As part of my disaster recovery plan, I want to have offline backup of 2FA codes for online banking to generate OTPs without my phone in case of emergency. This required reverse engineering my bank’s Android OTP application, that I expected would reveal some…

SharePoint Pre-Auth Code Injection RCE chain CVE-2023-29357 & CVE-2023-24955 PoC - SharePwn_public.py

I got my hands on a new sample of Android/BianLian (sha256: 0070bc10699a982a26f6da48452b8f5e648e1e356a7c1667f393c5c3a1150865), a banking…

Malware Analysis and Threat Intelligence Research

Introducing a novel technique for e-mail spoofing

File syncing applications, while providing convenient solutions for seamless collaboration and data access within organizations, also pose…

On-premises to cloud lateral movement should be one of the top techniques in a red teamer’s arsenal. Difficult to detect and pervasive in nature, these techniques attract the likes of APT groups like Nobellium who have increased their focus on abusing identity…

There are 117 notable activities attributed to Lazarus and his family.

We introduce a new white-box cryptanalysis tool based on the pioneering BGE paper but without known open source public implementation so far.

As seen in most security blog posts today, binary diffing tools are essential for reverse engineering, vulnerability research, and malware analysis. Patch diffing is a technique widely used to identify changes across versions of binaries as related to security…