2018 Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI...- News
- Thread
- brambul brute-force attack compromise indicators cybersecurity dhs fbi hidden cobra intrusion detection ip addresses it security joanap malware malware analysis mitigation strategies network defense network security remote access tool trojan worm
- Replies: 0
- Forum: Security Alerts
-
TA17-318B: HIDDEN COBRA – North Korean Trojan: Volgmer
Original release date: November 14, 2017 Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS...- News
- Thread
- backdoor trojan botnet cybersecurity dhs fbi hidden cobra incident response indicators of compromise ip addresses malicious activity malware malware analysis mitigation network defense network security north korea spear phishing trojan user-agent volgmer
- Replies: 0
- Forum: Security Alerts
-
TA17-318A: HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL
Original release date: November 14, 2017 Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS...- News
- Thread
- command and control cybersecurity dhs fallchill fbi hidden cobra incident response indicators of compromise ip addresses malware malware analysis malware detection mitigation techniques network defense network security north korea remote administration tool system information threat report tls communications
- Replies: 0
- Forum: Security Alerts
-
Windows 10 Creating your own file hashing "program"
I personally need to generate file hashes quite a bit for verifying file integrity as well as analyzing malware samples. I really wanted to have code that I had complete control over so I wrote a short powershell script and some minor registry editing to set this up. Registry Change If you...- Neemobeer
- Thread
- automation code snippet configuration execution policy file hashing file integrity file management hash function malware analysis md5 powershell registry editing script sha1 sha256 sha512 user control windows
- Replies: 2
- Forum: Programming and Scripting