Phishing Kits: Threat Actors Analysis Research

Introduction Phishing kits are tools that dark side experts provide to the community of criminal phishers to facilitate the construction of malicious Web sites. As these kitsevolve in sophistication, providers of Web-based services need to keep pace withcontinuous complexity. Today I am proud to introduce a long time research that Andrea Venturi, Michele Colajanni, Giorgio […]

Read more "Phishing Kits: Threat Actors Analysis Research"

Running Shellcode Through Windows Callbacks

Introduction When I’ve firstly seen the technique behind the Shellcode execution through Microsoft Windows Callbacks, I thought it was pure magic. But then, digging a little bit on it, I figured out that it was just brilliant ! Nowadays this technique is quite used in underground communities to inject shellcode into running processes so I […]

Read more "Running Shellcode Through Windows Callbacks"

Cyber Threats Observatory Gets Improvements

Today I am so happy to announce a big improvement in the threats observatory (available for here). The main improvement sees the introduction of clustering stereotypes for each tracked malware family in three different behaviors: Domains, Files and Processes. Every malware does specific actions on domains, files and processes realms by meaning that every sample […]

Read more "Cyber Threats Observatory Gets Improvements"

SWEED Targeting Precision Engineering Companies in Italy

Introduction Today I’d like to share a quick analysis of an interesting attack targeting precision engineering companies based in Italy. Precision engineering is a very important business market in Europe, it includes developing mechanical equipment for: automotive, railways, heavy industries and military grade technology . The attacker pretended to be a customer and sent to […]

Read more "SWEED Targeting Precision Engineering Companies in Italy"