Fake AI Installer Campaign Delivering an In-Memory Stealer via the ClickFix Technique
The latest ClickFix campaign has evolved beyond fake CAPTCHA prompts, ClickFix is now disguised as installation instructions for coding assistant software.
Threat, Research, and Solution in Cybersecurity Realms
Get the email newsletter and unlock access to members-only content and updates
Get started with our best stories
Betting on Risk: An Analysis of Spyware Disguised as Online Gambling App
The rise of online gambling in Indonesia has created a loophole that is often exploited as a means of spreading spyware targeting mobile device users.
What I Learned From My First Brute-Force Attack Simulation
Ever wondered how hackers actually break into devices over public Wi-Fi? In this article, We walk through a real brute-force attack simulation, from scanning a network with Nmap to cracking login credentials using Hydra and SecLists.
Uncovering New Indicator in RagaSerpent’s ‘Tax Audit’ Malware Campaign
Analyzing RagaSerpent’s “Tax Audit” malware campaign to uncover new indicators of compromise, enhancing detection accuracy and strengthening threat intelligence capabilities while staying ahead of evolving attack techniques.
AI is trained to be safe. Engineers are trained to find what breaks.
Originally published on LinkedIn — reposting here because the thesis lands hardest in security work, where the gap between code that looks right and code that is right is the difference between green dashboards and a breach. A product manager asks an AI for a "one-click buy button."...
Lua-JIT SmartLoader: Analyzing the GitHub Campaign Delivering Stealer
SmartLoader Campaign The SmartLoader campaign represents a significant escalation in the sophistication of commodity malware distribution, establishing a critical new threat vector for organizational defense. By combining advanced evasion techniques with large-scale automation, this multi-stage loader poses a significant threat that demands an immediate reassessment of existing security...
Static Analysis of Akira Ransomware
Akira (REDBIKE) ransomware, emerging in 2023, is a sophisticated operation linked to the former Conti syndicate, extorting $42M from over 350 SMBs. It targets Windows, Linux, and ESXi systems, using a complex hybrid cryptosystem with ChaCha20, AES-256, and RSA-4096 via the Nettle library.
Fake AI Installer Campaign Delivering an In-Memory Stealer via the ClickFix Technique
The latest ClickFix campaign has evolved beyond fake CAPTCHA prompts, ClickFix is now disguised as installation instructions for coding assistant software.
Betting on Risk: An Analysis of Spyware Disguised as Online Gambling App
The rise of online gambling in Indonesia has created a loophole that is often exploited as a means of spreading spyware targeting mobile device users.
What I Learned From My First Brute-Force Attack Simulation
Ever wondered how hackers actually break into devices over public Wi-Fi? In this article, We walk through a real brute-force attack simulation, from scanning a network with Nmap to cracking login credentials using Hydra and SecLists.
Uncovering New Indicator in RagaSerpent’s ‘Tax Audit’ Malware Campaign
Analyzing RagaSerpent’s “Tax Audit” malware campaign to uncover new indicators of compromise, enhancing detection accuracy and strengthening threat intelligence capabilities while staying ahead of evolving attack techniques.
AI is trained to be safe. Engineers are trained to find what breaks.
Originally published on LinkedIn — reposting here because the thesis lands hardest in security work, where the gap between code that looks right and code that is right is the difference between green dashboards and a breach. A product manager asks an AI for a "one-click buy button."...
Lua-JIT SmartLoader: Analyzing the GitHub Campaign Delivering Stealer
SmartLoader Campaign The SmartLoader campaign represents a significant escalation in the sophistication of commodity malware distribution, establishing a critical new threat vector for organizational defense. By combining advanced evasion techniques with large-scale automation, this multi-stage loader poses a significant threat that demands an immediate reassessment of existing security...
Recommended
