New IDA Pro plugin provides TileGX support

GhIDA: Ghidra decompiler for IDA Pro

RAT Ratatouille: Backdooring PCs with leaked RATs

Executive summary Orcus RAT and RevengeRAT are two of the most popular remote access trojans (RATs) in use across the threat landscape. Since its emergence in 2016, various adversaries used RevengeRAT to attack organizations and individuals around the world. The source code asso

RATs and stealers rush through “Heaven’s Gate” with new loader

By Holger Unterbrink and Edmund Brumaghin. Executive summary Malware is constantly finding new ways to avoid detection. This doesn't mean that some will never be detected, but it does allow adversaries to increase the period of time between initial release and detection. F

Dynamic Data Resolver (DDR) - IDA Plugin

Vulnerability Deep Dive - TALOS-2018-0636 / CVE-2018-3971 Sophos HitmanPro.Alert vulnerability

Vulnerability Spotlight: TALOS-2018-0635/0636 - Sophos HitmanPro.Alert memory disclosure and code execution vulnerabilities

Old dog, new tricks - Analysing new RTF-based campaign distributing Agent Tesla, Loki with PyREbox

This blog post was authored by Edmund Brumaghin and Holger Unterbrink with contributions from Emmanuel Tacheau. Executive Summary Cisco Talos has discovered a new malware campaign that drops the sophisticated information-stealing trojan called "Agent Tesla," and othe

Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader

TALOS-2018-0626 / CVE-2018-3956 is an exploitable out-of-bounds read vulnerability which can disclose sensitive memory content and could be used, in conjunction with other vulnerabilities, to aid in full compromise. A specially crafted PDF file could trigger this vulnerability.