ProferoSec

Static unpacker and decoder for Hello Kitty Packer

OSS Getting Hammered for BigCorp Failures

Everyone heard of log4j by now

log4jScanner

Log4Shell & massive Kinsing deployment

On December 9th, 2021 news broke about a newly discovered vulnerability affecting the java logging library, Log4j.

Since this news broke out, threat actors around the world have rushed to take advantage of this easy-to-exploit…

From the Trenches: Common-Sense Measures to Prevent Cloud Incidents

Introduction

As an incident response team, we see a lot of cloud breaches that could have been prevented. Adequate protection requires in-depth knowledge of the cloud provider and…

RansomEXX, Fixing Corrupted Ransom

Since the sudden disappearance of the REvil ransomware operation, there has been a rise in other…

Secrets Behind Ever101 Ransomware

A victim called the incident response teams of Global Threat Center, reporting a seemingly new stream of ransomware attack. Upon investigation, we determined the extension of the encrypted files was certainly new, but the malware displayed significant similarities with…

Cuba Ransomware Group on a Roll

At the end of 2020, our team made up of SecurityJoes and Profero incident responders, led an investigation into a complex attack in which hundreds of machines were encrypted, knocking the victim company offline completely. The threat actors behind the attack deployed the…

APT27 Turns to Ransomware

At the peak of the COVID-19 pandemic and economic crisis, our Global Incident Response and Cyber Crisis Management teams were engaged on several fronts around the world, fighting cybercrime, and even nation-state actors.