Groundhog day: NPM package caught stealing browser passwords

This blog discusses the process used to find another NPM package that steals saved Chrome browser passwords.

Data Exfiltrator

A New Tactic for Ransomware Adversaries

Third-party code comes with some baggage

Recognizing risks introduced by statically linked third-party libraries

It only takes one line of code to ruin your day

They say there’s no such thing as bad press, but getting name recognition for a data breach never feels good. Enter Codecov.

Spotting malicious Excel4 macros

Relying on legacy functionalities comes with inherent security risks

Code Reuse Across Packers and DLL Loaders

One of the core tenets of computer science is code reuse.

DotNET Loaders

Many families of remote access trojan (RAT) are .NET executables.

Malware in images: When you can’t see 'the whole picture'

The attack on SolarWinds: Next-level stealth was key

The SunBurst supply chain attack, which was behind the breach of SolarWinds, took sophistication and patience.

Rana Android Malware

Your past catches up, sooner or later...

PoorWeb - Hitching a Ride on Hangul

Tearing Down HWP Files To Expose a Trojan

Taidoor - a truly persistent threat

When malware lasts longer than your washing machine

Excel 4.0 Macros

The Risk of Hidden Threats in Compound Files

Five Uses of YARA

YARA is a useful member of the toolset of researchers, threat hunters, incident responder, and many other defenders.

Hidden Cobra - from a shed skin to the viper’s nest

Enriching public threat intelligence