Malicious code in zip-me (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4ae48b0e5e3d93cee49e83f0bfa47a43f02ede60914545d0d82204c6664fde6f During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

The forgotten malvertising campaign

In recent weeks, we have noted an increase in malvertising campaigns via Google searches. Several of the threat actors we are tracking have improved their techniques to evade detection throughout the delivery chain. We believe this evolution will have a real world impact among corporate users...

Fedora: Security Advisory for golang-github-shellcode33-vm-detection (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-shellcode33-vm-detection-0-0.7.20200715git4fd05cb.fc36

Linux and Windows VMs evasion fully written in Go...

Fedora: Security Advisory for golang-github-shellcode33-vm-detection (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: golang-github-shellcode33-vm-detection-0-0.6.20200715git4fd05cb.fc35

Linux and Windows VMs evasion fully written in Go...

Fedora: Security Advisory for golang-github-shellcode33-vm-detection (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Gootkit: the cautious Trojan

Gootkit is complex multi-stage banking malware that was discovered for the first time by Doctor Web in 2014. Initially it was distributed via spam and exploits kits such as Spelevo and RIG. In conjunction with spam campaigns, the adversaries later switched to compromised websites where the visito...

CB TAU Threat Intelligence Notification – Karagany Malware

Secureworks recently reported in regards to an update of Karagany malware last month. The malware is used by the IRON LIBERTY threat group also known as DragonFly2.0 and Energetic Bear, targeting energy companies and organizations. Carbon Black Threat Analysis Unit TAU provides the product rules ...

CrackMeJ1

This is a multi-staged crackme that implements several protections for antidebugging. Objective: Find the keys 3 to solve the crackme and make a keygen Hint: Run it on a VM :- / Crack Me by jSacco // This crack me uses antidebugging techniques such as: VM Detection , Traps and IsDebuggerPresent /...

RIG EK Still Makes Waves, This Time with a Stealthy Backdoor

Exploit kit activity has been declining since the latter half of 2016, but the RIG EK seems to buck the trend. It’s been involved in ongoing activity involving a wide range of crimeware payloads; and the latest campaign saw RIG dropping the Grobios malware, which is tailored to be a really stealt...

Automated Android Malware Analysis: CuckooDroid

CuckooDroid is an extension of Cuckoo Sandbox the Open Source software for automating analysis of suspicious files. CuckooDroid brigs to cuckoo the capabilities of execution and analysis of android application. CuckooDroid is an automated, cross-platform, emulation and analysis framework based on...