In this post, I present my impressions of this book I recently read. Why Am I Reading It? To start, I think it’s important to give some context, as things cannot be interpreted absolutely. In the book’s preface, the authors Read more…
Another day I was watching this video (link and player below) about ideas on how to detect injection attacks via CobaltStrike, which is such a powerful offensive testing solution. I realized that many of the ideas presented in the video Read more…
In case you are a security professional, you likely already know about the Solarwinds hacking case. In case you aren’t, you can check it here. In a brief, their software was backdoor-ed and distributed to many customers. Here are our Read more…
Another day, another ransomware! It seems Brazil has been facing a ransomware wave and this time Embraer, the Brazilian aircraft manufacturer, was the target (Check news here). Here our brief analysis goes. The file said to have attacked Embraer is Read more…
We have previously analyzed a malware sample claimed to have attacked the Brazilian Justice Court (Check here). After that, a new payload arrived. It is a Windows malware–available on Virustotal (check here)–, such that we are not sure what is Read more…
Yesterday, the world got the news that the Brazilian Supreme Justice Court was the target of a ransomware attack, and had all of their data (and backup) encrypted (check here). What really motivated this attack is still unclear, and several Read more…
If you read any of the SECRET papers, it is not a SECRET for you that using Machine Learning (ML) to detect malware is a challenging endeavor. In one of these papers, we presented the results of our participation in Read more…
Last year we were breaking machine learning models for malware detection. We were able to bypass all the models of the competition, finishing in the second position — unfortunately, it was not enough to win an NVIDIA graphic card, but Read more…
We are happy to share with you our newest machine learning secret! Scikit-multiflow 0.5 is now available, including our open-source contribution: delayed labels evaluation for supervised learning. We expect that the community makes great use of this new feature, which Read more…
Obfuscation is often used by malware samples to hide their SECRETs, but we know how to uncover them. Want to know as well? Check our guide here.