Why this blog went quiet for five years
Malware Bazaar and VirusTotal platforms revealed some interesting insights into who manages Sodinokibi, from the perspective of incident response.
P0sT5n1F3r, a stealthy Apache backdoor built to sniff HTTPS traffic. Undetected by anti-malware platforms, the module used RC4 encryption to hide its activities. Reverse engineering revealed the key, exposing a targeted payload designed to steal credit card data.
My own reverse engineering of a WannaCry sample.
...or in other words, when failing to reverse a CTF binary makes you loose a job
In this tutorial we'll fix U-Boot on default Kali Linux 2018.4 on the SolidRun Cubox-i4Pro.
In this post we continue the analysis of the Pony sample.
In this post we go further into the analysis of the sample unpacked in the previous part.
