Some stuff about security..

DISCLAIMER: This blog is a set of personal notes I have decided to make public. Please, ignore any typo or language error

Wednesday, December 27, 2017

Qrypter Java RAT using Tor

›
Since the 16th of December, almost in a daily basis, I'm seeing a particular family of Java Remote Access using Tor.  The samples ...
Monday, November 20, 2017

Hunting for Microsoft Equation Vulnerability - CVE-2017-11882

›
Since Microsoft released November patches last week where  CVE-2017-11882 was addressed, I've been trying to get a sample in order to p...
Sunday, November 19, 2017

Detecting Adwind malware weaponized in MS office documents

›
In a daily basis I see lot of Adwind malware trying to infect end users Adwind is a multiplatform Remote Access Trojan (RAT) which has b...
Saturday, October 21, 2017

Hunting APT28 CVE-2017-11292 Flash Vulnerability

›
Proofpoint made public a couple of days ago that APT28 is using the last flash 0-day CVE-2017-11292 via some malicious weaponized DOC files;...
Sunday, October 15, 2017

Hunting FIN7 malicious documents

›
A few days ago I read an interesting post  about some new technique that FIN7 Threat Actors are using to deliver malicious payloads in RTF a...
‹
›
Home
View web version
Powered by Blogger.