persistence Archives

Hot Topics

Introducing Goffloader: A Pure Go Implementation of an In-Memory COFFLoader and PE Loader
The Role of Digital Adoption in Email Deliverability & Security
Demystifying SOC 2 Compliance for Startups: A Simple Guide
Happy Canada Labour Day! / Bonne Fête du Travail Canadienne!
Happy United States Labor Day 2024 / Feliz Fin de Semana del Día del Trabajo de Estados Unidos 2024 / Joyeux Fin de Semaine de la Fête du Travail aux États-Unis 2024

GHOSTENGINE Exploit: Vulnerable Drivers Facing Attack

Wajahat Raja | June 6, 2024 | BYOVD, Command-and-Control (C2), Cryptojacking, Cyber Threats, Cybersecurity, Cybersecurity News, Elastic Security Labs, Endpoint Detection and Response (EDR), Exploit, GHOSTENGINE, Microsoft Defender Antivirus, persistence, PowerShell Script, security protocols, System Performance, vulnerability patching, Vulnerable drivers, XMRig miner

A recent revelation in the cybersecurity realm uncovers a concerning development dubbed GHOSTENGINE, a cryptojacking campaign employing a sophisticated method to bypass security measures. In this blog, we’ll look at the GHOSTENGINE ...

TuxCare

PyPI Malicious Package Uploads Used To Target Developers

In light of the recent cybercriminal activity, new user sign-ups on the PyPI platform were halted. Currently, an increase in PyPI malicious package uploads is being deemed the reason behind the suspension ...

TuxCare

Mozi IoT Botnet: Kill Switch Halts Operations

Wajahat Raja | November 13, 2023 | Botnet disruption, Botnet operators, Botnet Takedown, Control payload, Cyber Threats, Cybersecurity, Cybersecurity Insights, Cybersecurity News, Digital realm protection, Internet of Things (IoT), kill switch, malicious actors, Malware families, Mozi IoT Botnet, Network Security, persistence

In a surprising turn of events, the Mozi botnet experienced a sudden and significant drop in malicious activities in August 2023. This unexpected decline was attributed to the deployment of a “kill ...

TuxCare

GoDaddy Hosting Hacked — for FOURTH Time in 4 Years

Richi Jennings | February 20, 2023 | cPanel, GoDaddy, GoDaddy hacked, godaddy.com, hacked WordPress, hosting, hosting provider, persistence, Persistent Threats, SB Blogwatch, webhosting, Website Hosting

GoDaddy’s web hosting service breached yet again. This time, the perps were redirecting legit websites to malware ...

Security Boulevard

This Mouse Gives you Admin on Windows

Richi Jennings | August 23, 2021 | Driver security in Windows 10, It only takes a shift-right-click, persistence, Privilege Escalation, Razer, SB Blogwatch

Razer gaming mice come with a classic elevation of privilege bug. And one that’s incredibly simple to exploit: Just plug in a mouse ...

Security Boulevard

Scranos Revisited – Rethinking persistence to keep established network alive

Bogdan Botezatu | June 25, 2019 | Anti-Malware Research, DLL Hijacking, persistence, Scranos, Whitepapers

In April, Bitdefender broke the news of an emerging botnet dubbed Scranos. Originating from China, it has spread across Europe and the United States, snaring Windows and Android devices with advertising fraud ...

Bitdefender Labs

The MITRE ATT&CK Framework: Persistence

Travis Smith | August 6, 2018 | ATT&CK, Featured Articles, MITRE Framework, persistence

When I first started researching ATT&CK last year, Persistence was the tactic which made me fall in love. Even though I have been in the industry for some time, I learned more ...

The State of Security

Many ways of malware persistence (that you were always afraid to ask)

Z | May 5, 2015 | Malware, persistence, Windows

TL;DR: Are you into red teaming? Need persistence? This post is not that long, read it ;)Are you into blue teaming? Have to find those pesky backdoors? This post is not that ...

Jump ESP, jump!

Kansa: Get-AutorunscDeep.ps1 — Taking Autorunsc to 11

davehull | March 25, 2015 | asep, autoruns, DFIR, entropy, Get-AutorunscDeep.ps1, IR, Kansa, persistence

I wanted to put up a quick post about a new Kansa collector I recently added -- Get-AutorunscDeep.ps1. Sysinternals' Autoruns is a great utility for finding auto-start extension points in Windows and ...

trustedsignal -- blog