During routine threat hunting on my Beelzebub honeypot, I captured something unusual: a Rust-based DDoS bot with zero detections across all…

Learn how to reverse engineer ESP32 firmware faster using Ghidra FIDB and ESP-IDF to automate function identification

View cubebox os Series' Articles on DEV Community

Deep dive into MacSync Stealer (UserSyncWorker variant), a MaaS infostealer featuring Gatekeeper bypass via notarized Swift dropper, code signature validation, and multi-layer payload obfuscation

A comprehensive guide to understanding and defending against Cobalt Strike, one of the most commonly observed tools used by threat actors. This deep dive covers the TTPs and detection strategies.

CloudSEK's TRIAD reveals a critical campaign by the Chinese "Silver Fox" APT targeting Indian entities with authentic-looking Income Tax phishing lures. While previously misattributed to SideWinder, this sophisticated attack leverages a complex kill chain…

Over the past decade, the English-speaking cybercriminal ecosystem commonly referred to as “The COM” has undergone a profound transformation. What began as a niche subculture centered on the trading of what is called “OG Usernames (original gangster)”

Bitdefender researchers investigate a complex infection chain embedded in a fake movie torrent for One Battle After Another.

UART, this is the main topic for today. UART protocol stands for Universal Asynchronous Receiver/Transmitter (UART). This is the protocol…

Be better than yesterday -

Revisiting an old video published approximately 8 months ago and it was being picked up by Windows Defender. This video demonstrates a quick and straight-forward XOR encryption/decryption routine to supplement the shellcode loader…