#malware

3d ago · 20 min read · Background and Why When a normal application in windows calls a function like VirtualAllocEx he compiler records that dependency in a data structure inside the file called the Import Address Table (IA

Join discussion

SSSehan Shahidsehanshahid.hashnode.dev

0

Why VirusTotal Alone Isn't Enough to Verify APK Safety

May 9 · 3 min read · Every week, thousands of Android users download APK files from Telegram groups, forums, and third-party sites. Most of them do one thing to verify safety — drag the file into VirusTotal and check if a

Join discussion

VUVishal Uttam Manevishal-uttam-mane-raas.hashnode.dev

0

Ransomware-as-a-Service (RaaS): The New Threat Model

May 8 · 5 min read · Cybersecurity threats have evolved dramatically over the past decade, but one of the most dangerous transformations is the emergence of Ransomware-as-a-Service, RaaS. Traditional ransomware attacks we

Join discussion

OZOliver Zehentleitnerblog.technopathy.club

1

Binance Fixed the IP Whitelist Gap. The Disclosure Process Is Still Broken.

May 5 · 11 min read · I wanted to re-open an old Binance API security issue. Not because I enjoy re-litigating old reports. Because the last thirteen days made the threat model painfully concrete. I found or stumbled into

LLaura commented

OZOliver Zehentleitnerblog.technopathy.club

0

The PyPI Package Was Clean. That Was the Problem.

May 5 · 13 min read · Someone uploaded a package to PyPI called: unicorn-binance-websocket-api-onion I do not maintain this package. There is no official Tor, onion, proxy, or privacy-focused variant of UNICORN Binance We

Join discussion

TATaji Abdullahtechnofiles.hashnode.dev

0

Return to theZoo

May 5 · 4 min read · I've been wanting to start learning how to perform malware analysis, not the basic VirusTotal upload or hash comparison, but to really go deep and gain as much understanding as I could. Having a softw

Join discussion

OZOliver Zehentleitnerblog.technopathy.club

0

I had a fake job interview. It was a malware delivery chain.

Apr 29 · 17 min read · 2026-04-29 — A fake recruiter tried to walk me into opening a malicious VSCode workspace.I refused, preserved the artifacts, mapped the infrastructure, and submitted the IOCs to public threat-intel fe

Join discussion

NONetomize Official Blogblog.netomize.ca

0

Detect Shulfar Malware Encrypted TCP C&C Traffic Using PacketSmith Yara-X Detection Module

Apr 24 · 7 min read · Introduction Splunk published a blog post about a variant of the Gh0stRat malware family used in a new campaign delivered alongside the CloverPlus adware. The blog post is titled "Not Just Annoying Ad

Join discussion

OZOliver Zehentleitnerblog.technopathy.club

0

nailproxy.space: A Multi-Repository GitHub Malware Campaign

Apr 22 · 9 min read · Update (2026-04-22, 13:33): I submitted this case to GitHub Support for campaign-level review. Ticket ID: 4313391. Further update (2026-04-23): I published a deeper technical follow-up covering the

Join discussion

AAshbo3nashbo3n.hashnode.dev

0

Classic DLL Injection in c++ - Ashbo3n

Apr 22 · 5 min read · Summary: In this blog i will give a tutorial on how to do classic DLL injection, which is a technique used to force running target execute external code by injecting a DLL (Dynamic Link library), we w

Join discussion

Tag feed

Tag feed

#malware

Trending tags this week

How to do API Hashing: Mastering IAT Evasion And PEB Walking

Why VirusTotal Alone Isn't Enough to Verify APK Safety

Ransomware-as-a-Service (RaaS): The New Threat Model

Binance Fixed the IP Whitelist Gap. The Disclosure Process Is Still Broken.

The PyPI Package Was Clean. That Was the Problem.

Return to theZoo

I had a fake job interview. It was a malware delivery chain.

Detect Shulfar Malware Encrypted TCP C&C Traffic Using PacketSmith Yara-X Detection Module

nailproxy.space: A Multi-Repository GitHub Malware Campaign

Classic DLL Injection in c++ - Ashbo3n

#malware

Search Hashnode

#malware

Trending tags this week

How to do API Hashing: Mastering IAT Evasion And PEB Walking

Why VirusTotal Alone Isn't Enough to Verify APK Safety

Ransomware-as-a-Service (RaaS): The New Threat Model

Binance Fixed the IP Whitelist Gap. The Disclosure Process Is Still Broken.

The PyPI Package Was Clean. That Was the Problem.

Return to theZoo

I had a fake job interview. It was a malware delivery chain.

Detect Shulfar Malware Encrypted TCP C&C Traffic Using PacketSmith Yara-X Detection Module

nailproxy.space: A Multi-Repository GitHub Malware Campaign

Classic DLL Injection in c++ - Ashbo3n