Decoding a New JavaScript Malware Campaign Recently researchers from HuntressLabs shared data about a case where a fake DocuSign document resulted in a network compromise involving AvosLocker &...
New JavaScript Malware - Fake DocuSign Invoices
Using ChatGPT to Visualize Ransomware Leak Site Data
Using ChatGPT to Visualize Ransomware Leak Site Data Recently I wanted to test out if I could use OpenAI’s ChatGPT to assist with analyzing trends around ransomware leak site postings. Project ...
Yanlouwang Ransomware Leaks
Yanlouwang Ransomware Leaks Analysis On October 31st the twitter account @yanluowangleaks published communication data from Yanlouwang ransomware. The data appear to be leaked from matrix chat ser...
Minecraft & IT software targeted with fake websites & Remote Access Trojans
Minecraft & IT software targeted with fake websites & Remote Access Trojans Background research In January of 2022 Félix Aimé from SEKOIA shared a detailed twitter thread about a t...
ViperSoftx Expanded - Torrents lead to JavaScript-based Cryptocurrency Stealers
ViperSoftx Expanded - Torrents lead to JavaScript-based Cryptocurrency Stealers Table of Contents: Prior Research PowerShell Analysis and Pivoting Malware Distribution Browser Ext...
Choziosi Loader Analysis
Choziosi Loader: Multi-platform campaign delivering browser extension malware In Janurary 2022 a new malware campaign delivering chrome extensions was identified by @x3ph1. Orginally this m...
HeatMap Visualization with Python
Motivation and Game Plan Recently I wanted to build a tool to visualize timestamp data, specifically to display a heatmap of activity by hour and day of week. I started off by reading over this tu...
Conti Ransomware Leaks
The Conti Ransomware Leaks Background On February 25th 2022 the Conti Ransomware crew declared they support the Russian government: “The Conti Team is official announcing a full support of Russ...
Malware Analysis Resources and Tools
Resources for Malware Analysis Online Tools MalPedia: https://malpedia.caad.fkie.fraunhofer.de/library VirusTotal: https://www.virustotal.com/ MalwareBazaar: https://b...
Tweetdeck for Threat Intel
Twitter is undeniably a great resource for learning about security. A lot of people share information on malware, phishing, new vulnerabilities, exploits and more. Sometimes it can be difficu...