Blog

New Evasion Technique Using Powerpoint

According to VirusTotal, A Powerpoint sample was first submitted to VT on 2022-02-02, and 0/60 detection rate since 2022-09-08. The same file was submitted to MalwareBazaar on September 9, 2022. Most of the solutions marked the file as clean. Infection … Read More

LAZARUS CONTINUES TO EVADE SECURITY VENDORS

North Korean Threat Actor! LAZARUS CONTİNUES TO EVADE SECURİTY VENDORS Lazarus Group is a North Korean state-sponsored cyber threat group that has been attributed to the Reconnaissance General Bureau. The group has been active since at least 2009. Their sensational … Read More

Running Shellcode Through Windows Callbacks Using VBA Macro

87% of the ransomware found on the dark web has been delivered via malicious macros to infect targeted systems. Because of this reason, AV and Sandbox vendors try to extend their Macro detection capabilities. On the other hand, attackers have … Read More

What is VBA Stomping?

Threat actors employ a variety of strategies to conceal dangerous macros; VBA Stomping is a brilliant trick for embedding macros in Office documents (e.g., a .xlsm Excel workbook) in a way that can deceive security tools. At this point, Docguard … Read More