Quantcast
Channel: Technical posts Archives - Stormshield
Browsing latest articles
Browse All 11 View Live

How to run userland code from the kernel on Windows – Version 2.0

:0
:0
October 19, 2016, 8:56 am

Introduction 2 years ago, Thierry F. wrote an article in this blog about a technique that could allow a driver to inject a DLL in a process...

View Article
Search

Octopus-Rex. Evolution of a multi task Botnet

:0
:0
October 28, 2016, 4:44 am

Introduction During the last decade, different types of malware have been targeting Linux servers; Elknot, Encoder, Mirai, LuaBot, NyaDrop, Gayfgt etc. Most of them are used for DDoS purpose but there...

View Article

Analyzing a form-grabber malware

:0
:0
September 28, 2017, 1:00 am

Introduction As a new member of the Stormshield Security Intelligence team, my initiation ritual was to analyze a form-grabber malware used to steal passwords thanks to web-browser injection method. In...

View Article

Attacking a co-hosted VM: A hacker, a hammer and two memory modules

:0
:0
October 19, 2017, 1:08 am

Row-hammer is hardware bug that can cause bit-flips in physical RAM. Mark Seaborn and Thomas Dullien were the first to exploit the DRAM row-hammer bug to gain kernel privileges. Kaveh Razavi et al....

View Article

Analyzing an Agent Tesla campaign: from a word document to the attacker...

:0
:0
January 12, 2018, 1:22 am

Introduction Information stealer malware are used on a daily basis by cyber-criminals. They are often designed to extract saved password stored within browsers, instant messaging applications, FTP...

View Article

Spot the Agent

:0
:0
March 2, 2018, 5:11 am

Password stealers are well-known malware used in daily basis by cyber-criminals. Most of the time those stealers are delivered in ready to used package (builder + panel) with a readme or/and video...

View Article

De-obfuscating Jump Chains with Binary Ninja

:0
:0
March 20, 2018, 2:09 am

Malware authors uses extensive obfuscation techniques such as packing, junk code insertion, opaque predicates to harden malware analysis. Binary ninja has recently released a plugin to remove opaque...

View Article

In-depth Formbook malware analysis – Obfuscation and process injection

:0
:0
March 29, 2018, 8:47 am

Introduction Formbook is a form-grabber and stealer malware written in C and x86 assembly language. It’s a ready to sell malware, that can be used by cyber-criminals who don’t have any skill in malware...

View Article
Search

A walk through the AcridRain Stealer

:0
:0
August 28, 2018, 12:57 am

This blogpost will talk about the analysis of a new password stealer named AcridRain and its different updates during the last 2 months. Introduction AcridRain is a new password stealer written in...

View Article

OrBit: advanced analysis of a Linux dedicated malware

:0
:0
January 2, 2023, 6:36 am

The post OrBit: advanced analysis of a Linux dedicated malware appeared first on Stormshield.

View Article
Browsing latest articles
Browse All 11 View Live
Search

Latest Images

New $4.5 million East Bay trail path will connect bicyclists, pedestrians to...

New $4.5 million East Bay trail path will connect bicyclists, pedestrians to...

April 18, 2024, 11:05 am
Photographer Gifts for Clients / Print Packaging / 4x6 Photo Box by...

Photographer Gifts for Clients / Print Packaging / 4x6 Photo Box by...

April 17, 2024, 6:48 pm
Deepfake Video of Aamir Khan circulates Online

Deepfake Video of Aamir Khan circulates Online

April 17, 2024, 3:07 am
Very Hungry Caterpillar™ Shirt: World of Eric Carle™+ Little Goodall by...

Very Hungry Caterpillar™ Shirt: World of Eric Carle™+ Little Goodall by...

April 14, 2024, 8:14 am
Have you seen Michael Wines? Burien man has been missing since Saturday,...

Have you seen Michael Wines? Burien man has been missing since Saturday,...

April 12, 2024, 3:59 pm
Stay Salty POTS Awareness Stretchy Stacking Bracelets | Set of Three|...

Stay Salty POTS Awareness Stretchy Stacking Bracelets | Set of Three|...

April 11, 2024, 5:27 pm
19 Reader-Favourite March Purchases — From Steals To Splurges

19 Reader-Favourite March Purchases — From Steals To Splurges

April 11, 2024, 5:07 am
Fake lip ring, silver lip ring, simple lip ring, unisex lip ring by AIRlab

Fake lip ring, silver lip ring, simple lip ring, unisex lip ring by AIRlab

April 9, 2024, 4:00 pm
People's Blog • First Pictures of the Eclipse ! ! !

People's Blog • First Pictures of the Eclipse ! ! !

April 8, 2024, 1:08 pm
People's Blog • First Pictures of the Eclipse ! ! !

People's Blog • First Pictures of the Eclipse ! ! !

April 8, 2024, 1:08 pm