Outer Web | Explore

Explore >> Select a destination

You are here		blog.talosintelligence.com Threat Spotlight: WarmCookie/BadSpace
\|	\|	intezer.com Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat	2.9 parsecs away Travel
\|	\|	Symbiote is a new Linux® malware we discovered that acts in a parasitic nature, infecting other running processes to inflict damage on machines.	2.9 parsecs away Travel
\|	\|	thehackernews.com Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities	3.2 parsecs away Travel
\|	\|	AI-created VS Code malware and fake npm packages reveal how attackers exploit open-source trust.	3.2 parsecs away Travel
\|	\|	forensicitguy.github.io Timelining a Malicious VHD for More Intelligence \| Tony Lambert	9.9 parsecs away Travel
\|	\|	In a previous blog post I mentioned how adversaries using VHD files to distribute malware can leave around a lot more data than they intend, including identifiable data for tracking. In this post I want to break out the best friend everyone made during SANS FOR508, Plaso, so I can process the filesystem data for a malicious VHD and illustrate how we can establish a timeline of operations for the adversary. Just like last time, the sample I'm working with is here in MalwareBazaar: https://bazaar.abuse.ch/sample/72ba4bd27c5d95912ac5e572849f0aaf56c5873e03f5596cb82e56ac879e3614/.	9.9 parsecs away Travel
\|	\|	shopifyninja.ca What Is Sandboxing? How Does Cloud Sandbox Software Work?	16.1 parsecs away Travel
\|		In the world of cybersecurity, a sandbox refers to an isolated environment on a network that behaves in end-user operating environments.	16.1 parsecs away Travel