你可能會喜歡
"To truly understand an adversary, you must rise to — or beyond — their depth.Because only depth reveals intent." #CyberSecurity #MalwareAnalysis #APT #NationalLevelAPT #ThreatIntel #ReverseEngineering
Finally, the HyperDbg course is now live at @OpenSecTraining! In this tutorial, I explore the potential of using HyperDbg for enhanced reverse engineering, alongside a lot of hypervisor-based reverse engineering tricks!
📣New #OST2 class!!!📣"Debuggers 3301: HyperDbg"📣 ost2.fyi/Dbg3301 This ~16 hour class (based on average beta tester completion time) by Sina Karvandi @intel80x86 covers his hypervisor-based debugger HyperDbg
Good Morning! Just published a blog post analyzing Hyper-V functionality, design, and key binaries, hvix64.exe (hypervisor), securekernel.exe (secure kernel), and winload.dll (boot-time loader and CPU check). r0keb.github.io/posts/Hyper-V-…
⏳💻 Regin: Static Analysis of Its Lightweight VFS Abstraction Layer 🔗 Full report: malwareanalysisspace.blogspot.com/2025/10/regin-… #Regin #Rootkit #VFS #KernelMode #ReverseEngineering #TopTierAPT
McAfee’s Threat Research team uncovers a new Astaroth campaign leveraging GitHub to host malware configurations. Infection starts with a phishing link that downloads a zipped LNK. When executed, it installs Astaroth. mcafee.com/blogs/other-bl…
Interesting FUD 'setup.pkg' @abuse_ch bazaar.abuse.ch/sample/45f9b2a… C2: 151.242.170(.)228 @500mk500 @skocherhan @clibm079
I had some questions about my career and stuff. I'll answer them. 1. I got into programming really young (about 13 years old). I think I was sufficiently skilled to get an entry level programming job as young as 17, but nobody wanted to hire me or take a risk due to my age.…
My positions and pay: Helpdesk: $10.50/hr Computer Technician: $11.50/hr Helpdesk (again): $16/hr Software Engineer: $42,000/yr Software Engineer: $65,000/yr Software Engineer: $90,000/yr Malware Researcher: $165,000/yr Malware Researcher: $350,000/yr My first computer job I…
Wrote a new blog post on defeating string obfuscation in an obfuscated NodeJS malware sample using AST: dinohacks.com/posts/2025/202…
EvilAI exfiltrates browser data and maintains encrypted command-and-control comms, making visibility and response critical. Find out how Trend Vision One™ helps mitigate this threat: research.trendmicro.com/468BdSR
Welcome back Hasherezade (@hasherezade) to our RE//verse review board! Hasherezade, a malware analyst and software engineer from Poland, is known for her impactful work in cybersecurity and reverse engineering. @hasherezade has created several open source tools including PE-bear,…
I have been closely following all identifiable samples of #APT28 for two years now. @s2grupo's @LAB52io group just released a report about #NotDoor backdoor variant: lab52.io/blog/analyzing… You can find the sample in my "usual" place @abuse_ch bazaar.abuse.ch/browse/tag/APT……
Going live with @Amr_Thabet on October 14th to talk about PowerShell persistence (something I see attackers use constantly to stay hidden in environments) 🎙 I’ll share my approach to hunting for these techniques (baseline → spot anomalies → correlate → validate) and forensic…
Excited to share our latest research on APT37(a.k.a ScarCruft, Ruby Sleet, and Velvet Chollima)’s new infection chain and C2 operation: 1⃣ Initial Access: Leveraging LNK and CHM files to deliver Rust-based and PowerShell-based malware. 2⃣ Post-Recon: Deployment of FadeStealer…
'balah.bat' dropper from Australia with 0 detection on VT @abuse_ch bazaar.abuse.ch/sample/e96b197… Drops #QuasarRAT from here: hxxps://raw.githubusercontent(.)com/boucegame/ScamBaiting-Updated/refs/heads/main/ChromeUpdater.exe Domain: amyuni(.)com
🤔 145[.]223[.]124[.]175 88[.]223[.]87[.]97 91[.]108[.]123[.]228 77[.]37[.]55[.]170 147[.]79[.]72[.]219 147[.]79[.]72[.]43 147[.]79[.]72[.]42 147[.]79[.]79[.]216 88[.]223[.]87[.]32 145[.]223[.]124[.]208 147[.]79[.]72[.]229 77[.]37[.]53[.]5 77[.]37[.]83[.]211 147[.]79[.]72[.]163…
![skocherhan's tweet image. 🤔
145[.]223[.]124[.]175
88[.]223[.]87[.]97
91[.]108[.]123[.]228
77[.]37[.]55[.]170
147[.]79[.]72[.]219
147[.]79[.]72[.]43
147[.]79[.]72[.]42
147[.]79[.]79[.]216
88[.]223[.]87[.]32
145[.]223[.]124[.]208
147[.]79[.]72[.]229
77[.]37[.]53[.]5
77[.]37[.]83[.]211
147[.]79[.]72[.]163…](https://pbs.twimg.com/media/G2iFwjxWUAAdx_s.jpg)
'B30c.bat' FUD @abuse_ch bazaar.abuse.ch/sample/f2acb59… Drops: hxxps://seagreen-capybara-853936.hostingersite(.)com/base.ps1 bazaar.abuse.ch/sample/75130de… @skocherhan
It's been a busy week so I almost missed this interesting unfolding story. The newly created GitHub repository "KittenBusters/CharmingKitten" appears to be part of an exposure campaign against the Iranian Advanced Persistent Threat (APT) group Charming Kitten, aka APT35. The…
暁は集った 🚨 NEW RESEARCH: How $81M vanished from Iran's largest crypto exchange akatsukilegion.netlify.app/nobitex_breach… Special thanks goes to @ValidinLLC @Huntio for supporting us Researchers: @TIE__SUN @Sh4dow3x3 #ThreatHunting #DFIR #Stealers #Crypto #Blockchain
The new VirusTotal plugin for IDA Pro now integrates Code Insight into your reversing workflow, allowing you to save and use relevant analyses to contextualize other functions. blog.virustotal.com/2025/08/integr…
United States 趨勢
- 1. Ohtani 225K posts
- 2. Dodgers 270K posts
- 3. Emiru 8,868 posts
- 4. World Series 63.5K posts
- 5. Miami 102K posts
- 6. Carson Beck 16.7K posts
- 7. Louisville 28.7K posts
- 8. Brewers 57.4K posts
- 9. Babe Ruth 3,610 posts
- 10. Massie 32.6K posts
- 11. Nebraska 17.8K posts
- 12. NOCHE IS BACK 32.1K posts
- 13. #HeartofTaehyung 32.7K posts
- 14. #SEVENTEEN_NEW_IN_LA 66.1K posts
- 15. Sam Harris 1,141 posts
- 16. TwitchCon 24.8K posts
- 17. George Santos 88.1K posts
- 18. NLCS 64.5K posts
- 19. TOP CALL 9,802 posts
- 20. 10 Ks 5,003 posts
你可能會喜歡
-
Ransom Diary
@Ransom_Diary -
illy…nr🇵🇸
@nabnab0130 -
jeffrey brower
@jeffreybrower5 -
aymd 𓂆 🍉🇵🇸 🔻🏴
@7aymd7 -
hacksys
@flopyash -
#PMInc
@pmnp -
Vondechii
@Vondechiii -
Tony Virelli
@virelli -
Rick Zabel -- ⚡️
@RickZabel_WNY -
Tera
@Tera0017 -
Renaud Bidou
@rbidou -
Dlamini M.P.
@IAmDlaminiMP -
Software Testing Material
@STMWebsite -
jEEVA
@imgva -
Boris
@xitec75
Something went wrong.
Something went wrong.