https://blog.nviso.eu/2017/10/11/detecting-dde-in-ms-office-documents/
Dynamic Data Exchange is an old Microsoft technology that can be (ab)used to execute code from within MS Office documents. Etienne Stalmans and Saif El-Sherei...
ms officedetectingddedocumentsnviso
https://blog.nviso.eu/2021/10/27/cobalt-strike-using-known-private-keys-to-decrypt-traffic-part-2/
We decrypt Cobalt Strike traffic using one of 6 private keys we found. In this blog post, we will analyze a Cobalt Strike infection by looking at a full packet...
private keyscobaltstrikeusingknown
https://blog.nviso.eu/2021/11/19/kernel-karnage-part-4-interceptormezzo/
To make up for the long wait between parts 2 and 3, we're releasing another blog post this week. Part 4 is a bit smaller than the others, an intermezzo...
kernelpartintermezzonviso
https://blog.nviso.eu/2021/10/21/cobalt-strike-using-known-private-keys-to-decrypt-traffic-part-1/
We found 6 private keys for rogue Cobalt Strike software, enabling C2 network traffic decryption. The communication between a Cobalt Strike beacon (client) and...
private keyscobaltstrikeusingknown
https://blog.nviso.eu/2021/11/17/cobalt-strike-decrypting-obfuscated-traffic-part-4/
Encrypted Cobalt Strike C2 traffic can be obfuscated with malleable C2 data transforms. We show how to deobfuscate such traffic. This series of blog posts...
cobaltstriketrafficpartnviso
https://www.hackthebox.com/blog/customer-story-nviso
NVISO provides a broad spectrum of upskilling opportunities to employees - creating skills pathways in minutes (instead of days) with HTB's enterprise...
enterprise platformnvisostaysthreatready
https://www.security-insider.de/nviso-entdeckt-vshell-backdoor-cyberspionage-a-b7010d90febbea1bb70205078b4dd147/
Nov 27, 2025 - Chinesisches Netzwerk nutzt VShell Backdoor zur Infiltration von über 1.500 Servern weltweit, beeinflusst Behörden, Militär, Gesundheits- und...
nvisobackdoor