The Official Blog from Kaspersky covers information to help protect you against viruses, spyware, hackers, spam & other forms of malware.
Every day Kaspersky automatically processes around 400,000 new malicious files. Only one percent of these need manual work from a security expert, and only a tiny fraction of that 1% go to the company’s top-notch Global Research and Analysis Team (GReAT). Those chosen few samples belong to the rarest, most menacing new APTs (advanced persistent threats). Kaspersky Lab’s Targeted Cyberattack Logbook chronicles all of these ground-breaking malicious cybercampaigns that have been investigated by!
Real Intrusions by Real Attackers, The Truth Behind the Intrusion.
We discuss hot topics, malware behavior, techniques, practices for analyzing malicious files, and of course, we will talk more about our online interactive sandbox.
These are notes about all things focusing on, but not limited to, red teaming and offensive security.
Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and web addresses for threats, malware, viruses
Documenting reverse engineering of malware.
Frontline Mandiant investigations, expert analysis, tools and guidance, and in-depth security research.
The EMBER dataset is a collection of features from PE files that serve as a benchmark dataset for researchers. The EMBER2017 dataset contained features from 1.1 million PE files scanned in or before 2017 and the EMBER2018 dataset contains features from 1 million PE files scanned in or before 2018. This repository makes it easy to reproducibly train the benchmark models, extend the provided feature set, or classify new PE files with the benchmark models.
TIPS & GUIDANCE Ransomware incidents can severely impact business processes and leave organizations without the data they need to operate and deliver.
29 year old cybersecurity specialist, speaker, and ex-hacker. Best known for stopping the global WannaCry ransomware attack. Background in programming & threat intelligence.
The RRA (Recent Ransomware Attacks) site acts as a watchtower, providing near real-time ransomware tracking of attacks, groups and their victims. Given threat actors' overarching. lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
Malcore is designed to automate malware analysis and was designed by Internet 2.0’s top malware analysts Thomas Perkins. Malcore’s sandbox powered by AI is designed with speed and scalability. Malcore automates malware analysis, checks files and links.
Attackers are using popular legitimate domains when conducting phishing, C&C, exfiltration and downloading tools to evade detection. The list of websites below allow attackers to use their domain or subdomain.
Stop Malvertising investigates current Malware Trends and the distribution of malware exploits through online advertising networks.
Ransomware.live monitors the extortion sites used by ransomware groups. The information posted on this website is dynamically updated in near real-time.
GitHub public repositories matching the '#malware' topic.
A comprehensive module-based malware development course that provides fundamental to advanced level training|
Collection of various malicious functionality to aid in malware development.
A global community of people helping each other with their Security, Technology and Technical Support questions.
Explore Triage's Malware Analysis Sandbox to dissect your malware samples. Access malware trends, and a customizable environment for in-depth analysis and classification.
We are the leading creator of original DNS threat intelligence. We’re proactive, not just defensive, using our insights to track threat actor infrastructure and disrupt cybercrime where threat actors begin. We also believe in sharing knowledge to support the broader security community by publishing detailed research on select actors and associated indicators.
We keep you posted on the latest cyber threats. Learn more about what is new in the world of IT security. Knowledge is the best protection.
AMSI.fail generates obfuscated PowerShell snippets that break or disable AMSI for the current process. The snippets are randomly selected from a small pool of techniques/variations before being obfuscated. Every snippet is obfuscated at runtime/request so that no generated output share the same signatures.
A community driven public malware repository that works to provide free access to malware samples and tooling to the infomation security community.
World First Visual AI Based Malware Detection. The first solution that converts files into graphical representations and checks whether malware is contained or not. We provide user-friendly, efficient and secure malware detection technology.
PolySwarm is a crowdsourced threat detection marketplace where security experts & AV companies compete to protect you.
A mix of in-depth nuanced takes on current events and highly technical original research by Marcus Hutchins. I cover a wide array of topics such as vulnerability research, threat intelligence, national security, reverse engineering, and Windows internals.
This service is collecting, indexing, and centralizing ransomware information from most ransomware groups and their victims.
The latest updates on cybersecurity from today’s experts. Read about ransomware, vulnerabilities, and threat intelligence impacting businesses.
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance.
RansomLook is an open-source project aimed at assisting users in tracking ransomware-related posts and activities across various sites, forums, and Telegram channels.
Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.
Sekoia.io Blog sheds light on the state of the Cybersecurity Operations industry, from Threat analyses to highlights on solutions and partnerships as well as foundational contents on XDR, CTI and more.
Get up-to-date hot takes on the state of cybersecurity today, from responses to US-CERT alerts, to using the MITRE ATT&CK framework.
Dark Vortex provides various cybersecurity trainings, products and other services.
The largest collection of malware source code, samples, and papers on the internet.
HackMag is an educational ecosystem where cybersecurity specialists share practical knowledge in exchange for financial rewards and recognition. Access to this knowledge significantly increases the hands-on educational level of fellow specialists and the security of computer systems throughout the world.
Upload a ransom note and/or sample encrypted file to identify the ransomware that has encrypted your data.
A site for sharing packet capture (pcap) files and malware samples. I started this blog in 2013 to share pcaps and malware samples. Due to issues with Google, I've had to take most all blog posts downfrom 2013 through 2018, and I've been slowly restoring these pages using a new pattern for the password-portected zip archives.
Keep up to date with Halcyon's announcements and research here.
Ransomwhere is the open, crowdsourced ransomware payment tracker. Browse and download ransomware payment data or help build our dataset by reporting ransomware demands you have received.
Deep Dive Malware Analysis Insights.
The Intelligence and research arm of Check Point Technologies provides leading cyber threat intelligence to Check Point customers and the greater intelligence community.
Ransomwatch trails the extortion sites used by ransomware groups and surfaces an aggregated feed of claims.
Malpedia is a free service offered by Fraunhofer FKIE. The primary goal of Malpedia is to provide a resource for rapid identification and actionable context when investigating malware. Openness to curated contributions shall ensure an accountable level of quality in order to foster meaningful and reproducible research.
Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
Access top cyber intelligence and dark web insights to navigate digital threats effectively with Daily Dark Web.
A cybersecurity and technology news platform that also publishes in-depth guides, tutorials, and reviews.
Researchers in the Lookout Threat Lab leverage the world’s largest mobile telemetry dataset to track APT activity, discover new mobile malware, and provide actionable intelligence.
With a massive growth in new malware and infections, macOS security awareness is now more important than ever. Yet many people believe that if they are using macOS they are safe and should not be concerned about getting infected. Even though malware for macOS is years behind Windows malware in the sense of sophistication, complexity and number of infections, macOS malware is becoming more sophisticated as time goes by. Furthermore, it uses more ways to infect, evade and abuse the macOS architecture to deliver malware, for example - using applications signed with legitimate Apple developer certificates to avoid detection.
Collection of malware source code for a variety of platforms in an array of different programming languages.
HijackLibs provides an curated list of DLL Hijacking candidates, mappings between DLLs and vulnerable executables, with additional metadata for more context. For defenders, this project can provide valuable information when trying to detect DLL Hijacking attempts; for red teamers, this project can help identify DLLs that can be used to achieve DLL Hijacking.
Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.
Online Virus Scanner Without Result Distribution. Scan your file online with multiple different antiviruses without distributing the results of your scan.
theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis, we have decided to gather all of them for you in an accessible and safe way. theZoo was born by Yuval tisf Nativ and is now maintained by Shahak Shalev.
PCrisk cyber security portal and certified anti-virus application Combo Cleaner is brought by a company RCS LT. All content on pcrisk.com is provided by professional authors who are experts in computer security. In our removal guides we recommend using Combo Cleaner to remove malware infections. Close collaboration between expert authors of PCrisk and malware researchers of Combo Cleaner empowers us to provide the best solutions in malware removal. Every malware removal guide is closely checked by our malware researchers to ensure that Combo Cleaner can 100% detected and eliminate the threat that we write about.
It is the golden age of Command and Control (C2) frameworks. The goal of this site is to point you to the best C2 framework for your needs based on your adversary emulation plan and the target environment. Take a look at the matrix or use the questionnaire to determine which fits your needs.
Atomic Red Team™ is library of tests mapped to the MITRE ATT&CK framework. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments.
MalwareMustDie (MMD) is a prominent nonprofit whitehat security research group that emerged in August 2012, standing as a collective force against the proliferation of malware on the internet. The organization comprises a collaborative effort of IT professionals and dedicated security researchers, united by a shared mission to combat and mitigate the impact of various forms of malicious software.
This encyclopedia contains the description of anti-debug tricks which work on the latest Windows releases with the most popular debuggers (such as OllyDbg, WinDbg, x64dbg). Deprecated techniques (e.g. for SoftICE, etc.) are not included (despite all the love to SoftICE).
Stay up-to-date with industry insights and trends by reading Analyst1's informative blog. Explore our extensive range of topics and stay informed.
Analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community.
A free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology.
Stay up to date with the latest cybersecurity insights, practical advice, articles and news from the Veriti Experts.