Security Boulevard

Centurion: Bring Your Own Execution Environment

Writing my own virtualized loader is something I’ve been wanting to do since I first read Microsoft’s deep dive on FinFisher’s multi-layered VM obfuscation back in 2018. FinFisher didn’t just use one ...
GitHub

AV bypass using the shellcode loader 'Shellcodeloader'

It is a shellcode loader that uses encryption to get around AV solutions such as Windows Defender. > The tool is composed of a generator (Shellcodeloader.exe) and numerous loader templates. There are ...
Bitdefender

FamousSparrow APT Targets Azerbaijani Oil and Gas Industry

I'd like to thank my co-author, Martin Zugec, for his valuable contributions to this report. This intrusion adds three dimensions to the public understanding of Chinese APT activity in contested ...
GitHub

AV bypass using the shellcode loader 'Harriet'

Source: => https://github.com/assume-breach/Home-Grown-Red-Team/tree/main/Harriet Harriet is shellcode loader that uses AES encryption and function/variable ...
The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...
Microsoft

AI brands as bait: How threat actors are using the AI hype in social engineering

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...
CSOonline

Why some security fixes never reach your vulnerability dashboard

CVE was built to track code flaws with fixes. It’s now being stretched to cover malware and supply chain incidents that don’t fit. Agent infrastructure and AI assets are where that drift becomes ...