Threat Research
Malware in images: When you can’t see 'the whole picture'
The attack on SolarWinds: Next-level stealth was key
The SunBurst supply chain attack, which was behind the breach of SolarWinds, took sophistication and patience.
PoorWeb - Hitching a Ride on Hangul
Tearing Down HWP Files To Expose a Trojan
Taidoor - a truly persistent threat
When malware lasts longer than your washing machine
Five Uses of YARA
YARA is a useful member of the toolset of researchers, threat hunters, incident responder, and many other defenders.
Hidden Cobra - from a shed skin to the viper’s nest
Enriching public threat intelligence
Mining for Malicious Ruby Gems
Typosquatting barrage on RubyGems software repository users
Hawkish applications lurking in your MacOS environment
macOS Blog 4 of 5: Catching the Proton Backdoor in your Video
Unpacking the Kwampirs RAT
Exposing Attack Campaigns, Hunting Threats and Delivering Actionable Threat Intelligence
Exposing Ryuk Variants Using YARA
Getting Ahead of Ryuk attacks using YARA Rules - Continued