Analysis of BlackLotus UEFI bootkit - Bypasses UEFI Secure Boot even on fully updated Windows 11 systems (It brings legit yet vulnerable binaries to the victim system to exploit CVE-2022-21894 & bypass UEFI Secure Boot) : https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/ credits @smolar_m
🗣binitamshah


🎖@malwr

Trend Micro's Daniel Lunghi (@thehellu) details the update that Iron Tiger made to the custom malware family SysUpdate in its latest campaign. The custom malware now includes new features and has added malware infection support for the Linux platform. https://www.trendmicro.com/en_us/research/23/c/iron-tiger-sysupdate-adds-linux-targeting.html
🗣virusbtn


🎖@malwr

We decide to release something basic & quite simple:

A small tale on Anti-RE: Part 1

https://rixed-labs.medium.com/a-small-tale-on-anti-re-part-1-17a2cf199cf1

Have a good day ahead 🎉
🗣RixedLabs


🎖@malwr

cisagov/decider: A web application that assists network defenders, analysts, and researcher in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.
🗣jnazario

I guess I'm trying to understand the place of this tool. Is this the idea if you don't have an existing TIP feeding you intelligence to source and map things on your own?
👤asecuredlife

Can someone point me to the benefits of mapping adversary behaviours in the scope of an incident ? I always feel like I do this for higher management, rarely for myself in the scope of forensics/incident analysis. What do I miss?
👤bromomotatata


🎖@malwr

Malware Families CheatSheet https://marcoramilli.com/2023/03/02/malware-families-cheatsheet/ por @Marco_Ramilli #malwarefamilies
🗣Seifreed


🎖@malwr

Trend Micro researchers analyse a recent malspam campaign distributing the RedLine stealer and targeting the hospitality industry. https://www.trendmicro.com/en_us/research/23/c/managed-xdr-exposes-spear-phishing-campaign-targeting-hospitalit.html
🗣virusbtn


🎖@malwr

Malware development: Persistence:

Part 1: Registry run keys. C++ example: https://cocomelonc.github.io/tutorial/2022/04/20/malware-pers-1.html
2: https://cocomelonc.github.io/tutorial/2022/04/26/malware-pers-2.html
3: https://cocomelonc.github.io/tutorial/2022/05/02/malware-pers-3.html
4: https://cocomelonc.github.io/tutorial/2022/05/09/malware-pers-4.html
5: https://cocomelonc.github.io/tutorial/2022/05/16/malware-pers-5.html
6: https://cocomelonc.github.io/tutorial/2022/05/29/malware-pers-6.html
7 https://cocomelonc.github.io/tutorial/2022/06/12/malware-pers-7.html cr @cocomelonckz
🗣binitamshah


🎖@malwr

ESET researchers analysed a recent Mustang Panda backdoor which is part of an ongoing campaign. MQsTTang (Kumquat) uses the MQTT protocol for C&C communication, one of the benefits of which is that it hides the rest of the infrastructure behind a broker. https://www.welivesecurity.com/2023/03/02/mqsttang-mustang-panda-latest-backdoor-treads-new-ground-qt-mqtt/
🗣virusbtn


🎖@malwr

How to break the onlyfans paywall, is it posible
?
🗣chamodhb7

The amount of effort required would probably not be worth it. Just pay the fee or go to pornhub for free bro
👤Packathonjohn

Horny fuck
👤TheGOATofMinecraft99

Anything is possible if you try hard enough.
👤Doc-Brown1911

#Fun

🎖@malwr