Decoding a New JavaScript Malware Campaign Recently researchers from HuntressLabs shared data about a case where a fake DocuSign document resulted in a network compromise involving AvosLocker &amp...

Using ChatGPT to Visualize Ransomware Leak Site Data Recently I wanted to test out if I could use OpenAI’s ChatGPT to assist with analyzing trends around ransomware leak site postings. Project ...

Yanlouwang Ransomware Leaks Analysis On October 31st the twitter account @yanluowangleaks published communication data from Yanlouwang ransomware. The data appear to be leaked from matrix chat ser...

Minecraft & IT software targeted with fake websites & Remote Access Trojans Background research In January of 2022 Félix Aimé from SEKOIA shared a detailed twitter thread about a t...

ViperSoftx Expanded - Torrents lead to JavaScript-based Cryptocurrency Stealers Table of Contents: Prior Research PowerShell Analysis and Pivoting Malware Distribution Browser Ext...

Choziosi Loader: Multi-platform campaign delivering browser extension malware In Janurary 2022 a new malware campaign delivering chrome extensions was identified by @x3ph1. Orginally this m...

Motivation and Game Plan Recently I wanted to build a tool to visualize timestamp data, specifically to display a heatmap of activity by hour and day of week. I started off by reading over this tu...

The Conti Ransomware Leaks Background On February 25th 2022 the Conti Ransomware crew declared they support the Russian government: “The Conti Team is official announcing a full support of Russ...

Resources for Malware Analysis Online Tools MalPedia: https://malpedia.caad.fkie.fraunhofer.de/library VirusTotal: https://www.virustotal.com/ MalwareBazaar: https://b...

Twitter is undeniably a great resource for learning about security. A lot of people share information on malware, phishing, new vulnerabilities, exploits and more. Sometimes it can be difficu...