Xavier's diary entry "Abusing DLLs EntryPoint for the Fun" inspired me to do some tests with TLS Callbacks and DLLs.
TLS stands for Thread Local Storage. TLS Callbacks are an execution mechanism in Windows PE files that lets...
Direct navigation — the act of visiting a website by manually typing a domain name in a web browser — has never been riskier: A new study finds the vast majority of “parked” domains — mostly...
Full Transcript
Brett Johnson, AKA Gollumfun (twitter.com/GOllumfun) was involved with the websites Counterfeit Library and Shadow Crew. He tells his story...
Each year, several security solution providers – including Sophos – sign up for MITRE’s ATT&CK Enterprise Evaluations, a full-scale cyber attack emulation covering one...
Dec 16, 2025Ravie LakshmananMalware / Threat Detection
An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management...
MITRE ATT&CK® Evaluations are among the world’s most rigorous independent security tests. They emulate the tactics, techniques, and procedures (TTPs) used by real-world adversaries...
Introduction
A typical phishing attack involves a user clicking a fraudulent link and entering their credentials on a scam website. However, the attack is far...
Introduction
Since as early as November 2025, the finger protocol has been used in ClickFix social engineering attacks. BleepingComputer posted a report of this activity...
Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of...
Full Transcript
Brett Johnson, AKA Gollumfun (twitter.com/GOllumfun) was involved with the websites Counterfeit Library and Shadow Crew. He tells his story...
