Channel address:
Categories:
Technologies
Language: English
Subscribers:
3.00K
Description from channel
The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ...
Partner channel: @cveNotify
Contact: @SirMalware
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
0
4 stars
0
3 stars
2
2 stars
0
1 stars
1
The latest Messages 9
2022-02-23 15:27:00
Added 2 PoCs for HackSys Extreme Vulnerable Driver to KernelWritePoCs.
One tries to get SYSTEM with SeCreateTokenPrivilege.
The other tries to get SYSTEM by secondary logon feature with SeCreateTokenPrivilege and SeImpersonatePrivilege.
https://github.com/daem0nc0re/PrivFu#KernelWritePoCs
daem0nc0re @malwr
174 views12:27
2022-02-23 15:23:44
I wrote API hook for simple Windows 10 x86 using Capstone engine
https://github.com/CaptanMoss/API-Hooking-on-Windows10
ereborlugimli @malwr
181 views12:23
2022-02-17 20:02:56
Blog: Detecting Karakurt – an extortion focused threat actor by NCC Group's Cyber Incident Response Team members - Simon Biggs, Richard Footman and Michael Mullen -
https://research.nccgroup.com/2022/02/17/detecting-karakurt-an-extortion-focused-threat-actor/ #Karakurt
NCCGroupInfosec @malwr
182 views17:02
2022-02-17 19:55:10
Quick blog tonight on a #Monzo and #Revolut bank #phishing campaign targeting digital-only mobile users
https://blog.bushidotoken.net/2022/02/mobile-banking-phishing-campaign.html
BushidoToken @malwr
178 views16:55
2022-02-17 19:47:48
Puzzled why a yara rule did or didn't match?
Let me introduce http://yaradbg.dev, a web-based #yara #debugger!
With #YaraDbg, you can see the:
evaluation steps
matched strings
relationship among the rules
DissectMalware @malwr
164 views16:47
2022-02-17 14:13:10
RE tip of the day: Resolving imports in IDA and notice that for ntdll there are no API names? Save the resolved addresses with "Debugger->Take memory snapshot" and manually load ntdll.dll to the same base using pe_dlls.idc: https://buff.ly/34LlfAX
#infosec #cybersecurity #malware
re_and_more @malwr
190 views11:13
2022-02-16 21:53:14
I wrote a Binary Ninja UI plugin for exploring Structured Exception Handlers in PEs today
https://github.com/EliseZeroTwo/SEH-Helper
EliseZeroTwo @malwr
114 views18:53
2022-02-16 19:55:13
Fuzzing sockets: Apache HTTP, Part 3: Results
https://securitylab.github.com/research/fuzzing-apache-3/
kmkz_security @malwr
130 views16:55
2022-02-16 19:54:15
Woop Woop, good day for #CTI. @MISPProject released v2.4.153 with a lot of fixes and extra features. These new taxonomies are very interesting for state attribution ( and intrusion modeling ( See
https://www.misp-project.org/taxonomies.html#_state_responsibility
digihash @malwr
102 views16:54
2022-02-16 19:52:52
IDA Free has been upgraded to the latest IDA version 7.7SP1!
This light but powerful tool can quickly analyze the binary code samples and allow users to take a closer look at the results.
Try it out for free https://hex-rays.com/ida-free/
#IDAFreeware #Binaryanalysis #HexRays
HexRaysSA @malwr
112 views16:52