Analyzing a malicious USB by extracting its files, finding autorun artifacts and embedded PDF payloads.

A newly discovered DLL hijacking vulnerability in Notepad++, the popular source code editor, could allow attackers to execute arbitrary code on a victim's machine.

Abusing the Clipup.exe program by using the CreateProcessAsPPL.exe tool to destroy the executable file of the EDRs, Antivirus.

This blog explains how attackers use direct syscalls to overcome most EDR solutions, by first discussing the conventional Windows syscall flow and how most EDR solutions monitor those calls.

As threat actors are adopting Rust for malware development, RIFT, an open-source tool, helps reverse engineers analyze Rust malware, solving challenges in the security industry.

GUI for apktool, signapk, zipalign and baksmali utilities. - AndnixSH/APKToolGUI

APT28 Operation Phantom Net Voxel: weaponized Office lures, COM-hijack DLL, PNG stego to Covenant Grunt via Koofr, BeardShell on icedrive.

This research shows how we can trick disassemblers and debuggers into identifying the wrong import names by messing up metadata used in the lazy binding process

WhatsApp 0-click remote code execution (RCE) vulnerability affecting Apple's iOS, macOS, and iPadOS platforms, detailed with a proof of concept demonstration.

Dark Vortex provides various cybersecurity trainings, products and other services.

1.组织概述