2015 Analysis Computer and Electronics Encryption 
Security Affairs
OCTOBER 17, 2018
Today I’d like to share an interesting analysis of a Targeted Attack found and dissected by Yoroi (technical details are available here ). At a first sight, the office document had an encrypted content available on OleObj.1 And why the attacker used an encrypted payload if the victim cannot open it? 1 and OleObj.2.
Data Matters
FEBRUARY 6, 2019
On December 3, 2018, twelve attorneys general (“AGs”) jointly filed a data breach lawsuit against Medical Informatics Engineering and its subsidiary, NoMoreClipboard LLC (collectively “the Company”), an electronic health records company, in federal district court in Indiana. See Indiana v. Informatics Eng’g, Inc. , 3:18-cv-00969 (N.D.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
APRIL 5, 2019
This is not going to be a full path analysis so If you are interested in a more complete one, including dissection steps on final payloads, please refer to some of my previous analysis ( HERE , HERE , HERE ) or to Yoroi’s Blog. The used variable holds a Base64 representation of encrypted data. Traffic Patterns Stage3.
Security Affairs
OCTOBER 14, 2019
Today I’d like to share a quick analysis resulted by a very interesting email which claimed to deliver a SOC “weekly report” on the victim email. Technical Analysis. Analysis of dropped and executed file (emotet). AV and plenty static traffic signatures confirm we are facing a new encrypted version of Emotet trojan.
Security Affairs
JULY 7, 2019
The SilentTrinity malware can take control over an infected computer, it allows attackers to execute arbitrary commands. ” reads the analysis published by Positive Technologies. Further technical details, including IoCs are reported in the analysis shared by the experts. The result is sent back to the C2 server.
Security Affairs
AUGUST 7, 2019
Security researcher Marco Ramilli presents a comparative analysis of attacks techniques adopted by the Iran-Linked OilRig APT group. Today I’d like to share a comparative analysis of OilRig techniques mutation over time. The original post and other interesting analysis are published on the Marco Ramilli’s blog: [link].
Security Affairs
AUGUST 20, 2018
During the analysis time, only really few Antivirus (6 out of 60) were able to “detect” the sample. In this stage the JavaScript is loading an encrypted content from the original JAR, using a KEY decrypts such a content and finally loads it (Dynamic Class Loader) on memory in order to fire it up as a new Java code.
Expert insights. Personalized for you.
87 
Let's personalize your content