CIBERSEGURANÇA - ISH Tecnologia

In malware research, there are basically two types of analysis: static and dynamic. Simply put, static analysis comprises all the ways of studying software without running it, while its dynamic counterpart is based on observing the program during...

March 4th, 2022December 10th, 2024

Jaqueline SantosBlog, Insights, On-the-go

A show of support for the Russian government led to the exposure of classified information from the Conti group

Following the Conti group's announcement of support for the Russian government, an anonymous person identified on Twitter only as ContiLeaks has declared his support for Ukraine in the ongoing war. On February 27, he began leaking internal information from...

February 10th, 2022December 10th, 2024

Jaqueline SantosBlog, Trends

The TOP 10 Windows versions with the most patches and how to update them

By Átila Altoé and Laura Cardillo It's now a Microsoft tradition to release updates for different editions of the operating system every Tuesday. That's why it's known as Patch Tuesday. And this week, we found out which 10 versions of Windows...

January 20th, 2022December 10th, 2024

Jaqueline SantosBlog, Insider

From phishing to malware, we analyze all the stages of a fileless attack

By Alexandre Siviero The phishing alert that distributed a malicious Power Point was made by researchers Ankit Anubhav and Germán Fernández, who contacted the ISH team. These researchers attributed the threat to NjRAT, specifically...

January 6th, 2022December 10th, 2024

Jaqueline SantosBlog, Insider

The turn of the year was marked by e-mail problems on Exchange servers

By Alexandre Siviero, Atila Altoé and Laura Cardillo As soon as 2022 began, a problem in the component that scans attachments in emails on Exchange servers interrupted the messaging queues. One interesting point was the similarity of the programming flaw...

December 30th, 2021December 10th, 2024

Jaqueline SantosBlog, Insider, Insights

Banking malware is common at this time of year and some good practices can prevent it

This time of year is the season for attacks and fraud involving Brazilian bank accounts. But there are good practices that can protect anyone from social engineering techniques and financial malware. In this post, you'll find guidelines on how not to...

December 13th, 2021December 10th, 2024

Jaqueline SantosBlog, Insider, Insights

There are still no patches for this Zero Day vulnerability in Windows; here's what to do

By Heimdall ISH A new Zero Day vulnerability (still unpatched) was presented to the security world on November 22nd. Mistakenly classified in the news as a bypass of CVE-2021-41379, this is actually a new variant discovered...

We have detected a campaign that distributes malware via Excel spreadsheets

November 17th, 2021December 10th, 2024

Jaqueline SantosBlog, Insider, Trends

We have detected a campaign that distributes malware via Excel spreadsheets; the focus of the fraud is companies

We have detected a campaign that distributes malware via Excel spreadsheets

October 27th, 2021December 10th, 2024

Jaqueline SantosInsider, Blog

Group involved in SolarWinds case makes new attacks on supply chain

Nobelium, the group involved in the SolarWinds case, is replicating tactics from previous supply chain attacks with new approaches. Such attacks have been taking place in the United States and Europe since May 2021....

group that attacked the Colonial Pipeline

May 24, 2021December 10th, 2024

Jaqueline SantosBlog, Insider, On-the-go, Trends

We explain how the group that attacked Colonial Pipeline operates; 13% of the victims were Brazilian companies

In recent days, the whole world has heard about the group that attacked Colonial Pipeline, called the DarkSide Ransomware Group. The attacks on large companies amounted to around U$90 million in Bitcoin. There have been at least 47 companies in the last 9...

1 … 10 11 12 13 14 … 17

How to deal with AES encryption in malware analysis