Quickie: String Analysis is Still Useful, (Sun, Dec 9th)

String analysis: extracting and analyzing strings from binary files (like executables) to assist with reverse engineering.

Arrest of Huawei CFO Inspires Advance Fee Scam, (Sun, Dec 9th)

Last week, the arrest of MENG Wanzou made big waves in the news. Ms. Meng was arrested in Canada based on an arrest warrant issued for the United States Department of justice. Ms. Meng, as CFO of Huawei and possible heir to her father, the CEO of Huawei, is assumed to have access to substantial […]

Reader Malware Submission: MHT File Inside a ZIP File, (Sat, Dec 8th)

Reader Jason submitted a ZIP file received via email. It contains an MHT file, an when Jason received it, it had 0 detections on VirusTotal.

A Dive into malicious Docker Containers, (Fri, Dec 7th)

Last few days we’re seeing increased attacks from %%ip:192.99.142.246%%, which is trying to exploit open Docker instances (%%port:2375%%). The container (being named java123) is based on image ahtihhebs/picture124, and executed with payload: