Blog

The latest from Swascan: news, stories and events from the company and the Cyber world.

SwiftSlicer: Malware Analysis

SwiftSlicer: Malware Analysis

Important elements of the analysis: Summary INTRODUCTION:……………………………….. 1 STATIC ANALYSIS:…………………………..2 DECOMPILING, DEBUGGING AND DYNAMIC ANALYSIS:……………………………24 References:……………………………42 IOCs.:………………………42 YARA Rule:…………………………..42 CONCLUSIONS:…………………………….42 INTRODUCTION: SwiftSlicer is a new wiper malware, developed by Russian cybercrime groups to attack Ukrainian targets, yet another cyberthreat element that goes hand in hand with the current geopolitical crisis between the two countries. It […]

DISCOVER MORE
BlackCat Ransomware: analysis of the evolution of the threat

BlackCat Ransomware: analysis of the evolution of the threat

Important elements of the analysis:   INTRODUCTION  BlackCat is a ransomware gang of russian origin that began its cybercrime activities in November 2021.   The specific sample under analysis was compiled on 23rd January 2023 and has some different characteristics compared to older BlackCat Ransomware samples. In detail, there is more attention paid to the use of […]

DISCOVER MORE
Lockbit and Babuk Ransomware Data Leaks analysis

Lockbit and Babuk Ransomware Data Leaks analysis

Intro: The evolution of ransomware over the last five years has certainly been characterised by an unprecedented rate of growth and innovation. The transformation of what were almost ‘artisanal’ and not particularly targeted operations into full-fledged online crime franchises has no comparison in this world’s (albeit recent) past. Towards the end of 2022, we witnessed a […]

DISCOVER MORE
Swascan partners with Cloudflare to enhance SoC services

Swascan partners with Cloudflare to enhance SoC services

Swascan partners with Cloudflare to enhance SoC services and bring Cloudflare One Zero Trust solutions to the Italian market Milan XXXX 2022 – Swascan, the innovative Cyber Security company, has announced a new go-to-market partnership with Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet. The two companies […]

DISCOVER MORE
Malware analysis: Babuk Ransomware (mathematical curve analysis)

Malware analysis: Babuk Ransomware (mathematical curve analysis)

In this analysis, the methodology and encryption/decryption algorithm used by a sample of Babuk Ransomware (Linux variant) were considered. Babuk originated in 2021, the gang also known as ‘Vasa Locker’. In April of that year, they had their highest moment of ‘fame’, when the group went so far as to threaten the Metropolitan Police Department […]

DISCOVER MORE
Silent ETH Miner Builder: Malware analysis

Silent ETH Miner Builder: Malware analysis

Author: Fabio Pensa In this analysis it has been taken into consideration the builder of a Silent ETH Miner sample, whichperforms mining operations and it does “process masking” techniques by pointing to terminate somespecific processes which, as we will see next, are related to Process Explorer, Process Hacker, TaskManager and Performance Monitor (to render more […]

DISCOVER MORE
Report: DarkWeb Analysis 2022

Report: DarkWeb Analysis 2022

Today more than ever, the Dark Web is a parallel world on the internet, operating under the premise of greater anonymity and a libertarian philosophy in terms of rules. Obviously, you cannot access the dark web via a simple Google search. You need to use a specialbrowser called TOR, where communication is encrypted and each […]

DISCOVER MORE
Security Advisory: Yeastar N412 and N824 Configuration Panel Account Takeover (CVE-2022-47732)

Security Advisory: Yeastar N412 and N824 Configuration Panel Account Takeover (CVE-2022-47732)

Swascan Offensive Security Team has identified several vulnerabilities during a Penetration Test on Yeastar PBX Configuration Panel series N. After contacting the vendor on multiple occasions no official reply has been issues as of 19/10/2022. Swascan has published this responsible vulnerability disclosure well after the 90-day grace period recommended for this activity. YEASTAR Yeastar is […]

DISCOVER MORE
LockBit 3.0: Decryptor Analysis

LockBit 3.0: Decryptor Analysis

In this analysis, conducted by Soc Team Swascan, the decryptors of “LockBit 3.0” (Windows version) and “LockBit” (Linux variant) were analyzed. This was possible thanks to a leak that appeared in the last few hours on GitHub. Just a few days ago, on September 17, the same Criminal Hacker gang announced that it had awarded […]

DISCOVER MORE
Security Advisory: Inaz Comunication System HEXPERIENCE v8.8.

Security Advisory: Inaz Comunication System HEXPERIENCE v8.8.

Swascan Offensive Security Team has identified 1 vulnerability on Inaz HExperience v8.8.0 application. The vulnerability has been fixed in version 8.9.0. INAZ INAZ is the Italian company specialized in software and solutions for administering, managing and organizing work. It designs, manufactures and markets products, tools and services and continues to do research and innovation, collaborates […]

DISCOVER MORE
Read more