home.social

#gelsemium — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #gelsemium, aggregated by home.social.

  1. The best part of studying the #WolfsBane (#Gelsemium) #Malware samples is the cornucopia of malicious behaviors it has to learn from: from discovery to evasion to persistence. It's my first time seeing ELF binaries with critical content hidden in wide character encoding (16-bit little endian) and multiple concatenated ELF programs in a single file.

    ... but what's with the `en_US.UTF-8` reference?

  2. I hope everyone is having a good weekend!

    The Palo Alto Networks Unit 42 research team discovered some activity that they attributed to a very stealthy and rarely seen APT, #Gelsemium. They target a diverse group of industries but use tools like #CobaltStrike, #MetaSploit, and #ChinaChopper but also used the Potato Suite that was seen as JuicyPotato.exe (who can't appreciate that?!). This was a great weekend read and I hope you all enjoy it as much as I did! Happy Hunting!

    Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government
    unit42.paloaltonetworks.com/ra

    #CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday