July 2025

, ,

Using LLMs as a reverse engineering sidekick

This research explores how large language models (LLMs) can complement, rather than replace, the efforts of malware analysts in the complex...

Sp123 31 Jul, 2025
, ,

Webinar – SocGolish: From Fake Updates to Real Breaches

SocGholish, known as the pioneer of fake browser update attacks,  remains one of the most effective initial access tools in the wild. Join u...

Sp123 31 Jul, 2025
, ,

Unmasking LockBit: A Deep Dive into DLL Sideloading and Masquerading Tactics

Stealthy TTPs help ransomware attackers remain under the radar. Introduction to Malware Binary Triage (IMBT) Course Looking to level up y...

Sp123 31 Jul, 2025
, ,

CISA and FBI Release Tactics, Techniques, and Procedures of the Scattered Spider Hacker Group

The joint Cybersecurity Advisory AA23-320A, collaboratively issued by agencies such as the FBI, CISA, RCMP, ASD’s ACSC, AFP, CCCS, and NCSC-...

Sp123 30 Jul, 2025
, ,

How to Decrypt Files Encrypted by Ransomware

The rise in ransomware within all industries is a call for real concern about what you need to do to prepare your organization for when you ...

Sp123 30 Jul, 2025
, ,

Cobalt Strike Beacon delivered via GitHub and social media

Introduction Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS...

Sp123 30 Jul, 2025
, ,

맥북 Homebrew 패키지 관리자 사칭 아토믹스틸러(Atomic Stealer) 클릭픽스(ClickFix) 유포 사이트-brewsh(.)cx(2025.7.28)

오늘은 맥북 Homebrew 패키지 관리자 사칭 아토믹스틸러(Atomic Stealer) 에 대해 글을 적어 보겠습니다.Homebrew는 macOS (및 Linux)를 위한 패키지 관리자이며 맥에서 소프트웨어를 설치하고 관리하는 것을 훨씬&n…...

Sp123 29 Jul, 2025
, ,

Triage is Key! Python to the Rescue!, (Tue, Jul 29th)

When you need to quickly analyze a lot of data, there is one critical step to perform: Triage. In forensic investigations, this step is crit...

Sp123 29 Jul, 2025
, ,

Attacking GenAI applications and LLMs – Sometimes all it takes is to ask nicely!

Generative AI and LLM technologies have shown […] Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Ge...

Sp123 29 Jul, 2025
, ,

Threat Actors Use Phishing to Target Belgian Grand Prix Fans and Teams

Cybersecurity experts have pointed to an increase in sophisticated threat actor activity following the July 27 2025 Belgian Grand Prix at Sp...

Sp123 29 Jul, 2025
, ,

Protecting the Evidence in Real-Time with KQL Queries

A few weeks ago, I published a post titled Detecting Ransomware Final Stage Activities with KQL Queries where I shared different phases an...

Sp123 28 Jul, 2025
, ,

Sygnia Named in the 2025 Gartner ® Market Guide for Digital Forensics and Incident Response Retainer Services

Top organizations worldwide trust Sygnia to respond fast, contain threats, and restore business operations in the moments that matter most. ...

Sp123 28 Jul, 2025
, ,

A week in security (July 21 – July 27)

A list of topics we covered in the week of July 21 to July 27 of 2025 Introduction to Malware Binary Triage (IMBT) Course Looking to leve...

Sp123 28 Jul, 2025
, ,

ISC Stormcast For Monday, July 28th, 2025 https://ift.tt/s5qRoUF, (Mon, Jul 28th)

Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any fla...

Sp123 28 Jul, 2025
, ,

Linux Medusa Rootkit Detection and De-Cloaking

There is a new rootkit called Medusa on Linux and we wanted to give some tips on how to deal with this style of attack. Medusa is what we ca...

Sp123 27 Jul, 2025
, ,

Trading View 피싱 사이트 를 통한 ClickFix(클릭픽스)공격 사이트

오늘은 사용자를 Trading View 피싱 사이트로 유도를 해서 가짜 캡처 사이트로 유도한 악성코드를 유포하는 ClickFix(클릭픽스)에 대해 알아보겠습니다.ClickFix(클릭픽스) 이라는 공격을 통해서 사용자가 스스로 악성코드를 감염시키는...

Sp123 27 Jul, 2025