All articles tagged as:


Reviewing the APT32 phishing malware

This week, FireEye released an awesome review into APT32 (aka OceanLotus). The full writeup of their analysis can be found on FireEye's site here, and is certainly worth a read if you are interested in the evolving world of APT and attribution. One of the things I found interesting about this group was their use of "off the shelf" open source tools and techniques, often associated with commercial red-team engagements. So of course I was curious to see exactly how these tools were being deployed within the initial stages of a campaign. What follows is a brief review of the initia…

Read more »