November 7, 2024 at 05:04AM Tactics, techniques, and procedures (TTPs) are essential for cybersecurity, identifying threats more reliably than indicators of compromise. This report details techniques like disabling Windows Event Logging, PowerShell exploitation, and registry manipulation, showcasing real-world examples through ANY.RUN’s sandbox to analyze malware behavior and enhance threat detection capabilities. ### Meeting Takeaways 1. … Read more
April 18, 2024 at 07:36AM Sandboxes are valuable for both dynamic and static malware analysis. For instance, they facilitate the detection of threats in PDFs by extracting their structure and scrutinizing URLs. They also expose LNK abuse, aid in investigating spam and phishing emails, analyzing suspicious office documents, and looking inside malicious archives. ANY.RUN is … Read more
November 21, 2023 at 06:24AM QR code-based phishing techniques, known as “quishing,” are becoming popular among cybercriminals. By embedding malicious links in QR codes, attackers can bypass spam filters and evade detection. CAPTCHAs are also being exploited in phishing attacks to mask credential-harvesting forms on fake websites. Additionally, steganography is being used to hide malicious … Read more