Malware

DanaBot Communications Update

Mon 20 September 2021

This short blog post is about the minor changes introduced in the version 1987 of DanaBot.

Read more
Malware

Dridex Loader Analysis

Tue 06 April 2021

This article is a deep dive into the Dridex Loader

Read more
Malware

Lockbit analysis

Fri 02 October 2020

This article is a deep dive into the IOCP and encryption process from LockBit in depth.

Read more
Vulnerability

Pentesting a banking FTP service

Tue 24 March 2020

This articles intends to bring an exploitation scenario encountered during a common penetration test.

Read more
Malware

Whitepaper: The Lazarus Constellation - A study on North-Korean malware

Mon 09 March 2020

In this whitepaper, Lexfo analyses Lazarus malwares, from their motives, to their detection and mitigation, through their techniques, tactics, procedures.

Read more
Vulnerability

CVE-2017-11176: A step-by-step Linux Kernel exploitation (part 1/4)

Tue 02 October 2018

The first article covers an in-depth CVE/bug analysis, designs an attack scenario and starts implementing a PoC in ring-0 with SystemTap. The core concept section focuses on file/socket related data structures, netlink and refcounters.

Read more