Recent
The Secrets of XProtectRemediator
Binary Ninja
Malware
RE
CTI
YARA
macOS
A primer on macOS security internals and reverse engineering macOS’ XProtectRemediators to extract ‘secret’ YARA rules!
Revisiting Lazarus' Operation Intercept
Lazarus
Malware
RE
CTI
North Korea
macOS
An analysis of a multi-stage macOS implant which shares a large number of commonalities with Lazarus’ Operation In(ter)ception.
Lazarus Using Leaked Hacking Team Tooling
Lazarus
Malware
RE
CTI
North Korea
A quick analysis of Lazarus sample which makes use of Hacking Team tools from the 2017 leak.
PizzaCrypt Analysis
Malware
ransomware
.NET
RE
A quick analysis of some fun .NET ransomware with a goofy ransom note.