Chain Archives - HackerSecret.com - The Most Authoritative Site in the World on the Hacking Tools and Techniques, Penetration Testing and CyberSecurity

Supply Chain Attacks and Nation State Pwnage: A Primer

Last Sunday night, while I was lounging on the couch watching some British Bake Off, I got word of the Solar Winds supply chain hack. After kicking back the last of my whiskey, I immediately got on the phone to start IR at work, cuz, yep, we have Solar Winds too. Who’da thunk it? Anyway, […]

Hancitor Infection Chain Analysis: An Examination of its Unpacking Routine and Execution Techniques

In this article, we describe how Hancitor compromises systems based on its infection chain observed in January and February 2021. We cover its unpacking routine, information gathering and command and control (C2) functions, and payload execution techniques. The malware Hancitor Hancitor (aka Chanitor) is a downloader which is used to gain initial access to a […]

Dissecting NanoCore Crimeware Attack Chain

The Cybaze-Yoroi ZLab analyzed a new sample of Nanocore Remote Administrator Tools (RAT) using a Delphi wrapper to protect its code. Introduction Historically, cyber-criminals adopted one or more layers of encryption and obfuscation to lower their footprint and avoid detection. The usage of cryptors and packers has become a commodity in the contemporary malware landscape, providing the […]

What the AMCA Data Breach Teaches Us About Modern Supply Chain Security

The State of Software Security Volume 9 (SOSS Vol. 9) found that the healthcare industry, with its stringent regulations, received relatively high marks in many of the standard AppSec metrics. According to Veracode scan data, healthcare organizations ranked highest of all industries on OWASP pass rate on latest scan, coming in with a rate just […]