Dissect enables you to go from acquisition of thousands of systems to answering the how, when, and what in a matter of hours β A game changer for incident response teams. Itβs modular and concise API allows for anyone with Python experience to adapt it to their own needs and create output ..
π£digicat
Big fat kudos to Fox IT for releasing Dissect as open source. Wonderful contribution to the community.
On GitHub: https://github.com/fox-it/dissect
π€mrkoot
π@malwr
π£digicat
Big fat kudos to Fox IT for releasing Dissect as open source. Wonderful contribution to the community.
On GitHub: https://github.com/fox-it/dissect
π€mrkoot
π@malwr
GitHub
GitHub - fox-it/dissect: Dissect is a digital forensics & incident response framework and toolset that allows you to quickly accessβ¦
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fo...
Bumblebee: increasing its capacity and evolving its TTPs - Check Point Research
π£digicat
π@malwr
π£digicat
π@malwr
Check Point Research
Bumblebee: increasing its capacity and evolving its TTPs - Check Point Research
Research by: Marc Salinas Fernandez Background & Key Findings The spring of 2022 saw a spike in activity of Bumblebee loader, a recent threat that has garnered a lot of attention due to its many links to several well-known malware families. In this pieceβ¦
Remove All The Callbacks β BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse
π£digicat
π@malwr
π£digicat
π@malwr
Sophos News
Remove All The Callbacks β BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse
A fresh exploration of the malware uncovers a new tactic for bypassing security products by abusing a known driver vulnerability
DeftTorero TTPs in 2019β2021 - aka Lebanese Cedar, Volatile Cedar - this post focuses primarily on the TTPs used by the threat actor in intrusions between late 2019 and mid-2021 to compromise victims.
π£digicat
π@malwr
π£digicat
π@malwr
Securelist
DeftTorero TTPs in 2019β2021
In this report we focus on tactics, techniques, and procedures (TTPs) of the DeftTorero (aka Lebanese Cedar or Volatile Cedar) threat actor, which targets Middle East countries.
Security Researchers shares Lockbit 3.0 ransomware technical details, defense tips on case study.
π£Late_Ice_9288
π@malwr
π£Late_Ice_9288
π@malwr
CIP Blog
LockBit 3.0 Ransomware Case Study: A Huge Cybersecurity Risk | CIP Blog
In this article, we will analyze LockBit 3.0 ransomware attack cases to show you how attacks similar to these cases can be prevented.
What is LockBit 3.0 Ransomware?
LockBit 3.0 (also known as LockBit Black) is ransomware created by the cybercrime syndicateβ¦
What is LockBit 3.0 Ransomware?
LockBit 3.0 (also known as LockBit Black) is ransomware created by the cybercrime syndicateβ¦
API Monitor32 - Detecting Windows API hooking and modification for analysis purposes
π£ytk2128
π@malwr
π£ytk2128
π@malwr
GitHub
GitHub - ytk2128/api-monitor32: A simple tool for detecting memory modifications to Windows API.
A simple tool for detecting memory modifications to Windows API. - ytk2128/api-monitor32
π1
Freeze - a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
π£CyberMasterV
π@malwr
π£CyberMasterV
π@malwr
GitHub
GitHub - optiv/Freeze: Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternativeβ¦
Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods - optiv/Freeze
Uncovering a Fake Recruiter Scam with OSINT techniques
π£smicallef
honestly, can't we all tell this is sus just looking at it? I mean good job on the digging but trust your instincts, luke, this just smells wrong
π€BadSausageFactory
Excellent! Thanks.
π€RolandTDeschain
So.. he like.. identified an incredibly obvious phishing email?
π€fuktpotato
π@malwr
π£smicallef
honestly, can't we all tell this is sus just looking at it? I mean good job on the digging but trust your instincts, luke, this just smells wrong
π€BadSausageFactory
Excellent! Thanks.
π€RolandTDeschain
So.. he like.. identified an incredibly obvious phishing email?
π€fuktpotato
π@malwr