Malware News
@malwr
12.8K subscribers
1.63K photos
7 videos
130 files
7.78K links
The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ...

Partner channel: @cveNotify

For ads: https://telega.io/c/malwr
Download Telegram
About
Blog
Apps
Platform
Join
Malware News
12.8K subscribers
Malware News
Vidar Stealer Malware Analysis
🗣askasmani


🎖@malwr
YouTube
Vidar Stealer Malware Analysis
In this video we will be doing analysis of Vidar Stealer.

Reference great article:

https://0x00-0x7f.github.io/A-Case-of-Vidar-Infostealer-Part-1-(-Unpacking-)/
https://0x00-0x7f.github.io/A-Case-of-Vidar-Infostealer-Part-2/

Malware Download Link: ht…
439 views
Malware News
emailGPT: a quick and easy interface to generate emails with ChatGPT - Phishing/Vishing etc. Enabler
🗣digicat


🎖@malwr
468 views
Malware News
Sigstore The Easy Way
🗣jnazario


🎖@malwr
Rewanthtammana
Sigstore The Easy Way
Software signing just got easier. Sigstore The Easy Way guide is the most straightforward way to geting started with software signing & securing software supply chains.
358 views
Malware News
CVE / NVD doesn’t work for open source and supply chain security - part one, what's wrong
🗣jnazario


🎖@malwr
Linkedin
CVE / NVD doesn’t work for open source and supply chain security - part one, what's wrong
I had to split this article into two parts. Part one describes what I think is wrong and part two, which is coming next week, is a proposed architecture to improve it.
320 views
Malware News
Analyzing Microsoft Word Malware C2 Traffic | TryHackMe Tempest P2
🗣MotasemHa


🎖@malwr
YouTube
Analyzing Microsoft Word Malware C2 Traffic | TryHackMe Tempest P2 | Cyber Security
In this video walk-through, we carried over the second part of TryHackMe Tempest challenge. We covered analyzing malicious traffic and malware execution.
*************
Receive Cyber Security Field Notes and Special Training Videos
https://www.youtube.com…
363 views
Malware News
Using JSON in a New Generic Web Application Firewall Bypass
🗣derp6996


🎖@malwr
Claroty
{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF
Team82 developed a generic web application firewall bypass exploiting a lack of JSON syntax support in leading vendors' SQL injection like AWS and Imperva WAF.
374 views
Malware News
Hooking System Calls in Windows 11 22H2 like Avast Antivirus. Research, analysis and bypass
🗣jnazario


🎖@malwr
the-deniss.github.io
Hooking System Calls in Windows 11 22H2 like Avast Antivirus. Research, analysis and bypass
In this post I’ll show Avast self-defense bypass: how I discovered a new undocumented way to intercept all system calls without a hypervisor and PatchGuard triggered BSOD, and, finally, based on the knowledge gained, implemented a bypass
393 views
Malware News
ChatGPT shows promise of using AI to write Malware
🗣simpletonsavant

Can’t we just use AI to save the planet? Ah what am I thinking, of course it will be used to trash it even faster.
👤spamzauberer

What about CoPilot tho??
👤doubleAdLover

The recent news keeps me up at night. I will not use it as an excuse to stop learning cybersecurity though.
👤RemediateRemediate


🎖@malwr
CyberScoop
ChatGPT shows promise of using AI to write malware
Large language models pose a major cybersecurity risk, both from the vulnerabilities they risk introducing and the malware they could produce.
481 views
Malware News
Foreign Information Manipulation Interference (FIMI) and Cybersecurity - The EU Agency for Cybersecurity (ENISA) and the European External Action Service (EEAS) have joined forces to study and analyse the threat landscape concerning Foreign Information Manipulation and Interference (FIMI) & disinfo
🗣digicat

Good, we need more acronyms in this field.
👤Wellidk182


🎖@malwr
www.enisa.europa.eu
Foreign Information Manipulation Interference (FIMI) and Cybersecurity - Threat Landscape | ENISA
ENISA is the EU agency dedicated to enhancing cybersecurity in Europe. They offer guidance, tools, and resources to safeguard citizens and businesses from cyber threats.
401 views
Malware News
Blackhat Europe 2022 materials
🗣digicat


🎖@malwr
Blackhat
Black Hat Europe 2022
375 views
Malware News
Dirty Vanity: A New Approach to Code injection & EDR bypass
🗣digicat


🎖@malwr
362 views
Malware News
Aikido: Turning EDRs to Malicious Wipers Using 0-day Exploits
🗣digicat


🎖@malwr
GitHub
GitHub - SafeBreach-Labs/aikido_wiper
Contribute to SafeBreach-Labs/aikido_wiper development by creating an account on GitHub.
353 views
Malware News
Hooking System Calls in Windows 11 22H2 like Avast Antivirus. Research, analysis and bypass
🗣Gallus


🎖@malwr
the-deniss.github.io
Hooking System Calls in Windows 11 22H2 like Avast Antivirus. Research, analysis and bypass
In this post I’ll show Avast self-defense bypass: how I discovered a new undocumented way to intercept all system calls without a hypervisor and PatchGuard triggered BSOD, and, finally, based on the knowledge gained, implemented a bypass
349 views
Malware News
wafme0w: A new fast Web Firewall fingerprinting tool.
🗣Due_Criticism_2326

I am not Golang developer, but code is ugly.
It has a lot of nested loops. Is it normal?
👤Hot-Vegetable-3507

Can you provide data to back your claims that this is more performant than wafw00f?
👤wntrmut

Hello, I made this fast and concurrent Web Application Firewall fingerprinting tool. Written in Go, it's based on wafw00f. Performance gains are huge.
Any advice is welcome.
Thank you!
👤Due_Criticism_2326


🎖@malwr
GitHub
GitHub - Lu1sDV/wafme0w: Fast and lightweight Web Application Firewall Fingerprinting tool
Fast and lightweight Web Application Firewall Fingerprinting tool - Lu1sDV/wafme0w
395 views
Malware News
SikretaLabs/BlueMap: A Azure Exploitation Toolkit for Red Team & Pentesters
🗣jnazario


🎖@malwr
GitHub
GitHub - SikretaLabs/BlueMap: A Azure Exploitation Toolkit for Red Team & Pentesters
A Azure Exploitation Toolkit for Red Team & Pentesters - SikretaLabs/BlueMap
365 views
Malware News
kleiton0x00/RedditC2: Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.
🗣jnazario


🎖@malwr
GitHub
GitHub - kleiton0x00/RedditC2: Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might…
Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit. - GitHub - kleiton0x00/RedditC2: Abusing Reddit A...
397 views
Malware News
Exploiting CORS Misconfigurations
🗣jnazario


🎖@malwr
attack ships on fire
Exploiting CORS Misconfigurations
TL;DR If you can find an unrestricted CORS endpoint, that also responds to the HTTP override headers, then potentially you can use it to access endpoints that aren’t enabled for CORS, bypass CSRF protections, and also deliver an XST (which will give you access…
414 views
Malware News
System profiling that unwinds stack without frame pointers and symbols
🗣digicat


🎖@malwr
Elastic Blog
System profiling that unwinds stack without frame pointers and symbols
Learn how universal profiling and Elastic Observability enables you to unwind stacks without symbols or frame pointers for frictionless, low overhead system profiling.
376 views
Malware News
StealthHook - A method for hooking a function without modifying memory protection
🗣digicat


🎖@malwr
370 views
Malware News
Vulpes: Obfuscating Memory Regions with Timers
🗣digicat


🎖@malwr
353 views
Malware News
Studying “Next Generation Malware” - NightHawk’s Attempt At Obfuscate and Sleep
🗣digicat


🎖@malwr
Suspicious Actor
Studying “Next Generation Malware” - NightHawk’s Attempt At Obfuscate and Sleep
Over the last year and a half, I’ve often seen mentions of a self-proclaimed “next generation malware” of the name NightHawk. Ordinarily, I’d know most of those claims tend to be nothing more than hubris, and choose to ignore it, but, I get bored. As such…
377 views