Binary Defense Blog

ID: 6a9b10fe-0158-502e-9ec2-79149fcf2ea1

STIX ID: identity--6a9b10fe-0158-502e-9ec2-79149fcf2ea1

Feed Type: skeleton

Earliest post: 2025-08-10

Latest post: 2026-02-27

The Binary Defense Blog delivers actionable threat research, malware analysis, and practical security insights to help defenders detect and respond to evolving cyber threats.

Exclude posts that do not describe a security incident

Classification

Min Pub Date

01/01/2020

Max Pub Date

06/04/2026

Title	Date Published ↓	Describes Incident	Visible
Attackers Went Agentic First	2026-05-27	True	True
Chasing Phantoms: How a Multi-Stage Stealer Abuses…	2026-04-14	True	True
Remote Support to Ransomware Foothold: Stopping a…	2026-04-08	True	True
Windows Defender ACL Blocking: A Silent Technique With Serious Impact	2026-02-27	True	True
When Paychecks Become the Prize: A Deeper Look at…	2026-02-12	True	True
When Access Brokers Go Interactive: ClickFixin’ to Python Your Network	2026-02-06	True	True
Slivering Through The Cracks	2026-02-04	True	True
What Defined Defense in 2025	2026-01-08	True	True
Evolutions in Offensive Toolkits: Phishing	2026-01-08	True	True
DeedRAT: Unpacking a Modern Backdoor’s Playbook	2025-12-30	True	True
GlytchC2: A Bug in the Livestream	2025-11-05	True	True
A Practical Guide to Deobfuscating a Stupidly Long JavaScript Stealer	2025-10-31	True	True
DON’T FREEZE ME OUT, BRO! ARC Labs Technical Analysis of EDR-Freeze	2025-09-22	True	True
United States Postal Service Breached	2025-09-21	True	True
Active Shellshock SMTP Botnet Campaign	2025-09-21	True	True
Petya Ransomware Without The Fluff	2025-09-10	True	True
DefendNot: Turning Windows Defender Against Itself	2025-09-03	True	True
Threat Hunting AWS CloudTrail with Sentinel: Part 2	2025-08-12	True	True
Using Microsoft Sentinel to Detect Confluence…	2025-08-12	True	True
War in Ukraine and Its Impact on Hackers	2025-08-12	True	True
Russia may be Pressing Arrested Cyber Criminals into Service	2025-08-12	True	True
An Updated ServHelper Tunnel Variant	2025-08-12	True	True
The Insider Threat: Why Your Greatest Security Risk…	2025-08-12	True	True
Cyber War: Hackers' Transformation from Cyber Criminals to Hacktivists	2025-08-12	True	True
ThreadSleeper: Suspending Threads via GMER64 Driver	2025-08-12	True	True
4 Tactics to Detect & Contain Emotet’s Latest Evolution	2025-08-12	True	True
A Look at a Novel Discord Phishing Attack	2025-08-12	True	True
Qakbot Strikes Back: Understanding the Threat	2025-08-12	True	True
What is Carding?	2025-08-12	True	True
Threat Hunting AWS CloudTrail with Sentinel: Part 1	2025-08-12	True	True
Technical Analysis: Killer Ultra Malware Targeting…	2025-08-12	True	True
Qakbot Upgrades to Stealthier Persistence Method	2025-08-12	True	True
Third party vendors present a security risk—how your…	2025-08-12	True	True
Shining a Light in the Dark – How Binary Defense…	2025-08-12	True	True
Rhadamanthys Stealer Analysis for Detection Opportunities	2025-08-12	True	True
IcedID GZIPLOADER Analysis	2025-08-12	True	True
Unemployment Fraud on the Rise	2025-08-12	True	True
Understanding Sleep Obfuscation	2025-08-12	True	True
Cybersecurity predictions for 2021 after an unpredictable 2020	2025-08-12	True	True
Attack on a water treatment plant highlights…	2025-08-12	True	True
Mars-Deimos: From Jupiter to Mars and Back again (Part Two)	2025-08-12	True	True
What Do Criminal Hackers and Scammers Discuss on Forums?	2025-08-12	True	True
Cleo MFT Mass Exploitation Payload Analysis	2025-08-12	True	True
Russian Cybercriminal Group Attempts to Steal…	2025-08-12	True	True
Creating YARA Rules Based on Code	2025-08-12	True	True
Hunting and Defeating Evasive Threats	2025-08-12	True	True
Solarmarker: By Any Other Name (Mars-Deimos part 3)	2025-08-12	True	True
Emotet Evolves With new Wi-Fi Spreader	2025-08-12	True	True
Mars-Deimos: SolarMarker/Jupyter Infostealer (Part 1)	2025-08-12	True	True
Analysis of Hancitor – When Boring Begets Beacon	2025-08-12	True	True