Weekly News Roundup — April 14 to 20

Weekly News Roundup — April 14 to 20

Summary — Welcome to Security Soup’s continuing coverage of infosec highlights from the previous week. The highlights include a collection of links relating to news, tools, threat research, and more! The focus trends toward DFIR and threat intelligence, but other hacking-related topics are included as well. This list is not intended to be an exhaustive…

Weekly News Roundup — April 7 to 13

Weekly News Roundup — April 7 to 13

Summary — Welcome to Security Soup’s continuing news coverage of highlights from the previous week. This list is not intended to be an exhaustive source, but simply a collection of items I found interesting throughout my weekly research. The summaries are provided with links for the reader to drill down into particular topics according to…

A Quick Look at Emotet’s Updated JavaScript Dropper

A Quick Look at Emotet’s Updated JavaScript Dropper

Summary Emotet is an advanced, modular downloader that primarily functions as a dropper of other opportunistic malware variants. Emotet continues to be among the most widely distributed and destructive malware variants affecting organizations throughout the private and public sectors. In a previous joint Technical Alert, US-CERT identified that Emotet infections have cost organizations up to…

Weekly News Roundup — March 24 to 30

Weekly News Roundup — March 24 to 30

Summary — Welcome to Security Soup’s continuing news coverage of highlights from the previous week. This list is not intended to be an exhaustive source, but simply a collection of items I found interesting throughout my weekly research. The summaries are provided with links for the reader to drill down into particular topics according to…

How To: Extract Network Indicators of Compromise (IOCs) from Maldoc Macros — Part 3

How To: Extract Network Indicators of Compromise (IOCs) from Maldoc Macros — Part 3

read time = 5 minutes Summary This is the third in a series of posts exploring fundamental malware analysis techniques. Please check out Part 1 and Part 2 for some additional background. The following techniques are presented as an alternative to automated sandboxing, which are effective and powerful tools. However, as we showed in Part…

Weekly News Roundup — March 17 to 23

Weekly News Roundup — March 17 to 23

Summary — Welcome to Security Soup’s continuing news coverage of highlights from the previous week. This list is not intended to be an exhaustive source, but simply a collection of items I found interesting throughout my weekly research. The summaries are provided with links for the reader to drill down into particular topics according to…

Weekly News Roundup — March 10 to 16

Weekly News Roundup — March 10 to 16

Summary — Hello, and welcome to Security Soup’s continuing news coverage of highlights from the previous week. This list is not intended to be an exhaustive source, but simply a collection of items I found interesting throughout my weekly research. The summaries are provided with links for the reader to drill down into particular topics…

Weekly News Roundup — March 3 to 9

Weekly News Roundup — March 3 to 9

Summary — Hello, and welcome to Security Soup’s continuing news coverage of highlights from the previous week. This list is not intended to be an exhaustive source, but simply a collection of items I found interesting throughout my weekly research. The summaries are provided with links for the reader to drill down into particular topics…