Channel address:
Categories:
Technologies
Language: English
Subscribers:
3.00K
Description from channel
The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ...
Partner channel: @cveNotify
Contact: @SirMalware
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
0
4 stars
0
3 stars
2
2 stars
0
1 stars
1
The latest Messages 2
2022-04-28 17:29:45
TIL: The Process CommandLine is just the process own memory indicated by PEB->ProcessParameters->CommandLine->Buffer. Each process can freely change it, and easily fool all tools trying to read such value. Why anyone trusts it?
0gtweet @malwr
101 views14:29
2022-04-28 17:01:11
The Elephant Framework being used to attack Ukraine https://businessinsights.bitdefender.com/deep-dive-into-the-elephant-framework-a-new-cyber-threat-in-ukraine
three_cube @malwr
109 viewsedited 14:01
2022-04-28 16:56:39
Part of the #APT Operation GamblingPuppet investigation we presented at #Botconf2022 is now public. It contains analysis of Windows malware families. Expect the slides, full paper with infection vectors, Linux and Mac malware analysis and attribution soon http://research.trendmicro.com/earthberberoka
thehellu @malwr
111 views13:56
2022-04-28 10:32:12
I'm writing a lab for sansforensics FOR528: Ransomware for Incident Responders in which we analyze some #CobaltStrike beacons. We reference bluscreenofjeff's work. Check it out:
How to Write Malleable C2 Profiles for Cobalt Strike https://bluescreenofjeff.com/2017-01-24-how-to-write-malleable-c2-profiles-for-cobalt-strike/ via bluscreenofjeff
rj_chap @malwr
58 viewsedited 07:32
2022-04-27 22:09:43
Scaling Dumb Fuzzing with Kubernetes
Radare2 is an open-source framework for reverse-engineering and binary analysis.
In this article, you will learn how to run analysis at scale with Radare2, a CI/CD pipeline and Kubernetes.
@malwr
87 views19:09
2022-04-27 18:08:31
After rigorous review of years of historical data, we’ve finally been able to merge #UNC2452 into #APT29 using our organic data. Names matter. Huge kudos to everyone involved
https://www.mandiant.com/resources/unc2452-merged-into-apt29
Wanna_VanTa @malwr
144 viewsedited 15:08
2022-04-27 17:12:57
My new article about the #Bumblebee malware. As always, it's a mix between a step-by-step tutorial and a presentation.
Key parts:
Unique unpacking mechanism
Inline hooks for different purposes + shared code with Trickbot
Copied anti-analysis code
https://elis531989.medium.com/the-chronicles-of-bumblebee-the-hook-the-bee-and-the-trickbot-connection-686379311056
elisalem9 @malwr
163 viewsedited 14:12
2022-04-27 17:01:31
Reverse Engineering For Everyone!
This comprehensive set of reverse engineering tutorials covers x86, x64 32-bit ARM, 64-bit architectures. If you're a newbie looking to learn reversing, or just someone looking to revise some concepts, check it out
https://0xinfection.github.io/reversing/
0xAsm0d3us @malwr
159 views14:01
2022-04-27 15:31:21
Finally it dropped! https://ollydbg.de/odbg64.zip
x64dbg @malwr
176 views12:31
2022-04-26 21:12:05
How We Fuzzed Microsoft Defender for IoT and Found Multiple Vulnerabilities : https://www.sentinelone.com/labs/inside-the-black-box-how-we-fuzzed-microsoft-defender-for-iot-and-found-multiple-vulnerabilities/ credits kasifdekel SentinelOne
Pwning Microsoft Azure Defender for IoT - Multiple Flaws Allow RCE for All : https://www.sentinelone.com/labs/pwning-microsoft-azure-defender-for-iot-multiple-flaws-allow-remote-code-execution-for-all/
binitamshah @malwr
134 views18:12
M
