Phishing Kits: Threat Actors Analysis Research

Introduction Phishing kits are tools that dark side experts provide to the community of criminal phishers to facilitate the construction of malicious Web sites. As these kitsevolve in sophistication, providers of Web-based services need to keep pace withcontinuous complexity. Today I am proud to introduce a long time research that Andrea Venturi, Michele Colajanni, Giorgio […]

Read more "Phishing Kits: Threat Actors Analysis Research"

Running Shellcode Through Windows Callbacks

Introduction When I’ve firstly seen the technique behind the Shellcode execution through Microsoft Windows Callbacks, I thought it was pure magic. But then, digging a little bit on it, I figured out that it was just brilliant ! Nowadays this technique is quite used in underground communities to inject shellcode into running processes so I […]

Read more "Running Shellcode Through Windows Callbacks"

Cyber Threats Observatory Gets Improvements

Today I am so happy to announce a big improvement in the threats observatory (available for here). The main improvement sees the introduction of clustering stereotypes for each tracked malware family in three different behaviors: Domains, Files and Processes. Every malware does specific actions on domains, files and processes realms by meaning that every sample […]

Read more "Cyber Threats Observatory Gets Improvements"