May 2025

Defending Against ClickFix and FakeCaptcha: Detection Techniques for Modern Malware Campaigns

29 May 2025 - Posted in Hardenings by Jok3r

Background: ClickFix or FakeCaptcha attacks have become a common component of many attack campaigns. These techniques enable threat actors, with the user's unwitting assistance, to execute arbitrary [...] Read more

Hardcoded Hazards: Detecting Secret Leaks in Source Code

22 May 2025 - Posted in Other by Jok3r

Background: Organizations often invest significant resources in research and development (R&D), which can carry substantial risks—especially when sensitive information is inadvertently exposed [...] Read more

Inside the Attack: How Smishing Campaigns Are Evolving with Covert Data Theft Methods

16 May 2025 - Posted in Threat Analyze by Jok3r

Background: Recently, there has been a noticeable increase in attacks carried out by fraudsters. These attackers use various delivery methods, ranging from social media platforms to SMS messages and [...] Read more

Decrypting Hope: Strategies for Recovery from Ransomware Encryption

11 May 2025 - Posted in Incident Response by Jok3r

Background: Sometimes, during incidents involving ransomware-related threat actors, the investigation into the recovery process can reveal solutions closer than you might think. It’s important to [...] Read more

A Holistic Approach to Organizational Incident Response Design: Integrating People, Process, and Technology

02 May 2025 - Posted in Incident Response by Jok3r

Background: When an incident occurs in your environment, you should be prepared to respond effectively from the perspectives of people, processes, and technologies. Proper preparation ensures a [...] Read more