Archive

Software

Happy IR in the New Year!

In IR cases we use a very simple script that is uploaded to every Windows computer in the corporate network to collect logs, NTFS data, entries from the Windows registry and strings from the binary files to find out how exactly the attackers were moving through the network. It’s holiday season and it is our pleasure to share this script with you.





  • Subscribe

  • Reports

    APT trends report Q3 2022

    This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022.

    APT10: Tracking down LODEINFO 2022, part I

    The first part of this report will provide technical analysis of the new infection methods such as SFX files and DOWNIISSA, a new downloader shellcode used to deploy the LODEINFO backdoor.

    Subscribe to our weekly e-mails

    The hottest research right in your inbox