Most red-team artifacts ship through a build pipeline of three or four tools chained together: a C compiler for the source, a linker, a position-independence transform like DonutGen or sRDI, plus ...
I'd like to thank my co-author, Martin Zugec, for his valuable contributions to this report. This intrusion adds three dimensions to the public understanding of Chinese APT activity in contested ...
IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...
IntroductionIn May 2025, Zscaler ThreatLabz discovered CVE-2025-50165, a critical remote code execution (RCE) vulnerability with a CVSS score of 9.8 that impacts the Windows Graphics Component. The ...
We publish the best academic work (that's too often lost to peer reviews & the TA's desk) to the global tech community (1) Domenico Cotroneo, University of Naples Federico II, Naples, Italy; (2) ...
For years, the Middle East has maintained its reputation as a fertile ground for advanced persistent threats (APTs). In the midst of routine monitoring of suspicious activities on the systems of ...
As we reported in earlier blog posts, the threat actor NOBELIUM recently intensified an email-based attack that it has been operating and evolving since early 2021. We continue to monitor this active ...
ms17_vuln_status.cpp - This program sends 4 SMB packets. 1 negotiation, 1 session setup, 1 tree connect and 1 TransNamedPipe request. This program then reads the NT_STATUS response from the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results