CSIRT

Cobalt Strike Investigation - Part 2

Thu 09 March 2023

This second part will focus on the 'jump' command in Cobalt Strike, used to establish a connection from a compromised system to the command and control (C2) server.

Read more
CSIRT

Cobalt Strike Investigation Part 1

Tue 20 September 2022

Cobalt Strike Investigation - Part 1

Read more
Vulnerability

Obfuscated obfuscation

Mon 11 April 2022

This article is a step-by-step guide to reverse an APK protected with DexGuard using Jadx

Read more
Malware

AvosLocker Ransomware Linux Version Analysis

Wed 02 March 2022

Avoslocker analysis

Read more
Malware

DanaBot Communications Update

Mon 20 September 2021

This short blog post is about the minor changes introduced in the version 1987 of DanaBot.

Read more
Malware

Dridex Loader Analysis

Tue 06 April 2021

This article is a deep dive into the Dridex Loader

Read more