Outer Web | Explore

Explore >> Select a destination

You are here		blog.talosintelligence.com Threat Spotlight: WarmCookie/BadSpace
\|	\|	intezer.com Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat	2.9 parsecs away Travel
\|	\|	Symbiote is a new Linux® malware we discovered that acts in a parasitic nature, infecting other running processes to inflict damage on machines.	2.9 parsecs away Travel
\|	\|	forensicitguy.github.io Timelining a Malicious VHD for More Intelligence \| Tony Lambert	9.9 parsecs away Travel
\|	\|	In a previous blog post I mentioned how adversaries using VHD files to distribute malware can leave around a lot more data than they intend, including identifiable data for tracking. In this post I want to break out the best friend everyone made during SANS FOR508, Plaso, so I can process the filesystem data for a malicious VHD and illustrate how we can establish a timeline of operations for the adversary. Just like last time, the sample I'm working with is here in MalwareBazaar: https://bazaar.abuse.ch/sample/72ba4bd27c5d95912ac5e572849f0aaf56c5873e03f5596cb82e56ac879e3614/.	9.9 parsecs away Travel
\|	\|	www.welivesecurity.com Bandidos at large: A spying campaign in Latin America	2.6 parsecs away Travel
\|	\|	ESET researchers uncover an active malicious campaign in Latin America that uses new versions of old malware, Bandook, to spy on its victims.	2.6 parsecs away Travel
\|	\|	www.talosintelligence.com Reputation Center - A Real Time Threat Detection Service \|\| Cisco Talos Intelligence Group - Comprehensive Threat Intelligence	14.8 parsecs away Travel
\|		The Talos Reputation Center detects and correlates threats in real time using the largest threat detection network in the world spanning web requests, emails, malware samples, open-source data sets, endpoint intelligence, and network intrusions.	14.8 parsecs away Travel