DLL INJECT |
| 2015-09-29 | Pedro Bueno | Tricks for DLL analysis |
DLL |
| 2025-03-18/a> | Xavier Mertens | Python Bot Delivered Through DLL Side-Loading |
| 2023-06-22/a> | Brad Duncan | Qakbot (Qbot) activity, obama271 distribution tag |
| 2023-02-28/a> | Brad Duncan | BB17 distribution Qakbot (Qbot) activity |
| 2023-02-24/a> | Brad Duncan | URL files and WebDAV used for IcedID (Bokbot) infection |
| 2022-11-04/a> | Xavier Mertens | Remcos Downloader with Unicode Obfuscation |
| 2022-08-24/a> | Brad Duncan | Monster Libra (TA551/Shathak) --> IcedID (Bokbot) --> Cobalt Strike & DarkVNC |
| 2022-07-07/a> | Brad Duncan | Emotet infection with Cobalt Strike |
| 2022-04-06/a> | Brad Duncan | Windows MetaStealer Malware |
| 2022-01-21/a> | Xavier Mertens | Obscure Wininet.dll Feature? |
| 2021-12-22/a> | Brad Duncan | December 2021 Forensic Contest: Answers and Analysis |
| 2021-12-02/a> | Brad Duncan | TA551 (Shathak) pushes IcedID (Bokbot) |
| 2021-11-19/a> | Xavier Mertens | Downloader Disguised as Excel Add-In (XLL) |
| 2021-11-16/a> | Brad Duncan | Emotet Returns |
| 2021-10-21/a> | Brad Duncan | "Stolen Images Evidence" campaign pushes Sliver-based malware |
| 2021-09-08/a> | Brad Duncan | "Stolen Images Evidence" Campaign Continues Pushing BazarLoader Malware |
| 2021-07-06/a> | Xavier Mertens | Python DLL Injection Check |
| 2021-06-04/a> | Xavier Mertens | Russian Dolls VBS Obfuscation |
| 2021-05-21/a> | Xavier Mertens | Locking Kernel32.dll As Anti-Debugging Technique |
| 2021-05-18/a> | Xavier Mertens | From RunDLL32 to JavaScript then PowerShell |
| 2021-03-31/a> | Xavier Mertens | Quick Analysis of a Modular InfoStealer |
| 2021-03-03/a> | Brad Duncan | Qakbot infection with Cobalt Strike |
| 2021-02-17/a> | Brad Duncan | Malspam pushing Trickbot gtag rob13 |
| 2021-02-11/a> | Jan Kopriva | Agent Tesla hidden in a historical anti-malware tool |
| 2021-01-26/a> | Brad Duncan | TA551 (Shathak) Word docs push Qakbot (Qbot) |
| 2021-01-20/a> | Brad Duncan | Qakbot activity resumes after holiday break |
| 2020-09-10/a> | Brad Duncan | Recent Dridex activity |
| 2020-08-28/a> | Xavier Mertens | Example of Malicious DLL Injected in PowerShell |
| 2020-06-10/a> | Brad Duncan | Job application-themed malspam pushes ZLoader |
| 2020-05-13/a> | Brad Duncan | Malspam with links to zip archives pushes Dridex malware |
| 2020-04-08/a> | Brad Duncan | German malspam pushes ZLoader malware |
| 2020-03-25/a> | Brad Duncan | Recent Dridex activity |
| 2018-11-06/a> | Xavier Mertens | Malicious Powershell Script Dissection |
| 2018-08-21/a> | Xavier Mertens | Malicious DLL Loaded Through AutoIT |
| 2016-06-03/a> | Tom Liston | MySQL is YourSQL |
| 2015-09-29/a> | Pedro Bueno | Tricks for DLL analysis |
| 2013-11-09/a> | Guy Bruneau | IE Zero-Day Vulnerability Exploiting msvcrt.dll |
| 2010-12-01/a> | Deborah Hale | McAfee Security Bulletin Released |
| 2010-08-23/a> | Bojan Zdrnja | DLL hijacking vulnerabilities |
| 2010-08-05/a> | Manuel Humberto Santander Pelaez | Adobe Acrobat Font Parsing Integer Overflow Vulnerability |
| 2006-09-19/a> | Swa Frantzen | Yet another MSIE 0-day: VML |
INJECT |
| 2024-12-17/a> | Guy Bruneau | Command Injection Exploit For PHPUnit before 4.8.28 and 5.x before 5.6.3 [Guest Diary] |
| 2024-07-25/a> | Xavier Mertens | XWorm Hidden With Process Hollowing |
| 2024-04-29/a> | Johannes Ullrich | D-Link NAS Device Backdoor Abused |
| 2023-11-09/a> | Xavier Mertens | Visual Examples of Code Injection |
| 2022-09-14/a> | Xavier Mertens | Easy Process Injection within Python |
| 2022-02-10/a> | Johannes Ullrich | Zyxel Network Storage Devices Hunted By Mirai Variant |
| 2022-01-20/a> | Xavier Mertens | RedLine Stealer Delivered Through FTP |
| 2021-12-21/a> | Xavier Mertens | More Undetected PowerShell Dropper |
| 2021-12-10/a> | Xavier Mertens | Python Shellcode Injection From JSON Data |
| 2021-11-20/a> | Guy Bruneau | Hikvision Security Cameras Potentially Exposed to Remote Code Execution |
| 2021-07-06/a> | Xavier Mertens | Python DLL Injection Check |
| 2021-06-12/a> | Guy Bruneau | Fortinet Targeted for Unpatched SSL VPN Discovery Activity |
| 2021-04-29/a> | Xavier Mertens | From Python to .Net |
| 2021-02-13/a> | Guy Bruneau | vSphere Replication updates address a command injection vulnerability (CVE-2021-21976) - https://www.vmware.com/security/advisories/VMSA-2021-0001.html |
| 2020-11-19/a> | Xavier Mertens | PowerShell Dropper Delivering Formbook |
| 2020-09-24/a> | Xavier Mertens | Party in Ibiza with PowerShell |
| 2020-08-28/a> | Xavier Mertens | Example of Malicious DLL Injected in PowerShell |
| 2020-07-30/a> | Johannes Ullrich | Python Developers: Prepare!!! |
| 2018-09-28/a> | Xavier Mertens | More Excel DDE Code Injection |
| 2018-09-05/a> | Xavier Mertens | Malicious PowerShell Compiling C# Code on the Fly |
| 2017-05-05/a> | Xavier Mertens | HTTP Headers... the Achilles' heel of many applications |
| 2016-02-15/a> | Bojan Zdrnja | Exploiting (pretty) blind SQL injections |
| 2015-09-29/a> | Pedro Bueno | Tricks for DLL analysis |
| 2013-10-19/a> | Johannes Ullrich | Yet Another WHMCS SQL Injection Exploit |
| 2013-07-16/a> | Johannes Ullrich | Why don't we see more examples of web app attacks via POST? |
| 2013-02-17/a> | Guy Bruneau | HP ArcSight Connector Appliance and Logger Vulnerabilities |
| 2013-01-25/a> | Johannes Ullrich | Vulnerability Scans via Search Engines (Request for Logs) |
| 2013-01-09/a> | Rob VandenBrink | SQL Injection Flaw in Ruby on Rails |
| 2012-10-05/a> | Richard Porter | Reports of a Distributed Injection Scan |
| 2012-07-31/a> | Daniel Wesemann | SQL injection, lilupophilupop-style |
| 2011-12-01/a> | Mark Hofman | SQL Injection Attack happening ATM |
| 2011-06-06/a> | Johannes Ullrich | The Havij SQL Injection Tool |
| 2011-04-19/a> | Bojan Zdrnja | SQL injection: why can’t we learn? |
| 2011-04-01/a> | John Bambenek | LizaMoon Mass SQL-Injection Attack Infected at least 500k Websites |
| 2010-12-02/a> | Kevin Johnson | SQL Injection: Wordpress 3.0.2 released |
| 2010-08-15/a> | Manuel Humberto Santander Pelaez | Obfuscated SQL Injection attacks |
| 2010-06-09/a> | Deborah Hale | Mass Infection of IIS/ASP Sites |
| 2010-02-06/a> | Guy Bruneau | LANDesk Management Gateway Vulnerability |
| 2009-07-16/a> | Bojan Zdrnja | OWC exploits used in SQL injection attacks |
| 2009-05-19/a> | Bojan Zdrnja | Advanced blind SQL injection (with Oracle examples) |
| 2009-05-09/a> | Patrick Nolan | Shared SQL Injection Lessons Learned blog item |
| 2009-04-21/a> | Bojan Zdrnja | Web application vulnerabilities |
| 2009-02-11/a> | Robert Danford | ProFTPd SQL Authentication Vulnerability exploit activity |
| 2008-12-12/a> | Johannes Ullrich | MSIE 0-day Spreading Via SQL Injection |
| 2008-12-01/a> | Jason Lam | Input filtering and escaping in SQL injection mitigation |
| 2008-11-20/a> | Jason Lam | Large quantity SQL Injection mitigation |
| 2008-09-29/a> | Daniel Wesemann | ASPROX mutant |
| 2008-09-01/a> | John Bambenek | The Number of Machines Controlled by Botnets Has Jumped 4x in Last 3 Months |
| 2008-08-23/a> | Mark Hofman | SQL injections - an update |
| 2008-08-08/a> | Mark Hofman | More SQL Injections - very active right now |
| 2008-07-24/a> | Bojan Zdrnja | What's brewing in Danmec's pot? |
| 2008-06-30/a> | Marcus Sachs | More SQL Injection with Fast Flux hosting |
| 2008-06-24/a> | Jason Lam | SQL Injection mitigation in ASP |
| 2008-06-24/a> | Jason Lam | Microsoft SQL Injection Prevention Strategy |
| 2008-06-23/a> | donald smith | Preventing SQL injection |
| 2008-06-13/a> | Johannes Ullrich | SQL Injection: More of the same |
| 2008-05-20/a> | Raul Siles | List of malicious domains inserted through SQL injection |
| 2008-04-24/a> | donald smith | Hundreds of thousands of SQL injections |
| 2008-04-16/a> | Bojan Zdrnja | The 10.000 web sites infection mystery solved |
| 2008-03-14/a> | Kevin Liston | 2117966.net-- mass iframe injection |
| 2008-01-09/a> | Bojan Zdrnja | Mass exploits with SQL Injection |
| 2007-02-24/a> | Jason Lam | Prepared Statements and SQL injections |
