Henrik Falk April 09, 2026
How to build .NET obfuscator - Part 1
This would be short series on how to build .NET obfuscators. The techniques is somewhat similar for other languages, but I will choose that one which I know the best.
Андрій-Ка
Hooked on Linux: Rootkit Detection Engineering
We begin by showing why static detection is often unreliable against Linux rootkits, even when binaries are only trivially modified, and then move on to behavioral and runtime signals that defenders can use instead. From shared object abuse and LKM loading to eBPF, io_uring, persistence, and defense evasion, this article focuses on practical ways to detect and investigate rootkit activity in real environments.
www.elastic.co/security-labs/linux-rootkits-2-caught-in-the-act
Qilin EDR killer infection chain
This blog provides an in-depth analysis of the malicious “msimg32.dll” used in Qilin ransomware attacks, which is a multi-stage infection chain targeting EDR systems.
Cisco Talos Blog
