내가 좋아할 만한 콘텐츠
"To truly understand an adversary, you must rise to — or beyond — their depth.Because only depth reveals intent." #CyberSecurity #MalwareAnalysis #APT #NationalLevelAPT #ThreatIntel #ReverseEngineering
⏳💻 Regin: Static Analysis of Its Lightweight VFS Abstraction Layer 🔗 Full report: malwareanalysisspace.blogspot.com/2025/10/regin-… #Regin #Rootkit #VFS #KernelMode #ReverseEngineering #TopTierAPT
McAfee’s Threat Research team uncovers a new Astaroth campaign leveraging GitHub to host malware configurations. Infection starts with a phishing link that downloads a zipped LNK. When executed, it installs Astaroth. mcafee.com/blogs/other-bl…
Interesting FUD 'setup.pkg' @abuse_ch bazaar.abuse.ch/sample/45f9b2a… C2: 151.242.170(.)228 @500mk500 @skocherhan @clibm079
I had some questions about my career and stuff. I'll answer them. 1. I got into programming really young (about 13 years old). I think I was sufficiently skilled to get an entry level programming job as young as 17, but nobody wanted to hire me or take a risk due to my age.…
My positions and pay: Helpdesk: $10.50/hr Computer Technician: $11.50/hr Helpdesk (again): $16/hr Software Engineer: $42,000/yr Software Engineer: $65,000/yr Software Engineer: $90,000/yr Malware Researcher: $165,000/yr Malware Researcher: $350,000/yr My first computer job I…
Wrote a new blog post on defeating string obfuscation in an obfuscated NodeJS malware sample using AST: dinohacks.com/posts/2025/202…
EvilAI exfiltrates browser data and maintains encrypted command-and-control comms, making visibility and response critical. Find out how Trend Vision One™ helps mitigate this threat: research.trendmicro.com/468BdSR
Welcome back Hasherezade (@hasherezade) to our RE//verse review board! Hasherezade, a malware analyst and software engineer from Poland, is known for her impactful work in cybersecurity and reverse engineering. @hasherezade has created several open source tools including PE-bear,…
I have been closely following all identifiable samples of #APT28 for two years now. @s2grupo's @LAB52io group just released a report about #NotDoor backdoor variant: lab52.io/blog/analyzing… You can find the sample in my "usual" place @abuse_ch bazaar.abuse.ch/browse/tag/APT……
Going live with @Amr_Thabet on October 14th to talk about PowerShell persistence (something I see attackers use constantly to stay hidden in environments) 🎙 I’ll share my approach to hunting for these techniques (baseline → spot anomalies → correlate → validate) and forensic…
Excited to share our latest research on APT37(a.k.a ScarCruft, Ruby Sleet, and Velvet Chollima)’s new infection chain and C2 operation: 1⃣ Initial Access: Leveraging LNK and CHM files to deliver Rust-based and PowerShell-based malware. 2⃣ Post-Recon: Deployment of FadeStealer…
'balah.bat' dropper from Australia with 0 detection on VT @abuse_ch bazaar.abuse.ch/sample/e96b197… Drops #QuasarRAT from here: hxxps://raw.githubusercontent(.)com/boucegame/ScamBaiting-Updated/refs/heads/main/ChromeUpdater.exe Domain: amyuni(.)com
🤔 145[.]223[.]124[.]175 88[.]223[.]87[.]97 91[.]108[.]123[.]228 77[.]37[.]55[.]170 147[.]79[.]72[.]219 147[.]79[.]72[.]43 147[.]79[.]72[.]42 147[.]79[.]79[.]216 88[.]223[.]87[.]32 145[.]223[.]124[.]208 147[.]79[.]72[.]229 77[.]37[.]53[.]5 77[.]37[.]83[.]211 147[.]79[.]72[.]163…
![skocherhan's tweet image. 🤔
145[.]223[.]124[.]175
88[.]223[.]87[.]97
91[.]108[.]123[.]228
77[.]37[.]55[.]170
147[.]79[.]72[.]219
147[.]79[.]72[.]43
147[.]79[.]72[.]42
147[.]79[.]79[.]216
88[.]223[.]87[.]32
145[.]223[.]124[.]208
147[.]79[.]72[.]229
77[.]37[.]53[.]5
77[.]37[.]83[.]211
147[.]79[.]72[.]163…](https://pbs.twimg.com/media/G2iFwjxWUAAdx_s.jpg)
'B30c.bat' FUD @abuse_ch bazaar.abuse.ch/sample/f2acb59… Drops: hxxps://seagreen-capybara-853936.hostingersite(.)com/base.ps1 bazaar.abuse.ch/sample/75130de… @skocherhan
It's been a busy week so I almost missed this interesting unfolding story. The newly created GitHub repository "KittenBusters/CharmingKitten" appears to be part of an exposure campaign against the Iranian Advanced Persistent Threat (APT) group Charming Kitten, aka APT35. The…
暁は集った 🚨 NEW RESEARCH: How $81M vanished from Iran's largest crypto exchange akatsukilegion.netlify.app/nobitex_breach… Special thanks goes to @ValidinLLC @Huntio for supporting us Researchers: @TIE__SUN @Sh4dow3x3 #ThreatHunting #DFIR #Stealers #Crypto #Blockchain
The new VirusTotal plugin for IDA Pro now integrates Code Insight into your reversing workflow, allowing you to save and use relevant analyses to contextualize other functions. blog.virustotal.com/2025/08/integr…
Part 1: Introduce rootkits and their history and a few example implementations of rootkits and mitigation strategies. Part 2: Introducing two case studies of rootkits found in the wild and hunting skills. I appreciated it; thanks for sharing. @rotemsalinas
My new blog about rootkits is out! cyberark.com/resources/thre…
Costin Raiu: The GReAT exit interview youtu.be/bUMqkkXj5eA?si… via @YouTube . The security conversations from @ryanaraine and @craiu were intriguing and significant; thanks for sharing. 💙
youtube.com
YouTube
Costin Raiu: The GReAT exit interview
United States 트렌드
- 1. Good Wednesday 23.7K posts
- 2. #LoveYourW2025 153K posts
- 3. #wednesdaymotivation 5,272 posts
- 4. Hump Day 9,450 posts
- 5. #VxWKOREA 39.7K posts
- 6. And the Word 74.4K posts
- 7. Markey N/A
- 8. #GenV 3,745 posts
- 9. #WednesdayWisdom N/A
- 10. St. Teresa of Avila 1,904 posts
- 11. Happy Hump 5,794 posts
- 12. Raila Odinga 167K posts
- 13. LEE KNOW FOR HARPERS BAZAAR 6,354 posts
- 14. Tami 4,981 posts
- 15. Young Republicans 92.8K posts
- 16. George Floyd 37.3K posts
- 17. Baba 129K posts
- 18. cate 4,658 posts
- 19. Yamamoto 52.1K posts
- 20. Walz 41.7K posts
내가 좋아할 만한 콘텐츠
-
Ransom Diary
@Ransom_Diary -
illy…nr🇵🇸
@nabnab0130 -
jeffrey brower
@jeffreybrower5 -
aymd 𓂆 🍉🇵🇸 🔻🏴
@7aymd7 -
hacksys
@flopyash -
#PMInc
@pmnp -
Vondechii
@Vondechiii -
Tony Virelli
@virelli -
Rick Zabel -- ⚡️
@RickZabel_WNY -
Tera
@Tera0017 -
Renaud Bidou
@rbidou -
Dlamini M.P.
@IAmDlaminiMP -
Software Testing Material
@STMWebsite -
jEEVA
@imgva -
Boris
@xitec75
Something went wrong.
Something went wrong.