Tracking Tick Through Recent Campaigns Targeting East Asia

This blog post is authored by Ashlee Benge and Jungsoo An, with contributions from Dazhuo Li. Summary Since 2016, an advanced threat group that Cisco Talos is tracking has carried out cyberattacks against South Korea and Japan. This group is known by several different names: Tick, Redbaldknight a...

Increased Use of a Delphi Packer to Evade Malware Classification

Introduction The concept of "packing" or "crypting" a malicious program is widely popular among threat actors looking to bypass or defeat analysis by static and dynamic analysis tools. Evasion of classification and detection is an arms race in which new techniques are traded and used in the wild...

Optima DDOS 10a Botnet leaked on Underground Forums

Optima DDOS 10a botnet leaked on Underground Forums On underground forums "Optima DDOS 10a Botnet " full version posted for all to download and use. Complete new version of the acclaimed DDoS bot Optima Darkness. In this new version 10a according to the author was raised in secrecy bot system and...

Prevx Registry value “KCSI” Exploit

Exploit for windows platform in category local exploits =================================== Prevx Registry value “KCSI” Exploit =================================== Prevx, trying to read the data contained in the registry value”\PCSI\KCSI”, and eventually make it null if it contains data...

Go2Call Cash Calling vulnerable

Hi, sorry fo my english. I found some bug in programm Go2Call Cash Calling It's dialer for talking from Internet Pc2Phone If you send a little UDP packets with size 1500 bytes for example 1472 chars 'A' on 5000 port then this prog will doesn't work The exploit is very easy a part of code on Delph...