Browsing tag
A new cyber attack campaign has been observed using spurious MSIX Windows app package files for popular software such as Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex to distribute a novel malware loader dubbed GHOSTPULSE. “MSIX is a Windows app package format that developers can leverage to package, distribute, and install their applications […]
stoQ is a automation framework that helps to simplify the more mundane and repetitive tasks an analyst is required to do. It allows analysts and DevSecOps teams the ability to quickly transition from different data sources, databases, decoders/encoders, and numerous other tasks. stoQ was designed to be enterprise ready and scalable, while also being lean […]
Microsoft launches Malware Detection Competition with AI to test whether the participants AI malware detection models can accurately predict malware from the infected device. Since Malware evolution is continuously targeting organization and individuals with sophisticated techniques, Microsoft is challenging the AI community to develop techniques to predict if a machine vulnerable to hit with malware. In this […]
A tool for security researchers, who waste their time analyzing malicious Office macros. Generates a VBA call graph, with potential malicious keywords highlighted. Allows for quick analysis of malicous macros, and easy understanding of the execution flow. @MalwareCantFly Features Keyword highlighting VBA Properties support External function declarion support Tricky macros with “_Change” execution triggers Fancy […]