8 matches found
Malware Builder Leverages Discord Webhooks
On April 23rd, 2022, a Discord user with the handle “Portu” began advertising a new password-stealing malware builder. Malware builders are programs which so-called script kiddie hackers can craft their own executables on top of. Script kiddie is cybersecurity parlance for a novice hacker who use...
Operationalizing Threat Intelligence with User-Driven Automation
Security operations centers SOCs and threat analysts are struggling with ever-increasing and growing cyberthreats. Massive volumes of data created every second lead to new vulnerabilities and attack vectors. How do SOCs and incident response teams keep up with the threats happening across the...
BazaCall: Phony call centers lead to exfiltration and ransomware
Our continued investigation into BazaCall campaigns, those that use fraudulent call centers that trick unsuspecting users into downloading the BazaLoader malware, shows that this threat is more dangerous than what’s been discussed publicly in other security blogs and covered by the media. Apart...
Phishing Attacks against Trump and Biden Campaigns
Google's threat analysts have identified state-level attacks from China. I hope both campaigns are working under the assumption that everything they say and do will be dumped on the Internet before the election. That feels like the most likely outcome...
Threat Intelligence – What It Is and Why You Need It
Threat intelligence is a broad term. Some might think it refers to having information about what threats are out there. But in the evolved world of cybersecurity, threat intelligence is actually a verb. Cybersecurity threat intelligence is the ability to take closed-source or open-source data fro...
How Office 365 learned to reel in phish
Today's post was coauthored by Debraj Ghosh, Senior Product Marketing Manager, and Jason Rogers, Principal Group Program Manager at Microsoft. We recently reported how we measure catch rates of malicious emails for Office 365 Exchange Online Protection EOP available with any Office 365 subscripti...
How public-private partnerships can combat cyber adversaries
For several years now, policymakers and practitioners from governments, CERTs, and the security industry have been speaking about the importance of public-private partnerships as an essential part of combating cyber threats. It is impossible to attend a security conference without a keynote...
PyREBox - Python scriptable Reverse Engineering Sandbox
PyREBox is a Python scriptable Reverse Engineering sandbox. It is based on QEMU, and its goal is to aid reverse engineering by providing dynamic analysis and debugging capabilities from a different perspective. PyREBox allows to inspect a running QEMU VM, modify its memory or registers, and to...