persistence
GHOSTENGINE Exploit: Vulnerable Drivers Facing Attack
A recent revelation in the cybersecurity realm uncovers a concerning development dubbed GHOSTENGINE, a cryptojacking campaign employing a sophisticated method to bypass security measures. In this blog, we’ll look at the GHOSTENGINE ...
PyPI Malicious Package Uploads Used To Target Developers
In light of the recent cybercriminal activity, new user sign-ups on the PyPI platform were halted. Currently, an increase in PyPI malicious package uploads is being deemed the reason behind the suspension ...
Mozi IoT Botnet: Kill Switch Halts Operations
In a surprising turn of events, the Mozi botnet experienced a sudden and significant drop in malicious activities in August 2023. This unexpected decline was attributed to the deployment of a “kill ...
GoDaddy Hosting Hacked — for FOURTH Time in 4 Years
GoDaddy’s web hosting service breached yet again. This time, the perps were redirecting legit websites to malware ...
This Mouse Gives you Admin on Windows
Razer gaming mice come with a classic elevation of privilege bug. And one that’s incredibly simple to exploit: Just plug in a mouse ...
Scranos Revisited – Rethinking persistence to keep established network alive
In April, Bitdefender broke the news of an emerging botnet dubbed Scranos. Originating from China, it has spread across Europe and the United States, snaring Windows and Android devices with advertising fraud ...
The MITRE ATT&CK Framework: Persistence
When I first started researching ATT&CK last year, Persistence was the tactic which made me fall in love. Even though I have been in the industry for some time, I learned more ...
Many ways of malware persistence (that you were always afraid to ask)
TL;DR: Are you into red teaming? Need persistence? This post is not that long, read it ;)Are you into blue teaming? Have to find those pesky backdoors? This post is not that ...
Kansa: Get-AutorunscDeep.ps1 — Taking Autorunsc to 11
I wanted to put up a quick post about a new Kansa collector I recently added -- Get-AutorunscDeep.ps1. Sysinternals' Autoruns is a great utility for finding auto-start extension points in Windows and ...