In the ever-evolving landscape of cybersecurity, malicious actors constantly seek new ways to infiltrate computer systems, wreak havoc, and exploit vulnerabilities. One of their most insidious tools is polymorphic malware, a shape-shifting threat that challenges traditional defense mechanisms and poses a formidable challenge to organizations and individuals alike. In this blog post I will investigate […]
Read more "Polymorphic Malware Using #AI"Introduction to Prompting Artificial Intelligence (AI) has become an increasingly popular topic in recent years due to its potential to revolutionize various industries. The ability to automate tasks, analyze vast amounts of data, and make predictions has made AI a valuable tool for businesses and researchers alike. However, developing effective AI systems can be a […]
Read more "The Relevance of Prompts in AI and Cybersecurity"Artificial intelligence (AI) is a rapidly evolving field that involves the development of intelligent machines that can perform tasks that typically require human intelligence, such as visual perception, speech recognition, decision-making, and language translation. AI has the potential to revolutionize the way we work and live, with the ability to automate tasks and processes, increase […]
Read more "Many Generative Pre-Trained Transformer (GPT): a pragmatic evaluation."Recently (On March 18 2023 at 23:44), a new malspam campaign has been observed in the wild ( HERE ), which caused a significant amount of concern. This campaign is designed to distribute malicious emails, which contain a harmful payload that can infect a user’s system, steal sensitive information, or launch other types of attacks. […]
Read more "Reversing Emotet Dropping Javascript"During talks and presentations people often ask me how do I remember so many names, different “artifacts” (a.k.a Malware) and groups. I actually ended up with a “hemmm … well… actually I just remember them since I read and write a lot about cyber threats”. So here it comes the Malware Family CheatSheet. This work […]
Read more "Malware Families CheatSheet"I believe books can change a live. I do also believe that Artificial Intelligence might change the way we are working, improving, studying and interacting with each other. So why do not fit them together in an unique place ? Introducing Amazing Books Podcast, the first fully AI generated podcast on amazing books. I do […]
Read more "Amazing Books: The Podcast"Inroduction ChatGPT or more generally speaking OpenAI is an incredible tool. It is a spectacular instrument helping people in many different fields, it helps people to summarize text, to produce poem, to build images and music, to answer to difficult questions and to automatize complex processes. So I decided to dedicate an entire blog-post to […]
Read more "Threat Actors Sheets: OpenAI Generated !"During the past 4 months Microsoft Onenote file format has been (ab)used as Malware carrier by different criminal groups. While the main infection vector is still on eMail side – so nothing really relevant to write on – the used techniques, the templates and the implemented code to inoculate Malware changed a lot. So it […]
Read more "Onenote Malware: Classification and Personal Notes"Initial Access Brokers (IAB) are still the main way cyber criminals use to get access to their next target, but in 2022, as never before, I saw an increment of exploited vulnerabilities used by threat actors as initial vector or escalation vector. This behavior highlights the rise of a new skill-set belonging with specific actors […]
Read more "Most Exploited Vulnerabilities in 2022"Introduction Today I’d like to share a quick analysis initiated during a threat hunting process. The first observable was found during hunting process over OSINT sources, the entire infrastructure was still up and running during the analyses as well as malicious payload were downloadable. Analysis My first observable was a zipped text file compressing a […]
Read more "Is Hagga Threat Actor (ab)using FSociety framework ?"