Some stuff about security..

DISCLAIMER: This blog is a set of personal notes I have decided to make public. Please, ignore any typo or language error

Monday, September 2, 2019

WSH RAT and the link to unknowcrypter and Fudcrypt

›
There are plenty of malspam campaigns using the the code " MT103 " from  SWIFT   to claim some kind of payments.                ...
Sunday, February 3, 2019

Unknowncrypter, the crypter twin of Fudcrypt: another Crypter-as-a-Service for Java and JS

›
Last week I wrote about a Crypter-as-a-Service named  Fudcrypt which obfuscates Java RATs in VBS scripts. However, this is not the only ser...
Sunday, January 27, 2019

Fudcrypt: the service to crypt Java RAT through VBS scripts and Houdini malware

›
The existence of services to encrypt and obfuscate malware in order to avoid antivirus detection is nothing new at all. In this blog I wrote...
Monday, December 31, 2018

Knowing your adversaries and their TTPs. The Gozi case

›
Gozi (aka Ursnif), as many other financial malware, is used by several different actors operating world-wide. In a daily basis I see Gozi ca...
Saturday, November 24, 2018

Hunting malware in memory. A Gozi case.

›
Some of the actors using Gozi / Ursnif take advantage of compromised emails (BEC) to deliver weaponised Microsoft Office documents. This is...
Monday, August 6, 2018

Gozi malspam campaign mimicking Swisscom on 30th July 2018

›
A few days ago GovCERT.ch informed via twitter about a malspam campaign mimicking Swisscom invoices. The malware delivered in the la...
‹
›
Home
View web version
Powered by Blogger.