Channel address:
Categories:
Technologies
Language: English
Subscribers:
3.00K
Description from channel
The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ...
Partner channel: @cveNotify
Contact: @SirMalware
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
0
4 stars
0
3 stars
2
2 stars
0
1 stars
1
The latest Messages 6
2022-04-03 10:16:55
RE tip of the day: In kernel mode, the system service dispatcher (aka KiSystemService/KiSystemCall64[Shadow]) is responsible for finding the requested function by its index number (SSN) passed in EAX in the SSDT table.
#infosec #cybersecurity #malware #reverseengineering
re_and_more @malwr
376 views07:16
2022-03-29 19:41:23
PlugX: A Talisman to Behold
https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/plugx-a-talisman-to-behold.html
Sent from one of our channel members
@malwr
555 views16:41
2022-03-29 19:35:33
Started collecting observed/hardcoded #mutex from various #malware families.
Feel free to send PRs: https://github.com/albertzsigovits/malware-mutex/blob/main/README.md
albertzsigovits @malwr
449 viewsedited 16:35
2022-03-29 12:10:23
My favorite IDA shortcut: ctrl-L lets you powerfully search across all func names & var names!
Want to find everything related to packets? Search it with Ctrl-L.
whtaguy @malwr
392 views09:10
2022-03-28 23:46:59
We're hiring for the @Mandiant #AdvancedPractices Research team!
Self-driven defensive- and intel-oriented research
Support Mandiant IRs with research and detection
Codify attacker methodologies
Surface new activity
Great team/mission/data
https://jobs.smartrecruiters.com/Mandiant/743999814012433
matthewdunwoody @malwr
365 viewsedited 20:46
2022-03-23 22:41:39
Windows API - Exploring Virtual Memory and the Virtual Memory Management API, by @coder_rc
https://de-engineer.github.io/Understanding-Virtual-Memory-Paging-and-other-memory-related-concepts/
DirectoryRanger @malwr
613 viewsedited 19:41
2022-03-21 19:41:22
Threads, Threads, and More Threads http://scorpiosoftware.net/2022/03/21/threads-threads-and-more-threads/
zodiacon @malwr
548 viewsedited 16:41
2022-03-21 19:32:08
APT35 Automates Initial Access Using ProxyShell
Initial Access: #ProxyShell
Discovery: net, ipconfig, PowerShell, quser, etc.
PrivEsc: Scheduled Task
Defense Evasion: Real-time Monitoring & WDigest enablement
Credential Access: Comsvcs.dll
https://thedfirreport.com/2022/03/21/apt35-automates-initial-access-using-proxyshell/
TheDFIRReport @malwr
417 viewsedited 16:32
2022-03-21 19:18:23
Here is my #QuickNote - Analysis of #Pandora ransomware
https://kienmanowar.wordpress.com/2022/03/21/quicknote-analysis-of-pandora-ransomware/
kienbigmummy @malwr
305 views16:18
2022-03-02 13:33:52
ContiLeaks continues to leak data from Conti... they have released source code - the Trickbot Command Dispatcher & Trickbot Data Collector. They have also doxxed one of the developers of Conti.
You can download the Trickbot source code here: https://share.vx-underground.org/Conti/
vxunderground @malwr
162 viewsedited 10:33