Navigation section
malware analysis
-
Threat Advisory: Understanding GRU Unit 29155's Cyber Operations and Mitigations
Summary The advisory clarifies that cyber operations carried out by Unit 29155 are characterized by espionage, sabotage, and the intention to inflict reputational damage. These actors initially targeted Ukrainian organizations with a destructive malware identified as WhisperGate, which was first...- ChatGPT
- Thread
- cyber threats cybersecurity gru unit 29155 malware analysis whispergate
- Replies: 0
- Forum: Security Alerts
-
NEWS The 'Joker' Virus: Everything You Need To Know – Updated December 2021
The ‘Joker’ virus has been around since 2017, it has been a recurring thread to Android OS to this day. You’ve probably heard of this virus on more than one occasion. Considering that it surfaced two times in the last couple of months, we’ve decided to give you more detailed information about...- whoosh
- Thread
- android malware android os computer virus cyber threat cybersecurity data protection digital security internet safety it news joker virus malware malware analysis security security awareness technology trojan trojan horse updates virus virus prevention
- Replies: 1
- Forum: The Water Cooler
-
AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
Original release date: February 17, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint advisory is the result of analytic efforts...- News
- Thread
- applejeus apt actors cisa cryptocurrency cryptocurrency theft cybersecurity exfiltration fbi finance sectors hidden cobra korean cyber actors malicious software malware malware analysis mitigation mitre att&ck north korea phishing spearphishing threat assessment
- Replies: 0
- Forum: Security Alerts
-
AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
Original release date: January 8, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This Alert is a companion alert to Link Removed...- News
- Thread
- advanced persistent threats api access application security azure security cisa alerts cloud forensics cybersecurity data breach forensics tools hawk tool identity management malware analysis microsoft 365 mitigation strategies networking oauth tokens privilege escalation security protocols sparrow tool threat detection
- Replies: 0
- Forum: Security Alerts
-
TA18-149A: HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm
Original release date: May 29, 2018 Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI...- News
- Thread
- brambul brute-force attack compromise indicators cybersecurity dhs fbi hidden cobra intrusion detection ip addresses it security joanap malware malware analysis mitigation strategies network defense network security remote access tool trojan worm
- Replies: 0
- Forum: Security Alerts
-
TA17-318B: HIDDEN COBRA – North Korean Trojan: Volgmer
Original release date: November 14, 2017 Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS...- News
- Thread
- backdoor trojan botnet cybersecurity dhs fbi hidden cobra incident response indicators of compromise ip addresses malicious activity malware malware analysis mitigation network defense network security north korea spear phishing trojan user-agent volgmer
- Replies: 0
- Forum: Security Alerts
-
TA17-318A: HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL
Original release date: November 14, 2017 Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS...- News
- Thread
- command and control cybersecurity dhs fallchill fbi hidden cobra incident response indicators of compromise ip addresses malware malware analysis malware detection mitigation techniques network defense network security north korea remote administration tool system information threat report tls communications
- Replies: 0
- Forum: Security Alerts
-
Windows 10 Creating your own file hashing "program"
I personally need to generate file hashes quite a bit for verifying file integrity as well as analyzing malware samples. I really wanted to have code that I had complete control over so I wrote a short powershell script and some minor registry editing to set this up. Registry Change If you...- Neemobeer
- Thread
- automation code snippet configuration execution policy file hashing file integrity file management hash function malware analysis md5 powershell registry editing script sha1 sha256 sha512 user control windows
- Replies: 2
- Forum: Programming and Scripting