New URL related to APT28 impersonating EU Agency for the Space Programme.
This time they used tinyurl to redirect the victim to the malicious site.
https://tinyurl[.]com/3wr8xhsb > https://euspa-vacancy[.]firstcloudit[.]com/ > search-ms > download malware from webdav
#BREAKING On January 25th #ESETResearch discovered a new cyberattack in 🇺🇦 Ukraine. Attackers deployed a new wiper we named #SwiftSlicer using Active Directory Group Policy. The #SwiftSlicer wiper is written in Go programing language. We attribute this attack to #Sandworm. 1/3
The sixth article in the Malware Analysis Series (MAS) is available:
exploitreversing.com/2022/11/24/mal…
The C2 configuration extractor is slightly less trivial than expected.
Thank you @ilfak and @HexRaysSA for supporting and providing me with IDA Pro.
#malwareanalysis #malware
Cobalt Strike, a Defender's Guide - Part 2
➡️In this report we talk about domain fronting, SOCKS proxy, C2 traffic, Sigma rules, JARM, JA3/S, RITA & more.
Big shout-out to @Kostastsale for helping put this together!
thedfirreport.com/2022/01/24/cob…
#Emotet is reborn again! The botnet delivers both malicious documents and payloads from C2 right now. The maldocs for distribution are Excel and Word files. But there is no sign for active spam yet. Don't miss the latest news about #Emotet with ANYRUN! app.any.run/tasks/a6801f1b…
We just added support to crack Windows "Hello" PIN/Password authentication in hashcat! Regarding all technical details, please have a look at this forum thread: hashcat.net/forum/thread-1… Thanks to @tijldeneut and @Banaanhangwagen for all the intense preparational work
8K Followers 6K FollowingDiagnostician. Author of Diagnomicon. Gang of One. Software Surgeon. Machine Learning and AI for Software Diagnostics and Observability. Generative Debugging.
5K Followers 5K FollowingTech #Youtuber Make my day - Sub my youtube channel. Working on some #AmigaBASIC #Freepascal and #QBasic #QB64 #retro mini #games #demos
7K Followers 2K FollowingGlobal leader in hands-on learning for enterprise and cloud security education. Join 40000+ infosec professionals from 130+ countries
10K Followers 419 FollowingFirst Private CERT in Europe. Tweets are about vulnerability and cyber threats. Corporate account: @OrangeCyberDef / @OrangeCyberFR GPG KeyID: 0xBD54B276
55K Followers 1K FollowingHacker. Co-founder/CTO Veracode. Former L0pht security researcher. GenAI Auto-repair of vulns is the future @weld.bsky.social @[email protected]
213 Followers 68 FollowingTehnologia ne transformă tot mai mult viețile și modul în care facem business. Iar când această tehnologie permite progresul, ESET este aici să-l protejeze.
3K Followers 706 FollowingHusband, Father, #DFIR @ Unit 42, Digital Forensics Discord Admin, AboutDFIR Contributor, Author, #USMC Veteran, Former LE, NHL Fan, Dark Mode, Animals, Music
57K Followers 625 FollowingFather | @LBank_exchange Partner | Experimenting with ideas | I do technical stuff hard to explain | Love you Mom | Nothing is financial advice | DM open 📩 |
4K Followers 599 FollowingElastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
836 Followers 343 FollowingMalware analysis/Offensive security addict at @Elastic
Private account. All opinions expressed here are mine only (not of my employer etc).
19K Followers 21K Following@marcusfitzsimons.bsky.social #ProgressiveAlliance #FBPA #FBPPR #FBPE #FBNHS #ScrapNHSBill #GTTO #Climate #FreePalestine. Be aware: Animal Lover. He him his
2K Followers 606 Following"In the beginning the Internet was created. This made a lot of people mad and was widely regarded as a bad move", DFIR enthusiast, personal account