Home » Threat Analyze

Threat Analyze

All the analyzes related to different threats

Safe IDE Extensions: Key Triggers and Chunks to Watch for in Plugin Code

- Posted in Threat Analyze by
Safe IDE Extensions: Key Triggers and Chunks to Watch for in Plugin Code
Background: Only looking into well-known attack patterns found in Chrome and other browser extensions is not enough. Since we work daily with IDEs, there is another potential attacker [...] Read more

Unlocking Security: SBOM Benefits for Container Investigations

- Posted in Threat Analyze by
Unlocking Security: SBOM Benefits for Container Investigations
Background: During the incident response analysis stage, it is mandatory to answer the question of how the attacker appeared inside the environment. This becomes especially challenging when dealing [...] Read more

Linux Suspicious ELF File Static Analysis Techniques and Approaches

- Posted in Threat Analyze by
Linux Suspicious ELF File Static Analysis Techniques and Approaches
Background: Sometimes during daily cases we see suspicious detections on Linux machines which have hashes that do not exist on popular platforms and we do not have licenses for sandboxes. To resolve [...] Read more

Researching CVE-2025-14847 (Mongo memory leak): Defensive Strategies and Detection Techniques

- Posted in Threat Analyze by
Researching CVE-2025-14847 (Mongo memory leak): Defensive Strategies and Detection Techniques
Background: A few days ago, there was a notification about a memory leak issue (CVE) affecting MongoDB. Shortly after, a proof-of-concept (POC) was released on one of the version control channels. As [...] Read more

AI-Powered Polymorphic Phishing Pages: Detection Methods and Defensive Strategies

- Posted in Threat Analyze by
AI-Powered Polymorphic Phishing Pages: Detection Methods and Defensive Strategies
Background: As AI technologies rapidly advance, it is essential for us as cybersecurity specialists to understand how we can defend against emerging threats. One scenario that comes to mind is the [...] Read more

Investigating Malicious Activity in WSL Environments

- Posted in Threat Analyze by
Investigating Malicious Activity in WSL Environments
Background: Some XDR and EDR solutions are not effective when dealing with threats hidden inside WSL. In certain cases, it can also be challenging for digital forensic specialists to detect threats [...] Read more

State-Linked Hacker Toolset Analysis & Defense Blueprint

- Posted in Threat Analyze by
State-Linked Hacker Toolset Analysis & Defense Blueprint
Background: Recently, some unknown specialists uploaded several dumps from servers that, according to their claims, are related to Kimsuky (State sponsored) systems. As cybersecurity defenders, we [...] Read more

Knock, knock: Why the recent announcement about mobile spyware leak was fake

- Posted in Threat Analyze by
Knock, knock: Why the recent announcement about mobile spyware leak was fake
Background: Recently, a Telegram account announced the publication of source codes related to a mobile spyware. Before drawing any final conclusions, it is important to understand that this [...] Read more

Not the First, Not the Last: Understanding the 16 Billion Infostealer Leak

- Posted in Threat Analyze by
Not the First, Not the Last: Understanding the 16 Billion Infostealer Leak
Background: Recently, the media reported on a leak of 16 billion cleartext passwords that were found on an underground platform. As a result, the team behind the discovery noticed that the names of [...] Read more

The Invisible Threat: How to Detect Physical Keystroke Injection Implants

- Posted in Threat Analyze by
The Invisible Threat: How to Detect Physical Keystroke Injection Implants
Background: In today's cybersecurity landscape, there are many attack types. One of them is hardware-based, which can be leveraged by threat actors to connect special keystroke injection devices into [...] Read more
Page 1 of 3