Sandbox Evasion - Cyber Security Review

Sandbox Evasion - Cyber Security Review

Analyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape

Posted onMay 1, 2025May 4, 2025

In April 2024, Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. An attacker could create an exploit to escape the App Sandbox without user interaction Read More …

Cascading Shadows: An Attack Chain Approach to Avoid Detection and Complicate Analysis

Posted onApril 16, 2025April 22, 2025

In December 2024, Palo Alto Unit 42 researchers uncovered an attack chain that employs distinct, multi-layered stages to deliver malware like Agent Tesla variants, Remcos RAT or XLoader. Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass Read More …

Out of the Sandbox: WikiLoader Digs Sophisticated Evasion

Posted onJuly 31, 2023August 15, 2023

Proofpoint researchers identified a new malware we call WikiLoader. It was first identified in December 2022 being delivered by TA544, an actor that typically uses Ursnif malware to target Italian organizations. Proofpoint observed multiple subsequent campaigns, the majority of which Read More …

Navigating the Vast Ocean of Sandbox Evasions

Posted onDecember 27, 2022August 14, 2023

When malware authors go to great lengths to avoid behaving maliciously if they detect they’re running in a sandbox, sometimes the best answer for security defenders is to write their own sandbox that can’t easily be detected. There are a Read More …

LATEST ARTICLES

A BEGINNER’S ROADMAP: HOW TO START YOUR AI SOC AGENT IMPLEMENTATION
By Kirsten Doyle
Cyber Security Review online – November 2025

THE PEOPLE BEHIND THE PIXELS: WHY CYBERSECURITY IN CRITICAL INDUSTRIES IS MORE HUMAN THAN EVER
Cyber Security Review online – July 2025

HOW TO MAXIMIZE EXCHANGE SERVER UPTIME? - SOME BEST PRACTICES
Cyber Security Review online – June 2025

KEY METRICS TO TRACK WHEN IMPLEMENTING AI IN YOUR SOC
By Josh Breaker-Rolfe
Cyber Security Review online – December 2024

ACHIEVING DATA SECURITY RESILIENCE WITH DSPM TOOLS
By Katrina Thompson
Cyber Security Review online – November 2024

CYBER SECURITY IN CRITICAL INDUSTRIES: CHALLENGES, SOLUTIONS, AND THE ROAD AHEAD
Cyber Security Review online – August 2024

HOW TO ENGAGE YOUR EMPLOYEES IN SECURITY AWARENESS TRAINING
Cyber Security Review online – April 2024

WHY IMMINENT SEC CYBER RULE CHANGES MEANS CYBER SECURITY LEADERSHIP MUST COME FROM THE VERY TOP
By Miguel Clarke, GRC and Cyber Security lead for Armor Defense
Cyber Security Review online – November 2023

WHAT COULD YOU DO IF YOU KNEW HOW EVERY PIECE OF DATA WAS BEING USED?
By Ross Moore, Cyber Security Support Analyst with Passageways
Cyber Security Review online – October 2023

A BRIEF HISTORY OF DATA LOSS PREVENTION
Cyber Security Review online – July 2023

THE 5 ESSENTIAL CYBERSECURITY AWARENESS TRAINING TIPS FOR A MORE SECURE ENVIRONMENT
Cyber Security Review online – June 2023

THE 8-STEP COMPREHENSIVE CHECKLIST FOR APPLICATION SECURITY IN 2023
Cyber Security Review online – April 2023

THE NETWORK SECURITY CHALLENGE:
Improving Visibility to Defend Against Cyberthreats
By Kev Eley, Vice President Sales UK and Europe at LogRhythm

SWEDEN LAUNCHES EUROPE’S MOST ADVANCED HUB FOR AUTOMOTIVE CYBER SECURITY
Research Institute engages ethical hackers and the latest research in cyber technology to combat spiraling threats to connected vehicles