New Phishing Attack mimics Google AppSheet to deliver malware - Abusing WinWord.EXE local DLL Side-Loading
-- Praj Shete Summary A new, sophisticated phishing campaign is impersonating Google AppSheet to push a multi-stage, file-based malware...
Sep 156 min read
Detecting Process Injection using a debugger (x64bdg)
Praj Shete What is Process Injection? Process Injection is a technique used by attackers to run malicious code within the address space...
Aug 295 min read
Spoofed “icegate.gov.in” emails delivering JAR-based RAT/Stealer
Praj Shete Executive Summary Email remains one of the most exploited attack vectors for cybercriminals, who often leverage domain...
Aug 253 min read
Colonial Pipeline Cyber Attack
The Colonial Pipeline cyber attack was a ransomware attack that occurred in May 2021. The attack was aimed at Colonial Pipeline, which...
Feb 3, 20234 min read
Windows Zero-day MOTW bypass
What is MOTW? Mark-of-the-Web is a security feature in Windows that flags files which are downloaded from the internet as the file is...
Nov 3, 20222 min read
APT 41
Introduction APT41 is a prolific Chinese state-sponsored cyberespionage group known to target organizations in both the public and...
Aug 4, 20222 min read
Poisoning .lnk Shortcuts
What is a LNK file? An LNK file, or Windows shortcut file, has been used in the Windows operating system for a very long time. A LNK file...
Aug 4, 20223 min read