Avigayil Mechtinger, Author at Intezer

macOS Threats: Automate Mac Alert Triage with Intezer

We are happy to announce that Intezer now supports scanning macOS files. 😁 Intezer’s Autonomous SecOps solution automates security operations processes, including alert...


Stay Ahead of the Latest Threats with Threat Family Tracking

TL;DR – You can now subscribe to threat actors/malware families in Intezer and receive notifications for new IoCs and detection opportunities. Staying...


Automate Alert Triage and Response Tasks with Intezer EDR Connect

Integrate with SentinelOne, CrowdStrike, and More One of the biggest pain points of cyber security teams is alert fatigue – trying to...


Scale Incident Response with Detection Engineering: Intezer Detect & Hunt

Adversaries are highly motivated, constantly expanding and improving their tools and techniques. On the other side of the fight, security teams are...


New SysJoker Backdoor Targets Windows, Linux, and macOS

Malware targeting multiple operating systems has become no exception in the malware threat landscape. Vermilion Strike, which was documented just last September,...


Malware Reverse Engineering for Beginners - Part 1: From 0x0

Malware researchers require a diverse skill set usually gained over time through experience and self-training. Reverse engineering (RE) is an integral part of...


Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike

Key Findings Discovered Linux & Windows re-implementation of Cobalt Strike Beacon written from scratchLinux malware is fully undetected by vendorsHas IoC and...


Targeted Phishing Attack against Ukrainian Government Expands to Georgia

In May 2021, Fortinet published a report about the early stages of an ongoing phishing attack against the Ukrainian government. The attack, initially...


Wrapping Up a Year of Infamous Bazar Campaigns

Bazar is the latest tool developed by the TrickBot gang Common malware used for cybercrime such as Agent Tesla, Dridex and Formbook...


New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor

We discovered a new sophisticated backdoor targeting Linux endpoints and servers Based on Tactics, Techniques, and Procedures (TTPs) the backdoor is believed to...


ELF Malware Analysis 101: Part 3 - Advanced Analysis

Getting Caught Up to Speed So far in this series we have profiled the ELF threat landscape and covered the most common...


Operation ElectroRAT: Attacker Creates Fake Companies to Drain Your Crypto Wallets

Already with thousands of victims. Intro With Bitcoin on the rise and a market exceeding billions of dollars, cryptocurrency has attracted threat actors...


Early Bird Catches the Worm: New Golang Worm Drops XMRig Miner on Servers

Intro In early December, we discovered a new, undetected worm written in Golang. This worm continues the popular 2020 trend of multi-platform malware developed...


Stantinko’s Proxy After Your Apache Server

Intro It is common for threat actors to evolve their Linux malware. BlackTech with their new ELF_PLEAD malware and Winnti’s PWNLNX tool are recent examples....


A Storm is Brewing: IPStorm Now Has Linux Malware

Introduction The development of cross-platform malware is not new, however, we continue to observe a number of malware that were previously documented only...


ELF Malware Analysis 101 Part 2: Initial Analysis 

Introduction In the previous article we profiled the ELF malware landscape and explained how malware infects systems. We discussed the current lack...


ELF Malware Analysis 101: Linux Threats No Longer an Afterthought

Linux has a large presence in the operating systems market because it’s open-sourced, free, and software development oriented—meaning its rich ecosystem provides...

New: Connect Microsoft Defender with Intezer's Autonomous SOC solutionNew: Connect Microsoft Defender with Intezer's Autonomous SOC solution Learn more
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt