Malware
DanaBot Communications Update
Mon 20 September 2021
This short blog post is about the minor changes introduced in the version 1987 of DanaBot.
Read moreMalware
Dridex Loader Analysis
Tue 06 April 2021
This article is a deep dive into the Dridex Loader
Read moreMalware
Lockbit analysis
Fri 02 October 2020
This article is a deep dive into the IOCP and encryption process from LockBit in depth.
Read moreVulnerability
Pentesting a banking FTP service
Tue 24 March 2020
This articles intends to bring an exploitation scenario encountered during a common penetration test.
Read moreMalware
Whitepaper: The Lazarus Constellation - A study on North-Korean malware
Mon 09 March 2020
In this whitepaper, Lexfo analyses Lazarus malwares, from their motives, to their detection and mitigation, through their techniques, tactics, procedures.
Read moreVulnerability
CVE-2017-11176: A step-by-step Linux Kernel exploitation (part 1/4)
Tue 02 October 2018
The first article covers an in-depth CVE/bug analysis, designs an attack scenario and starts implementing a PoC in ring-0 with SystemTap. The core concept section focuses on file/socket related data structures, netlink and refcounters.
Read more