Researchers at Emsisoft developed a decryptor for the Planetary Ransomware family that could allow victims to decrypt their files for free. Good news for the victims of the Planetary Ransomware, security firm Emsisoft has released a decryptor that...
Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively...
ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original...
Malware researcher and founder of Yoroi Marco Ramill described a step-by-step procedure that shows how to dissect an Office dropper. During the past few weeks, I received several emails asking how to dissect Office Payloads. While I was thinking...
NSA released the complete source code for its GHIDRA suite, the version 9.0.2 is available on the Agency's Github repository. In January 2019, the National Security Agency (NSA) announced the release at the RSA Conference of the free reverse engineering...
Security experts at Trend Micro spotted a new variant of the XLoader Trojan that is targeting Android devices by posing as a security application. Trend Micro discovered a new variant of the XLoader Trojan that is targeting Android devices by posing...
Crime without punishment: Group-IB issues a new report on JS-sniffers that infected 2440 websites around the world Group-IB, an international company that specializes in preventing cyberattacks, has issued a new comprehensive report on the analysis...
Cybaze-Yoroi ZLAB malware researchers decided to use the NSA Ghidra suite in a real case study, the analysis of the AZORult malware. Introduction One of the most expected moments in the infosec community during the last few months was, with no doubt,...
The popular expert unixfreaxjp analyzed a new China ELF DDoS'er malware tracked as "Linux/DDoSMan" that evolves from the Elknot malware to deliver new ELF bot. Non-Technical-Premise “This report is meant for incident response or Linux forensics...
Another ransomware attack made the headlines, this time the victim is the City of Albany, its computer systems were infected with the malware. Computer systems in the City of Albany, New York, were infected with ransomware over the weekend that disrupted...