▽Blog - Securelist
●07/21 15:18
GReAT researchGhostContainer backdoor: malware compromising Exchange servers of high-value organizations in AsiaIn an incident response case in Asia, Kaspersky researchers discovered a new backdoor for Microsoft Exchange servers, based on open-source tools and dubbed “GhostContainer”.GReATAPT reportsSleep with one eye open: how Librarian Ghouls steal data by nightKasperskySOC, TI and IR pos

▽Linux Sleuthing
●07/20 11:27
2 weeks ago

▽Hacking Exposed Computer Forensics Blog
●07/18 13:40
Daily Blog #812: Testing AWS Log latency - Removing Users from Groups

▽Mandiant Blog
●07/18 05:42
Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP BackdoorBy Mandiant • 21-minute readThreat Intelligence

▽ Hexacorn | Blog
●07/13 15:58
1 little known secret of advpack.dll, LaunchINFSectionPosted on 2025-07-12 by adamYes, yet another oldie with a secret…The .inf files are as old as Windows itself, and their internal structure has been covered by many, and over at least last two decades.So, what’s new?Well…Ever heard of LoadAdvpackExtension ?This simple .inf file demonstrates how to use it to load a DLL of your choice:[ver