-
**Issue**
“sanitycheckcpp.exe” is detected as malware by Kaspersky Antivirus.
(note that I use CLion IDE)
**To Reproduce**
- Launch CLion IDE
- Create a C++ Meson project
**System paramete…
-
### Description
Review detection coverage for C2 via Google Sheets from recent "Voldemort" campaign.
### Target Ruleset
windows
### Target Rule Type
Event Correlation (EQL)
### Tested ECS Versio…
-
**Is your feature request related to a problem? Please describe.**
When running `lynis audit system` at the end of the report I see `Malware scanner [X]`.
I have SentinelOne installed which I believ…
-
> [!CAUTION]
> Basically I got an pishing email which apparently leads to _Lumma Stealer information-stealing malware_, the interesting thing is that they used **GitHub notification system** to make …
-
https://joddiy.github.io/blog/2018/12/18/dynamic-malware-research/
This post summaries 8 papers on dynamic malware detection domain.
-
### Description
We are creating 8 new, optional, Elastic Defend (Endpoint) promotion rules (https://github.com/elastic/security-team/issues/6287). These will be 4 Detection & 4 Prevention rules for …
-
When trying to use this on Windows 10 to run FM2005 5.0.5, Windows Defender makes it near impossible to do safely, as far as I can tell.
It's not possible to add the downloaded zip file or the exec…
-
**Background**
This is our first Malware Static Analyzer written in RUST.
Static analysis is a well research topic, where recurrently Researches are able to achieve 95-97% detection using a series o…
-
**Description**
After deleted the Elastic endpoint [Duplicate] rule, rule name is changed from "Elastic endpoint [Duplicate]" to "Malware Detection Alert"
**Build Details:**
```
Version: 7.14.0…
ghost updated
3 months ago
-
Trend Micro apparently doesn't like this registry activity
