ProferoSec

Online Programming Learning Sites Can Be Manipulated By Hackers To Launch Cyberattacks

Multi-factor Authentication In-The-Wild bypass methods

Introduction

Static unpacker and decoder for Hello Kitty Packer

OSS Getting Hammered for BigCorp Failures

Everyone heard of log4j by now

log4jScanner

Log4Shell & massive Kinsing deployment

On December 9th, 2021 news broke about a newly discovered vulnerability affecting the java logging library, Log4j.

Since this news broke out, threat actors around the world have rushed to take advantage of this easy-to-exploit…

From the Trenches: Common-Sense Measures to Prevent Cloud Incidents

Introduction

As an incident response team, we see a lot of cloud breaches that could have been prevented. Adequate protection requires in-depth knowledge of the cloud provider and…

RansomEXX, Fixing Corrupted Ransom

Since the sudden disappearance of the REvil ransomware operation, there has been a rise in other…

Secrets Behind Ever101 Ransomware

A victim called the incident response teams of Global Threat Center, reporting a seemingly new stream of ransomware attack. Upon investigation, we determined the extension of the encrypted files was certainly new, but the malware displayed significant similarities with…