New AMSI lifetime bypass, it works by searching for the first byte of each instruction to prevent updates from affecting it, Check it out.
#amsi #redteam #cybersecurity
https://github.com/ZeroMemoryEx/Amsi-Killer
π£ZeroMemoryEx
π@malwr
#amsi #redteam #cybersecurity
https://github.com/ZeroMemoryEx/Amsi-Killer
π£ZeroMemoryEx
π@malwr
GitHub
GitHub - ZeroMemoryEx/Amsi-Killer: Lifetime AMSI bypass
Lifetime AMSI bypass. Contribute to ZeroMemoryEx/Amsi-Killer development by creating an account on GitHub.
Example of buffer overflow in Linux kernel (6.2.0-rc1) with exploit PoC by Davide Ornaghi
(CVE-2023-0179 affecting nftables)
https://seclists.org/oss-sec/2023/q1/20
#Linux #kernel #infosec #cybersecurity #cve
π£0xor0ne
π@malwr
(CVE-2023-0179 affecting nftables)
https://seclists.org/oss-sec/2023/q1/20
#Linux #kernel #infosec #cybersecurity #cve
π£0xor0ne
π@malwr
It's About Time - Timestamp Changes in Windows 11
Good morning,
This episode was originally scheduled for release last month, but the new Windows 11 program execution artifact was a bit more timely and took its place. This episode covers a lot of fundamental Windows timestamp knowledge, plus some important timestamp changes in recent versions of Windows.
Watch Here: https://www.youtube.com/watch?v=c7eUibpy\_XM
For a complete 13Cubed Episode Guide, check out 13cubed.com/episodes.
For even more in-depth content, check out the first official 13Cubed Training Course at **training.13cubed.com**.
π£13Cubed
Nice!
π€CandidTill6
π@malwr
Good morning,
This episode was originally scheduled for release last month, but the new Windows 11 program execution artifact was a bit more timely and took its place. This episode covers a lot of fundamental Windows timestamp knowledge, plus some important timestamp changes in recent versions of Windows.
Watch Here: https://www.youtube.com/watch?v=c7eUibpy\_XM
For a complete 13Cubed Episode Guide, check out 13cubed.com/episodes.
For even more in-depth content, check out the first official 13Cubed Training Course at **training.13cubed.com**.
π£13Cubed
Nice!
π€CandidTill6
π@malwr
π1
Evasion-Escaper: Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environment or sandbox, and to pass all such checks successfully.
π£digicat
An interesting blog from the link you shared. Thanks for posting!
π€LeftOnQuietRoad
π@malwr
π£digicat
An interesting blog from the link you shared. Thanks for posting!
π€LeftOnQuietRoad
π@malwr
GitHub
GitHub - vvelitkn/Evasion-Escaper: Evasion Escaper is a project aimed at evading the checks that malicious software performs toβ¦
Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environment or sandbox, and to pass all such checks successf...
Desde Chile con Malware (From Chile with Malware): This blog post provides a short update on our ongoing tracking of infrastructure associated with IcedID.
π£digicat
π@malwr
π£digicat
π@malwr
Team-Cymru
Team Cymru: From Chile with Malware - Tech Company Insights
Learn the truth about the "From Chile with Malware" campaign in this insightful blog post from Team Cymru. Discover the real origins of this threat and how it highlights the need for greater cybersecurity awareness.
π€1
Interesting writeup about reverse engineering embedded/IoT devices (MikroTik router) by @hgarrereyn and @__comedian
Blog post: https://margin.re/2022/06/pulling-mikrotik-into-the-limelight/
Slides (RECon): https://github.com/MarginResearch/resources/blob/83e402a86370f7c3acf8bb3ad982c1fee89c9b53/documents/Pulling_MikroTik_into_the_Limelight.pdf
#iot #embedded #mikrotik #routeros #reverseengineering #infosec #cybsersecurity
π£0xor0ne
π@malwr
Blog post: https://margin.re/2022/06/pulling-mikrotik-into-the-limelight/
Slides (RECon): https://github.com/MarginResearch/resources/blob/83e402a86370f7c3acf8bb3ad982c1fee89c9b53/documents/Pulling_MikroTik_into_the_Limelight.pdf
#iot #embedded #mikrotik #routeros #reverseengineering #infosec #cybsersecurity
π£0xor0ne
π@malwr
The VB Conference is a great place to share your research with the security community. Submit your proposals for papers by 5 April for a chance to be part of one of the longest running security conferences in the world. #'vb2023 https://www.virusbulletin.com/conference/vb2023/call-papers/
π£virusbtn
π@malwr
π£virusbtn
π@malwr
BlackBerry has posted a report on a new APT-C-36 (also known as Blind Eagle) campaign, where the threat actor impersonated a Colombian government tax agency to target key industries in Colombia. https://blogs.blackberry.com/en/2023/02/blind-eagle-apt-c-36-targets-colombia
π£virusbtn
π@malwr
π£virusbtn
π@malwr
Quick introduction for reverse engineering beginners to Cutter (Rizin GUI) by @Jacob_Pimental
https://www.goggleheadedhacker.com/post/intro-to-cutter
#cutter #reverseengineering #beginner #infosec
π£0xor0ne
π@malwr
https://www.goggleheadedhacker.com/post/intro-to-cutter
#cutter #reverseengineering #beginner #infosec
π£0xor0ne
π@malwr