Malware News
@malwr
12.8K subscribers
1.63K photos
7 videos
130 files
7.78K links
The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ...

Partner channel: @cveNotify

For ads: https://telega.io/c/malwr
Download Telegram
About
Blog
Apps
Platform
Join
Malware News
12.8K subscribers
Malware News
To dump executable code bytes from PE file, I wrote a small helper tool.
I intend to use this tool for shellcode development, etc.

https://github.com/daem0nc0re/TangledWinExec/tree/main/Misc#peripper
🗣daem0nc0re


🎖@malwr
478 views
Malware News
TrueBot Analysis Part I - A short glimpse into packed TrueBot samples : https://malware.love/malware_analysis/reverse_engineering/2023/02/12/analyzing-truebot-packer.html

Part 2 : Static Unpacker : https://malware.love/malware_analysis/reverse_engineering/2023/02/18/analyzing-truebot-static-unpacking.html credits @lazy_daemon
🗣binitamshah


🎖@malwr
First world cyber problems
TrueBot Analysis Part I - A short glimpse into packed TrueBot samples
424 views
Malware News
Detailed Analysis of Nevada Ranswomware : https://www.resecurity.com/blog/article/nevada-ransomware-waiting-for-the-next-dark-web-jackpot
🗣binitamshah


🎖@malwr
374 views
Malware News
Chatting Our Way Into Creating a Polymorphic Malware : https://www.cyberark.com/resources/threat-research-blog/chatting-our-way-into-creating-a-polymorphic-malware
🗣binitamshah


🎖@malwr
363 views
Malware News
Expose Backdoors on the Way : A Feature-Based Efficient Defense against Textual Backdoor Attacks : https://aclanthology.org/2022.findings-emnlp.47.pdf (pdf)
🗣binitamshah


🎖@malwr
364 views
Malware News
TA569: SocGholish and Beyond
🗣digicat


🎖@malwr
Proofpoint
TA569 Threat Actor Overview: SocGholish & Beyond | Proofpoint US
Learn about the TA569 threat actor; known for its deployment of website injections leading to a JavaScript payload known as SocGholish.
351 views
Malware News
How Offensive Action is Countering Ransomware
🗣digicat


🎖@malwr
Intel471
How Offensive Action is Countering Ransomware
A recent law enforcement action against a top ransomware gang shows offense can be a powerful tool to rattle ransomware groups and provide real-time help to victims.
344 views
Malware News
A NATO Minnow Reels From Cyberattacks Linked to Iran - Albania the victim
🗣digicat


🎖@malwr
archive.ph
A NATO Minnow Reels From Cyberattacks Linked to Iran - The New York T…
archived 25 Feb 2023 16:22:10 UTC
341 views
Malware News
MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
🗣digicat


🎖@malwr
GitHub
GitHub - Octoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk - Octoberfest7/MemFiles
399 views
Malware News
PowerShell script to exploit ESC1/retrieve your own NTLM password hash.
🗣digicat


🎖@malwr
Gist
PowerShell script to exploit ESC1/retrieve your own NTLM password hash.
PowerShell script to exploit ESC1/retrieve your own NTLM password hash. - esc1.ps1
423 views
Malware News
Short Guide to Loading Legacy U-Boot Images in Ghidra (How to Determine CONFIG_SYS_BASE_ADDR)
🗣lightgrains


🎖@malwr
411 views
Malware News
New AMSI lifetime bypass, it works by searching for the first byte of each instruction to prevent updates from affecting it, Check it out.
#amsi #redteam #cybersecurity
https://github.com/ZeroMemoryEx/Amsi-Killer
🗣ZeroMemoryEx


🎖@malwr
GitHub
GitHub - ZeroMemoryEx/Amsi-Killer: Lifetime AMSI bypass
Lifetime AMSI bypass. Contribute to ZeroMemoryEx/Amsi-Killer development by creating an account on GitHub.
407 views
Malware News
Example of buffer overflow in Linux kernel (6.2.0-rc1) with exploit PoC by Davide Ornaghi
(CVE-2023-0179 affecting nftables)

https://seclists.org/oss-sec/2023/q1/20

#Linux #kernel #infosec #cybersecurity #cve
🗣0xor0ne


🎖@malwr
386 views