Pinned
Attackers get crafty with device code phishing. Invisible Unicode characters evade detection — and allow abuse of Microsoft 365's legitimate authentication to take over accounts without stealing passwords.
Full analysis and YARA rules:
ReversingLabs
5,765 posts
ReversingLabs
@ReversingLabs
ReversingLabs is the trusted name in file and software security.
RL — Trust Delivered.
- BREAKING #ReversingLabsResearch! Anatomy of an attack from ReversingLabs follows the breadcrumbs in the #SolarWinds compromise, revealing how attackers maintained stealth through sophistication and patience. Read more: hubs.ly/H0CK5gQ0 #SunBurst #SupplyChain #InfoSec
- #YARA rules are crucial for detecting #malware, which is why it's important to write high quality, detailed #YARArules for the latest #cyber threats. @ReversingLabs #ThreatAnalyst Laura Dabelic explains how to do this in our latest blog post.
- #REVERSING2020! Recorded Sessions are live! If you missed the conference, please register to experience ondemand: hubs.ly/H0snh950 #YARARules #YARA #ThreatHunter #ThreatResearcher #ReverseEngineer w/ @VK_Intel @ChristiaanBeek @WyattRoersma @c_APT_ure @ap0x
00:00 - ⚠️🧵 RL researchers have found 2 malicious #VSCode extensions, "ahban.shiba" & "ahban.cychelloworld," that deliver #ransomware in development to it's users.
- New to #YARA? Want to learn how to use #YARARules for #ThreatHunting or #malware detection? Level up your YARA game with our blog: hubs.ly/H0MScqk0 #LearningWithReversingLabs #ThreatIntelligence #InfoSec #CyberSecurity
- A special announcement by ReversingLabs Chief Software Architect Tomislav Pericin @ap0x at #REVERSING2020! Learn more:
- We've just reached 150 #ransomware detection #YARARules in our public #GitHub repository! Our handwritten rules offer high detection accuracy without any false positives. Get them here: hubs.ly/H0Gqd6z0
- Did you know that #YARA can detect digital certificate misuse? We've just updated our #YARARules to detect 140 additional certificates used by #ransomware, #backdoors and other #malware types. Get them here: hubs.ly/H0F9Mwg0
- Due to recent spikes in #malicious #Excel 4.0 macro use, security research has become focused on detecting such threats. Learn what #ReversingLabsResearch discovered: hubs.ly/H0Pxtd80 #ThreatIntelligence #CyberSecurity #InfoSec #XLM #Excel4
- New #ReversingLabsResearch finds over 90 new file samples associated with the ongoing #HiddenCobra campaign! #IOC list available in our blog: hubs.ly/H0rPzxD0 #TitaniumPlatform #Malware #Lazarus
- New #ReversingLabsResearch is out! One attacker technique that caught our eye is hiding #malware inside image formats like PNG, BMP, GIF, or JPEG. Learn how to protect your organization: hubs.ly/H0HvbJ_0 #InfoSec #CyberSecurity #ThreatIntelligence
- We've just updated our #OpenSource #YARARules to detect 233 misused certificates! Abused by #Malware, stolen, or leaked -- regardless of the reason why certificates get misused, they get detected. Check them here: hubs.ly/H0tjRqR0
