Community moderator Tristram (gh0x0st) shares with us an approach to scripting payload obfuscation via PowerShell in order to avoid AV and AMSI detection.

We'll use a reflected XSS vulnerability to frame the application login page in the IFrame trap, scrape the credentials from the login form as the victim…

Update: 10/15/2022
One of the hard parts of implementing a block like this is the concern that it will “break something”. The DFIR Report’s post on Bumblebee Round 2 has a great suggestion on how to detect legitimate (and illegitimate) use of ISO mounting…

At BlackHat CyberSecurity Conference 2022, Belgian security researcher Lennert Wouters revealed an attack he developed against the Starlink User Terminal. By creating a voltage fault injection on the device, Lennert was able to bypass the firmware security…

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do - a0rtega/pafish

Decompiler Explorer is an interactive online decompiler which shows equivalent C-like output of decompiled programs from many popular decompilers.

Introduction & Motivation Windows Sandbox is a feature that Microsoft added to Windows back in May 2019. As Microsoft puts it: Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the…

Sistema do governo do Brasil foi infectado com ransomware Everest na terça-feira (30). O impacto ainda incluiu um acesso que serve mais de 5 milhões de pessoas.

Foram 3 TB recolhidos e, agora, já temos alguns detalhes sobre a atuação do grupo cibercriminoso…

A Twitter post by the Twitter handle @DailyDarkWeb has informed that a ransom team is facilitating sale of unauthorized access for Brazilian Government. The name of the Ransom team is Everest.  The Twitter handle @DailyDarkWeb shared a screenshot of the update…