In this blog post, we will perform a deep analysis into GootLoader, malware which is known to deliver several types of payloads, such as Kronos trojan, REvil, IcedID, GootKit payloads and in this case Cobalt Strike. In our analysis we’ll be using the initial malware sample itself together with some malware artifacts from the system … Continue reading Analysis of a trojanized jQuery script: GootLoader unleashed
Author: Sasja Reynaert
New year, new vulnerabilities: Spectre & Meltdown
Two new vulnerabilities “Spectre” and “Meltdown” were recently discovered, affecting millions of systems worldwide. Please find our security advisory below. Summary Spectre and Meltdown are hardware vulnerabilities in … Continue reading New year, new vulnerabilities: Spectre & Meltdown
To Petya or not to Petya
On June 27, 2017, we were informed via several channels that attackers launched a new type of ransomware. This cyber-attack affects companies across Europe and the US. The attack has some similarities with a previous attack known as “Wannacry”, but it has some distinct features. The advisory below has been sent out to all our … Continue reading To Petya or not to Petya
A practical guide to RFID badge copying
During red teaming assignments we are sporadically asked to attempt to gain access to certain physical “flags”. These flags could be the inside of a server room, or the workstation of a member of the management team. Aside from these red teaming assignments, in most organisations, access badges are often the single factor of security … Continue reading A practical guide to RFID badge copying