Avigayil Mechtinger, Author at Intezer
4

Automate Alert Triage and Response Tasks with Intezer EDR Connect

Integrate with SentinelOne, CrowdStrike, and More One of the biggest pain points of cyber security teams is alert fatigue – trying to...

5

Scale Incident Response with Detection Engineering: Intezer Detect & Hunt

Adversaries are highly motivated, constantly expanding and improving their tools and techniques. On the other side of the fight, security teams are...

7

New SysJoker Backdoor Targets Windows, Linux, and macOS

Malware targeting multiple operating systems has become no exception in the malware threat landscape. Vermilion Strike, which was documented just last September,...

9

Malware Reverse Engineering for Beginners - Part 1: From 0x0

Malware researchers require a diverse skill set usually gained over time through experience and self-training. Reverse engineering (RE) is an integral part of...

8

Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike

Key Findings Discovered Linux & Windows re-implementation of Cobalt Strike Beacon written from scratchLinux malware is fully undetected by vendorsHas IoC and...

7

Targeted Phishing Attack against Ukrainian Government Expands to Georgia

In May 2021, Fortinet published a report about the early stages of an ongoing phishing attack against the Ukrainian government. The attack, initially...

5

Wrapping Up a Year of Infamous Bazar Campaigns

Bazar is the latest tool developed by the TrickBot gang Common malware used for cybercrime such as Agent Tesla, Dridex and Formbook...

5

New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor

We discovered a new sophisticated backdoor targeting Linux endpoints and servers Based on Tactics, Techniques, and Procedures (TTPs) the backdoor is believed to...

16

ELF Malware Analysis 101: Part 3 - Advanced Analysis

Getting Caught Up to Speed So far in this series we have profiled the ELF threat landscape and covered the most common...

3

Operation ElectroRAT: Attacker Creates Fake Companies to Drain Your Crypto Wallets

Already with thousands of victims. Intro With Bitcoin on the rise and a market exceeding billions of dollars, cryptocurrency has attracted threat actors...

6

Early Bird Catches the Worm: New Golang Worm Drops XMRig Miner on Servers

Intro In early December, we discovered a new, undetected worm written in Golang. This worm continues the popular 2020 trend of multi-platform malware developed...

5

Stantinko’s Proxy After Your Apache Server

Intro It is common for threat actors to evolve their Linux malware. BlackTech with their new ELF_PLEAD malware and Winnti’s PWNLNX tool are recent examples....

11

A Storm is Brewing: IPStorm Now Has Linux Malware

Introduction The development of cross-platform malware is not new, however, we continue to observe a number of malware that were previously documented only...

16

ELF Malware Analysis 101 Part 2: Initial Analysis 

Introduction In the previous article we profiled the ELF malware landscape and explained how malware infects systems. We discussed the current lack...

6

ELF Malware Analysis 101: Linux Threats No Longer an Afterthought

Introduction Linux has a large presence in the operating systems market because it’s open-sourced, free, and software development oriented—meaning its rich ecosystem...

© Intezer.com 2022 All rights reserved
Integrate with EDRs like CrowdStrike and SentinelOne to automate alert triage & response tasks.Integrate with EDRs like CrowdStrike and SentinelOne Learn more