ProferoSec

Multi-factor Authentication In-The-Wild bypass methods

Introduction

Static unpacker and decoder for Hello Kitty Packer

OSS Getting Hammered for BigCorp Failures

Everyone heard of log4j by now

log4jScanner

Log4Shell & massive Kinsing deployment

On December 9th, 2021 news broke about a newly discovered vulnerability affecting the java logging library, Log4j.

Since this news broke out, threat actors around the world have rushed to take advantage of this easy-to-exploit…

From the Trenches: Common-Sense Measures to Prevent Cloud Incidents

Introduction

As an incident response team, we see a lot of cloud breaches that could have been prevented. Adequate protection requires in-depth knowledge of the cloud provider and…

RansomEXX, Fixing Corrupted Ransom

Since the sudden disappearance of the REvil ransomware operation, there has been a rise in other…

Secrets Behind Ever101 Ransomware

A victim called the incident response teams of Global Threat Center, reporting a seemingly new stream of ransomware attack. Upon investigation, we determined the extension of the encrypted files was certainly new, but the malware displayed significant similarities with…

Cuba Ransomware Group on a Roll

At the end of 2020, our team made up of SecurityJoes and Profero incident responders, led an investigation into a complex attack in which hundreds of machines were encrypted, knocking the victim company offline completely. The threat actors behind the attack deployed the…