Date Author Title

DLL INJECT

2015-09-29Pedro BuenoTricks for DLL analysis

DLL

2023-06-22/a>Brad DuncanQakbot (Qbot) activity, obama271 distribution tag
2023-02-28/a>Brad DuncanBB17 distribution Qakbot (Qbot) activity
2023-02-24/a>Brad DuncanURL files and WebDAV used for IcedID (Bokbot) infection
2022-11-04/a>Xavier MertensRemcos Downloader with Unicode Obfuscation
2022-08-24/a>Brad DuncanMonster Libra (TA551/Shathak) --> IcedID (Bokbot) --> Cobalt Strike & DarkVNC
2022-07-07/a>Brad DuncanEmotet infection with Cobalt Strike
2022-04-06/a>Brad DuncanWindows MetaStealer Malware
2022-01-21/a>Xavier MertensObscure Wininet.dll Feature?
2021-12-22/a>Brad DuncanDecember 2021 Forensic Contest: Answers and Analysis
2021-12-02/a>Brad DuncanTA551 (Shathak) pushes IcedID (Bokbot)
2021-11-19/a>Xavier MertensDownloader Disguised as Excel Add-In (XLL)
2021-11-16/a>Brad DuncanEmotet Returns
2021-10-21/a>Brad Duncan"Stolen Images Evidence" campaign pushes Sliver-based malware
2021-09-08/a>Brad Duncan"Stolen Images Evidence" Campaign Continues Pushing BazarLoader Malware
2021-07-06/a>Xavier MertensPython DLL Injection Check
2021-06-04/a>Xavier MertensRussian Dolls VBS Obfuscation
2021-05-21/a>Xavier MertensLocking Kernel32.dll As Anti-Debugging Technique
2021-05-18/a>Xavier MertensFrom RunDLL32 to JavaScript then PowerShell
2021-03-31/a>Xavier MertensQuick Analysis of a Modular InfoStealer
2021-03-03/a>Brad DuncanQakbot infection with Cobalt Strike
2021-02-17/a>Brad DuncanMalspam pushing Trickbot gtag rob13
2021-02-11/a>Jan KoprivaAgent Tesla hidden in a historical anti-malware tool
2021-01-26/a>Brad DuncanTA551 (Shathak) Word docs push Qakbot (Qbot)
2021-01-20/a>Brad DuncanQakbot activity resumes after holiday break
2020-09-10/a>Brad DuncanRecent Dridex activity
2020-08-28/a>Xavier MertensExample of Malicious DLL Injected in PowerShell
2020-06-10/a>Brad DuncanJob application-themed malspam pushes ZLoader
2020-05-13/a>Brad DuncanMalspam with links to zip archives pushes Dridex malware
2020-04-08/a>Brad DuncanGerman malspam pushes ZLoader malware
2020-03-25/a>Brad DuncanRecent Dridex activity
2018-11-06/a>Xavier MertensMalicious Powershell Script Dissection
2018-08-21/a>Xavier MertensMalicious DLL Loaded Through AutoIT
2016-06-03/a>Tom ListonMySQL is YourSQL
2015-09-29/a>Pedro BuenoTricks for DLL analysis
2013-11-09/a>Guy BruneauIE Zero-Day Vulnerability Exploiting msvcrt.dll
2010-12-01/a>Deborah HaleMcAfee Security Bulletin Released
2010-08-23/a>Bojan ZdrnjaDLL hijacking vulnerabilities
2010-08-05/a>Manuel Humberto Santander PelaezAdobe Acrobat Font Parsing Integer Overflow Vulnerability
2006-09-19/a>Swa FrantzenYet another MSIE 0-day: VML

INJECT

2024-07-25/a>Xavier MertensXWorm Hidden With Process Hollowing
2024-04-29/a>Johannes UllrichD-Link NAS Device Backdoor Abused
2023-11-09/a>Xavier MertensVisual Examples of Code Injection
2022-09-14/a>Xavier MertensEasy Process Injection within Python
2022-02-10/a>Johannes UllrichZyxel Network Storage Devices Hunted By Mirai Variant
2022-01-20/a>Xavier MertensRedLine Stealer Delivered Through FTP
2021-12-21/a>Xavier MertensMore Undetected PowerShell Dropper
2021-12-10/a>Xavier MertensPython Shellcode Injection From JSON Data
2021-11-20/a>Guy BruneauHikvision Security Cameras Potentially Exposed to Remote Code Execution
2021-07-06/a>Xavier MertensPython DLL Injection Check
2021-06-12/a>Guy BruneauFortinet Targeted for Unpatched SSL VPN Discovery Activity
2021-04-29/a>Xavier MertensFrom Python to .Net
2021-02-13/a>Guy BruneauvSphere Replication updates address a command injection vulnerability (CVE-2021-21976) - https://www.vmware.com/security/advisories/VMSA-2021-0001.html
2020-11-19/a>Xavier MertensPowerShell Dropper Delivering Formbook
2020-09-24/a>Xavier MertensParty in Ibiza with PowerShell
2020-08-28/a>Xavier MertensExample of Malicious DLL Injected in PowerShell
2020-07-30/a>Johannes UllrichPython Developers: Prepare!!!
2018-09-28/a>Xavier MertensMore Excel DDE Code Injection
2018-09-05/a>Xavier MertensMalicious PowerShell Compiling C# Code on the Fly
2017-05-05/a>Xavier MertensHTTP Headers... the Achilles' heel of many applications
2016-02-15/a>Bojan ZdrnjaExploiting (pretty) blind SQL injections
2015-09-29/a>Pedro BuenoTricks for DLL analysis
2013-10-19/a>Johannes UllrichYet Another WHMCS SQL Injection Exploit
2013-07-16/a>Johannes UllrichWhy don't we see more examples of web app attacks via POST?
2013-02-17/a>Guy BruneauHP ArcSight Connector Appliance and Logger Vulnerabilities
2013-01-25/a>Johannes UllrichVulnerability Scans via Search Engines (Request for Logs)
2013-01-09/a>Rob VandenBrinkSQL Injection Flaw in Ruby on Rails
2012-10-05/a>Richard PorterReports of a Distributed Injection Scan
2012-07-31/a>Daniel WesemannSQL injection, lilupophilupop-style
2011-12-01/a>Mark HofmanSQL Injection Attack happening ATM
2011-06-06/a>Johannes UllrichThe Havij SQL Injection Tool
2011-04-19/a>Bojan ZdrnjaSQL injection: why can’t we learn?
2011-04-01/a>John BambenekLizaMoon Mass SQL-Injection Attack Infected at least 500k Websites
2010-12-02/a>Kevin JohnsonSQL Injection: Wordpress 3.0.2 released
2010-08-15/a>Manuel Humberto Santander PelaezObfuscated SQL Injection attacks
2010-06-09/a>Deborah HaleMass Infection of IIS/ASP Sites
2010-02-06/a>Guy BruneauLANDesk Management Gateway Vulnerability
2009-07-16/a>Bojan ZdrnjaOWC exploits used in SQL injection attacks
2009-05-19/a>Bojan ZdrnjaAdvanced blind SQL injection (with Oracle examples)
2009-05-09/a>Patrick NolanShared SQL Injection Lessons Learned blog item
2009-04-21/a>Bojan ZdrnjaWeb application vulnerabilities
2009-02-11/a>Robert DanfordProFTPd SQL Authentication Vulnerability exploit activity
2008-12-12/a>Johannes UllrichMSIE 0-day Spreading Via SQL Injection
2008-12-01/a>Jason LamInput filtering and escaping in SQL injection mitigation
2008-11-20/a>Jason LamLarge quantity SQL Injection mitigation
2008-09-29/a>Daniel WesemannASPROX mutant
2008-09-01/a>John BambenekThe Number of Machines Controlled by Botnets Has Jumped 4x in Last 3 Months
2008-08-23/a>Mark HofmanSQL injections - an update
2008-08-08/a>Mark HofmanMore SQL Injections - very active right now
2008-07-24/a>Bojan ZdrnjaWhat's brewing in Danmec's pot?
2008-06-30/a>Marcus SachsMore SQL Injection with Fast Flux hosting
2008-06-24/a>Jason LamSQL Injection mitigation in ASP
2008-06-24/a>Jason LamMicrosoft SQL Injection Prevention Strategy
2008-06-23/a>donald smithPreventing SQL injection
2008-06-13/a>Johannes UllrichSQL Injection: More of the same
2008-05-20/a>Raul SilesList of malicious domains inserted through SQL injection
2008-04-24/a>donald smithHundreds of thousands of SQL injections
2008-04-16/a>Bojan ZdrnjaThe 10.000 web sites infection mystery solved
2008-03-14/a>Kevin Liston2117966.net-- mass iframe injection
2008-01-09/a>Bojan ZdrnjaMass exploits with SQL Injection
2007-02-24/a>Jason LamPrepared Statements and SQL injections