Another day I was watching this video (link and player below) about ideas on how to detect injection attacks via CobaltStrike, which is such a powerful offensive testing solution. I realized that many of the ideas presented in the video somehow relate to SECRET papers; Here I explain how. The Read more…
In case you are a security professional, you likely already know about the Solarwinds hacking case. In case you aren’t, you can check it here. In a brief, their software was backdoor-ed and distributed to many customers. Here are our thoughts about the case and the associated payloads. An important Read more…
Another day, another ransomware! It seems Brazil has been facing a ransomware wave and this time Embraer, the Brazilian aircraft manufacturer, was the target (Check news here). Here our brief analysis goes. The file said to have attacked Embraer is available in our sandbox solution (link here). It is a Read more…
We have previously analyzed a malware sample claimed to have attacked the Brazilian Justice Court (Check here). After that, a new payload arrived. It is a Windows malware–available on Virustotal (check here)–, such that we are not sure what is its relation with the previous Linux one. Anyway, let’s analyze Read more…
Yesterday, the world got the news that the Brazilian Supreme Justice Court was the target of a ransomware attack, and had all of their data (and backup) encrypted (check here). What really motivated this attack is still unclear, and several questions arise: Was it performed by a cyber criminal? A Read more…
If you read any of the SECRET papers, it is not a SECRET for you that using Machine Learning (ML) to detect malware is a challenging endeavor. In one of these papers, we presented the results of our participation in a machine learning-based malware detection evasion challenge dating back 2019. Read more…
Obfuscation is often used by malware samples to hide their SECRETs, but we know how to uncover them. Want to know as well? Check our guide here.