In-depth analysis of malware, exploits, and defense strategies. Stay ahead of emerging threats with expert research from the SAFE Cyberdefense team.
Explore ResearchOur most impactful and widely-read threat analyses.
Attackers can leverage legitimate Microsoft signed binaries to load and inject malicious DLLs into running processes, effectively bypassing application whitelisting and endpoint security.
Advanced malware can execute PowerShell commands without ever calling powershell.exe, effectively bypassing many endpoint security solutions. This research explores the techniques used and how to defend against them.
NotPetya was one of the most devastating cyber attacks in history, causing over $10 billion in damages worldwide. Our technical analysis reveals why it was designed as a wiper, not ransomware.
Recent publications from our cybersecurity research team.
Uncover the intricate workings of QakBot, a sophisticated and persistent malware threat, with this step-by-step reverse engineering breakdown. Understand its evolution from a banking Trojan …
This article explores how attackers leverage DLL sideloading with legitimate applications to load malicious Dynamic Link Libraries. Learn to use Windows Event Logs for in-depth …
Explore the evolving Russian nation-state cyber threat landscape in 2026, analyzing sophisticated intelligence gathering, economic espionage, destructive attacks, and influence operations. This deep dive provides …
The N-day window, the critical period between public vulnerability disclosure and successful patch deployment, presents a significant and dangerous challenge in cybersecurity. Mastering effective patch …
The N-day window represents a persistent cybersecurity threat where known vulnerabilities are exploited before patches are applied. This article explores critical patch management strategies to …
Active Directory is the backbone of enterprise security, but it's vulnerable to sophisticated threats like the Skeleton Key attack. This article explores how to unmask …