CYBERDUDEBIVASH • ThreatWire Published: October 19, 2025 Why Your Microsoft 365 Login is at Risk: New Phishing Attack Hides in Azure Blob Storage www.cyberdudebivash.com • cyberdudebivash-news.blogspot.com • cyberbivash.blogspot.com • cryptobivash.code.blog https:// contoso .blob.core.windows.net Container: landing Static Website: Enabled SAS Token: ?sv=... index.html → OK login.microsoftonline.com (spoof) htt ps:// contoso.z13.web.core.windows.net /SignIn/ Email or phone Password Sign in → posts creds to C2 HTML smuggling / Redirect Attackers host pixel-perfect Microsoft 365 sign-ins on Azure Blob Static Websites to bo...
Malware Analysis Cheat Sheet (2025) A fast reference for security analysts and incident responders. Updated for 2025 threats and analysis techniques. Focus: Efficiency and rapid identification of key indicators. by Bivash Kumar Nayak Core Stages of Malware Analysis There are three main phases: Static Analysis, Dynamic Analysis, and Reverse Engineering. 1 Static Analysis Examine malware without execution. 2 Dynamic Analysis Observe malware behavior in a controlled environment. 3 Reverse Engineering In-depth code analysis to understand inner workings. 1. Static Analysis: Initial Triage Purpose: Quick overview to identify basic characteristics. File Hashing Identify known malware families using VirusTotal. File Type Identification Determine file type (PE, ELF, Mach- O). Strings Extraction Extract URLs, IP addresses, filenames. Static Analysis: Deeper Dive Purpose: Uncover hidden information and potential functionality. Header Analysis Check import/export tables for suspicious functio...