Love-GPT is a tool that provides vast functionality over several different dating platforms, providing the capability to create fake accounts, interact with victims, anonymize the access, and more. It also uses ChatGPT, to achieve its goals.
Let's have a look at the threats brought by introduction of .zip TLD
Since October 2022, we’ve been observing multiple malware types delivered via a new dropper strain that we are referring to as “NeedleDropper”. Its name references one of the ways the dropper stores data. NeedleDropper is not just a single executable, it carries several files which together create...
ViperSoftX is a multi-stage stealer that exhibits interesting hiding capabilities. Other than stealing cryptocurrencies, it also spreads the VenomSoftX browser extension, which performs man-in-the-browser attacks.
VB6's IDispatch implementation reveals full function prototypes for internal forms and classes. Let's learn how to recover and extract them.
A new campaign targeting businesses in Europe and South America is making its rounds, spreading the information stealer, AgentTesla, via spoofed phishing emails.
Introduction The Go programming language is becoming more and more popular. One of the reasons being that Go programs can be compiled for multiple operating systems and architectures in a single binary self containing all needed dependencies. Based on these properties, and as we expected, we...
Introduction Rootkits are dangerous pieces of malware. Once in place, they are usually really hard to detect. Their code is typically more challenging to write than other malware, so developers resort to code reuse from open source projects. As rootkits are very interesting to analyze, we are...
The TaRRaK ransomware appeared in June of 2021. This ransomware contains many coding errors, so we decided to publish a small blog about them. Samples of this ransomware were spotted in our user base, so we also created a decryptor for this ransomware. Skip to instructions on how to use the TaRRaK...
Our threat hunters have been busy searching for abuse of the recently-released zero-day remote code execution bug in Microsoft Office (CVE-2022-30190). As part of their investigations, they found evidence of a threat actor hosting malicious payloads on what appears to be an Australian VOIP...