-
Windows 11’s TPM 2.0: Free Software Foundation Fights Forced Upgrades and E-Waste
Windows 11’s TPM 2.0: Free Software Foundation Fights Forced Upgrades and E-Waste The Free Software Foundation (FSF) is fresh off a successful International Day Against DRM (IDAD), held on December 20th, 2024. This year’s focus was on Microsoft’s controversial requirement of a hard … Read more Published Date: Jan 07, 2025 (8 hours, 8 minutes ago) Vulnerabilities…
-
Vulnerability Overload: 40,000+ CVEs in 2024
Vulnerability Overload: 40,000+ CVEs in 2024 Security researcher Jerry Gamblin has released his annual CVE data review. 2024 saw an unprecedented surge in published Common Vulnerabilities and Exposures (CVEs), reaching a record high of 40,009. T … Read more Published Date: Jan 07, 2025 (7 hours, 50 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-20433…
-
Rhadamanthys Stealer Analysis for Detection Opportunities
Written by ARC Labs contributor, Shannon Mong Threat Overview Binary Defense ARC Labs’ threat researchers recently dissected a Rhadamanthys Stealer infection chain to uncover detection opportunities that defenders can leverage to strengthen organizational security. In this analysis, we provide general detection guidance and actionable queries for detecting Rhadamanthys Stealer. Recent Campaign Insights Rhadamanthys Stealer surfaced on underground…
-
Cleo MFT Mass Exploitation Payload Analysis
Written by ARC Labs contributors, John Dwyer and Eric Gonzalez ARC Labs recently capture and analyzed the second and third stage payloads used during a Cleo MFT compromise. The compromise is a result of exploitation of CVE-2024-50623 which allows for unauthorized remote code execution. Additional reports suggest that exploitation of the vulnerability continues to be possible even after…
-
Shining a Light in the Dark – How Binary Defense Uncovered an APT Lurking in Shadows of IT
Written by ARC Labs contributors, John Dwyer, Eric Gonzalez at Binary Defense and Tyler Hudak at TrustedSec In cybersecurity, the threats we don’t see—or don’t expect—often pose the greatest danger. Recently, this became all too clear when three unmanaged AIX servers, sitting exposed on the internet, opened the door for a China-Nexus Threat Actor to launch an…
-
Understanding Sleep Obfuscation
How Malware Uses Sleep Cycles to Avoid Detection The post Understanding Sleep Obfuscation appeared first on Binary Defense. Go to Source
-
Technical Analysis: Killer Ultra Malware Targeting EDR Products in Ransomware Attacks
This post was written by John Dwyer, Director of Security Research at Binary Defense, and made possible through the contributions of TrustedSec Senior Research Analyst Kevin Haubris and Eric Gonzalez of Binary Defense. ARC Labs recently recovered a tool leveraged in Qilin ransomware attacks aimed at impairing defenses by disabling popular endpoint detection and response…