Analyzing KSL0T (Turla’s #Keylogger)
Part 1: https://www.blog.virusbay.io/2019/08/01/analyzing-ksl0t-part-1/
Part 2: https://www.blog.virusbay.io/2019/08/01/analyzing-ksl0t-part-2/
Study on CSIRT landscape and IR capabilities in Europe 2025 — ENISA
RedTeam Tactics and Techniques
#infosec #pentest #redteam
Via Florian Hansemann
#Joker #malware has found a way to bypass the security checks to be published in the official #Google Play Store.
The #spyware is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions.
#Python programming language: Now you can take NSA's free course for beginners
NSA releases Python course after receiving a Freedom of Information Act (FOIA) request for its training materials.
La région Grand-Est paralysée plusieurs jours par un rançongiciel.
Les postes de travail utilisés par quelque 7 500 agents ont été touchés « sur les différents sites de la région en Champagne-Ardenne, en Lorraine, et bien sûr en Alsace, au siège du Grand-Est à Strasbourg. Mais les postes informatiques des lycées, gérés par la région, sont aussi concernés ».
The US Defence Information Systems Agency (DISA) has confirmed it has been hacked and the personal data of 200,000 people has been compromised.
Analysis of an Unusual #HawkEye #Keylogger Sample.
Swiss CERT: Currently, we are observing HawkEye samples being distributed by large malspam waves. HawkEye is a keylogger which has been around quite a long time (since 2013) and has evolved since then and gained more functionality. There are several good blog posts about HawkEye in general. Recently we observed an interesting obfuscation method in a HawkEye binary, which we are going to describe in this blog post.
#AZORult #Trojan Uses Fake #ProtonVPN Installer to Disguise Attacks
New Snake #Ransomware Adds Itself to the Increasing Collection of Golang Crimeware
#AWS MIGRATION: Server Migration Service (SMS) from AWS is an agentless service that enables customers to simplify the AWS Migration process by automatically replicating live server volumes from their on premises servers in to AWS.
Give your #Linux system's firewall a #security boost.
Firewalls are great but they're ineffective if something goes wrong with them. The /etc/hosts.allow and /etc/hosts.deny files are the second line of defense against intruders.
IT Security Engineer.
A Mastodon instance for info/cyber security-minded people.