APT ANALYSIS

♣️Evolution of Tycoon 2FA Defense Evasion Mechanisms: Analysis and Timeline 🔴Blog : https://any.run/cybersecurity-blog/tycoon2fa-evasion-analysis/ ⭐️@APTANALYSIS

♣️Unveiling Swan Vector APT Targeting Taiwan and Japan with varied DLL Implants 🔴Blog : https://www.seqrite.com/blog/swan-vector-apt-targeting-taiwan-japan-dll-implants/ ⭐️@APTANALYSIS

♣️Lumma Stealer, coming and going #️⃣Blog : https://news.sophos.com/en-us/2025/05/09/lumma-stealer-coming-and-going/ ⭐️@APTANALYSIS

♣️New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms 🔘Blog : https://www.morphisec.com/blog/new-noodlophile-stealer-fake-ai-video-generation-platforms ⭐️@APTANALYSIS

♣️Pure Crypter Malware Analysis: 99 Problems but Detection Ain’t One 💀Blog : https://www.esentire.com/blog/pure-crypter-malware-analysis-99-problems-but-detection-aint-one ⭐️@APTANALYSIS

♣️FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network 🤩Blog :https://www.sentinelone.com/labs/freedrain-unmasked-uncovering-an-industrial-scale-crypto-theft-network/ ⭐️@APTANALYSIS

♣️CVE-2025-32756 : Write-Up of a Buffer Overflow in Various Fortinet Products 💀Blog : https://horizon3.ai/attack-research/attack-blogs/cve-2025-32756-low-rise-jeans-are-back-and-so-are-buffer-overflows ⭐️@APTANALYSIS

♣️Diving into the MS-RPC protocol and how to automate vulnerability research using a fuzzing approach 🔍Blog : https://www.incendium.rocks/posts/Automating-MS-RPC-Vulnerability-Research/ ⭐️@APTANALYSIS

♣️Finding Malware: Unveiling LUMMAC.V2 with Google Security Operations 🎱Blog : https://www.googlecloudcommunity.com/gc/Community-Blog/Finding-Malware-Unveiling-LUMMAC-V2-with-Google-Security/ba-p/899110?linkId=14295943 ⭐️@APTANALYSIS

♣️Agenda Ransomware Group Adds SmokeLoader and NETXLOADER to Their Arsenal 🤍Blog : https://www.trendmicro.com/en_us/research/25/e/agenda-ransomware-group-adds-smokeloader-and-netxloader-to-their.html ⭐️@APTANALYSIS

♣️Bit ByBit - emulation of the DPRK's largest cryptocurrency heist 🚬Blog : https://www.elastic.co/security-labs/bit-bybit ⭐️@APTANALYSIS

♣️Inferno Drainer Reloaded: Deep Dive into the Return of the Most Sophisticated Crypto Drainer 🤩Blog : https://research.checkpoint.com/2025/inferno-drainer-reloaded-deep-dive-into-the-return-of-the-most-sophisticated-crypto-drainer ♣️Retail Under Fire: Inside the DragonForce Ransomware Attacks on Industry Giants 🤩Blog : https://www.picussecurity.com/resource/blog/dragonforce-ransomware-attacks-retail-giants ⭐️@APTANALYSIS

♣️Venom Spider Uses Server-Side Polymorphism to Weave a Web Around Victims 💀Blog : https://arcticwolf.com/resources/blog/venom-spider-uses-server-side-polymorphism-to-weave-a-web-around-victims ⭐️@APTANALYSIS

♣️Investigating Iranian Intrusion into Strategic Middle East Critical Infrastructure 🌹PDF  : https://www.fortinet.com/content/dam/fortinet/assets/reports/report-incident-response-middle-east.pdf ⭐️@APTANALYSIS

♣️TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks 💀Blog : https://www.welivesecurity.com/en/eset-research/thewizards-apt-group-slaac-spoofing-adversary-in-the-middle-attacks ⭐️@APTANALYSIS

♣️Crypters And Tools. One tool for thousands of malicious files 💡Part 1 😈Part 2 ⭐️@APTANALYSIS

♣️Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors 👹Blog : https://www.trendmicro.com/en_us/research/25/d/earth-kurma-apt-campaign.html ⭐️@APTANALYSIS

♣️Contagious Interview (DPRK) Launches a New Campaign Creating Three Front Companies to Deliver a Trio of Malware: BeaverTail, InvisibleFerret, and OtterCookie 🐰Blog : https://www.silentpush.com/blog/contagious-interview-front-companies ⭐️@APTANALYSIS

♣️Triada strikes back 🐱Blog : https://securelist.com/triada-trojan-modules-analysis/116380 ⭐️@APTANALYSIS

♣️Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs 🤡Blog : https://blog.talosintelligence.com/introducing-toymaker-an-initial-access-broker ⭐️@APTANALYSIS