Post Patch Threat Hunting
Earlier today MITRE went public stating that a state-backed hacking group breached its systems using two Ivanti VPN zero-days back in January 2024.
PEMB
Security Researcher, Threat Intel Analyst, Malware Analyst.
Static Malware Analysis∶ to string or to floss that is the question
Every analyst has one or two methodologies for analyzing malware and perhaps even different approaches based on the malware type being analyzed. Regardless of many ways you can analyze malware we all do static analysis and look into strings at some point.
Powershell Dropper
I found an interesting PowerShell script uploaded today on Malware Bazaar uploaded at 2023-05-31 02:06 (UTC) then turns out to be a dropper...