In-depth analysis of malware, exploits, and defense strategies. Stay ahead of emerging threats with expert research from the SAFE Cyberdefense team.
Explore ResearchOur most impactful and widely-read threat analyses.
Attackers can leverage legitimate Microsoft signed binaries to load and inject malicious DLLs into running processes, effectively bypassing application whitelisting and endpoint security.
Advanced malware can execute PowerShell commands without ever calling powershell.exe, effectively bypassing many endpoint security solutions. This research explores the techniques used and how to defend against them.
NotPetya was one of the most devastating cyber attacks in history, causing over $10 billion in damages worldwide. Our technical analysis reveals why it was designed as a wiper, not ransomware.
Recent publications from our cybersecurity research team.
South Asia is a region experiencing a rapid digital transformation and complex geopolitical dynamics, leading to an escalating cyber arms race. This article projects nation-state …
The 2018 Pyeongchang Winter Olympics were targeted by the Olympic Destroyer malware, which disrupted the opening ceremony IT infrastructure in a sophisticated false-flag operation.
Attackers can leverage legitimate Microsoft signed binaries to load and inject malicious DLLs into running processes, effectively bypassing application whitelisting and endpoint security.
Cryptojacking has become one of the most prevalent cyber threats, silently hijacking computing resources to mine cryptocurrency. Learn how to detect and prevent these attacks.
Advanced malware can execute PowerShell commands without ever calling powershell.exe, effectively bypassing many endpoint security solutions. This research explores the techniques used and how to …
Dynamic Data Exchange (DDE) is a legitimate Microsoft Office feature that attackers exploit to execute arbitrary commands without requiring macro-enabled documents.