Published inOpenCTI.BRNovos Meios, Velhos Golpes!Nas últimas semanas identificamos um volume massivo de campanhas de phishing dos “Valores a Receber” do Banco Central, a campanha…Oct 2Oct 2
Exposing a “Correios” phishing scam with FOFAFOFA platform is highly flexible and can be customized for different needs, making it very convenient and practical. Of course, the search…Aug 271Aug 271
Strengthening Android Security: Mitigating Banking Trojan ThreatsIn today’s digital age, mobile devices have become integral to our daily lives, including financial transactions. However, this increased…Jun 26, 20231Jun 26, 20231
Published inOpenCTI.BR[UPDATE] FantasyMW(v2) Android Banking Trojan ressurge com novos alvosEm uma publicação anterior datalhamos o funcionamento e comportamento do FantasyMW, recentemente o Threat Actor realizou algumas alterações…Jun 10, 2023Jun 10, 2023
RtlProcessFlsData as anti-debugging TechniqueRtlProcessFlsData is a Windows API function that is used to retrieve the fiber local storage (FLS) data structure for a given process. FLS…Mar 21, 2023Mar 21, 2023
Determining a device type with Win32_Battery WMI classThe purpose of the article is to use some WMI classes to determine whether the analyzed device is a laptop or desktop. For this, we will…Feb 24, 2023Feb 24, 2023
Just a [in]offensive Google dorkRecently I was creating dorks for some products and I came across “Suntech”. Apparently they sell a product to private companies and…Aug 15, 2021Aug 15, 2021
Mapping possible functions to identify Virtual Machine Environent (VME)To evade detection and analysis by security researchers, malware may check if it is running under a virtualized environment such as…Dec 1, 2020Dec 1, 2020
OSINT Tips: Filtering tweets by Geographical metadataWhen working with Tweet data, there are two classes of geographical metadata, you can use the following search to find any media-items…Oct 12, 2020Oct 12, 2020