Given the recent events with VMPSoft DMCA'ing educational YouTube videos demonstrating how to unpack malware protected with VMProtect, we have decided to release a free to use unpacker which works for all versions of VMP 3.x including the most recent version.
Simply sign…
🤓 I was reading the fascinating report from @Volexity about the Nearest Neighbor Attack presented at @CYBERWARCON.
To keep it documented, I created a quick overview to explain how works the attack to complement their blog post 👇 #threatintel#infosec
My @OrangeCon_nl talk is live!
Elevate your knowledge: From COM Object Fundamentals To UAC Bypasses.
A 25-minute crash course covering Tokens, Privileges, UAC, COM, and ultimately bypassing UAC!
youtube.com/watch?v=481SI_…
🎉 #TweetFeed is back! 🎉
After some months, I could bring it back to life again!
Easily grab IOCs shared by the #infosec community at 𝕏 / Twitter:
• URLs
• Domains
• IPs
• SHA256 hashes
• MD5 hashes
All served in a FREE feed or via API.
➡️ tweetfeed.live
🎉 #TweetFeed is back! 🎉
After some months, I could bring it back to life again!
Easily grab IOCs shared by the #infosec community at 𝕏 / Twitter:
• URLs
• Domains
• IPs
• SHA256 hashes
• MD5 hashes
All served in a FREE feed or via API.
➡️ tweetfeed.live
New blogpost: "The curious case of the 7777-Botnet".
A covert botnet has been used to bruteforce Microsoft #Azure logins since June 2022 by abusing the "Microsoft Azure PowerShell" feature. Used to exclusively target C-Level employees.
gi7w0rm.medium.com/the-curious-ca…
A question about all "Hells" and "Gates" in the context of x64 direct- and indirect syscalls. Are the following assignments correct? I am not 100% sure, let me know if something is missing or a statement is wrong.
Hell's Gate:
- Uses direct syscalls and retrieves SSN via…
6 months ago, I started working on a way to better map the #ransomware ecosystem and its evolution, including rebrands.🔎
I am really happy to share this handmade cartography, which is based on @orangecyberdef resources, #OSINT and reverse engineering.
➡️ github.com/cert-orangecyb…
A TA going by the handle Spyboy is selling an AV/EDR killer that is allegedly capable of killing almost every AV/EDR on the market.
streamable.com/ys07westreamable.com/h9n16x
What is the difference between the two urls?
one has an @ and one doesn't.
But also the first downloads version 15 of postgres from GitHub and the second one resolves to v15 dot zip domain which can also downloads a zip file that sure doesn't have postgres in it.
You see,…
While doing my usual #CTI research stuff, I often find I refer to breach reports by an org's IR team because of their usefulness as case studies and/or TTXs.
So, I threw up a #GitHub repo to collect these types of reports. PRs accepted 👨💻
github.com/BushidoUK/Brea…
Introducing VirusTotal Code Insight: empowering threat analysis with generative AI. This tool is based on Sec-PaLM (LLM) and helps explaining behavior of suspicious scripts. Code Insight is available now for all our users! More details by @bquintero: blog.virustotal.com/2023/04/introd…
Happy Friday everyone! Want a ProcMon for macOS? Ever wish you had your own Endpoint Security client you could task? Want to peer behind the macOS EDR curtain? Have a go and let us know what you think!
github.com/redcanaryco/ma…
80 Followers 267 Following✨ Connecting you with trusted products
🛒 Shop smarter & compare top choices
💰 Save money while finding real value
⭐ Discover quality items that fit your needs
352 Followers 4K Following🌐 I made this account to warn others and share my experience with a potential Trojan that auto-downloaded from the TikTok Seller website. 🆘
189 Followers 495 FollowingLove/hate relationship with malware that leads to drinking a lot of bourbon. Thoughts are my own and you won't want them anyways.
1K Followers 71 FollowingAdvanced sandbox-based system specifically designed and built for detecting file-based zero-day and hard-to-detect exploits. By @HaifeiLi.
4K Followers 199 FollowingLong time listener, infrequent tweeter. Head of Project Zero @Google. Views are my own.
Still reading: "Brown Bear, Brown Bear, What Do You See?"
9K Followers 607 FollowingAggregating external requests sent to OSPs asking to remove online material. https://t.co/OaiKYIe7Wc
*Email* with questions.
Find us at @[email protected]
10K Followers 6 FollowingBringing AI to offensive security by autonomously finding and exploiting web vulnerabilities. Watch XBOW hack things: https://t.co/D5Mco1u8zM
4K Followers 8 FollowingChanging Windows one build at a time. Keeping you up-to-date on all the Windows Updates. Will probably respond with the @Studio384-handle.
893 Followers 393 FollowingZimperium Inc. scholar, inventor.
FWIW opinions are my own.
Author of Fuzzing Against the Machine
founder @ https://t.co/1OJiGY3WHs
8K Followers 388 FollowingSecuritatis inquisitor and professor at @EPFL_en leading the #HexHive 🐝 group, focusing on system/software security. @[email protected] (he/him)
9K Followers 18 FollowingA Singapore company that discovers vulnerabilities to help customers mitigate the risks of cyber attacks. Organisers of @offbyoneconf
7K Followers 186 FollowingRanked as the #1 security researcher for Google Play Security Rewards Program. The founder of @OversecuredInc Android and iOS vulnerability scanners
No recent Favorites. New Favorites will appear here.