Nevada Ransomware sample just surfaced on @virustotal #Rust
Sample
https://www.virustotal.com/gui/file/855f411bd0667b650c4f2fd3c9fbb4fa9209cf40b0d655fa9304dcdd956e0808/detection
https://bazaar.abuse.ch/sample/855f411bd0667b650c4f2fd3c9fbb4fa9209cf40b0d655fa9304dcdd956e0808/
Report by @RESecurity
https://www.resecurity.com/blog/article/nevada-ransomware-waiting-for-the-next-dark-web-jackpot
๐ฃcyb3rops
๐@malwr
Sample
https://www.virustotal.com/gui/file/855f411bd0667b650c4f2fd3c9fbb4fa9209cf40b0d655fa9304dcdd956e0808/detection
https://bazaar.abuse.ch/sample/855f411bd0667b650c4f2fd3c9fbb4fa9209cf40b0d655fa9304dcdd956e0808/
Report by @RESecurity
https://www.resecurity.com/blog/article/nevada-ransomware-waiting-for-the-next-dark-web-jackpot
๐ฃcyb3rops
๐@malwr
We decide to release something basic & quite simple:
A small tale on Anti-RE: Part 1
https://rixed-labs.medium.com/a-small-tale-on-anti-re-part-1-17a2cf199cf1
Have a good day ahead ๐
๐ฃRixedLabs
๐@malwr
A small tale on Anti-RE: Part 1
https://rixed-labs.medium.com/a-small-tale-on-anti-re-part-1-17a2cf199cf1
Have a good day ahead ๐
๐ฃRixedLabs
๐@malwr
Medium
A small tale on Anti-RE : Part 1
Hey readers, hope everyone is doing pretty decent. After writing the very first blog for this series of exploring anti-reverse engineeringโฆ
๐1
2023 Global Threat Report from CrowdStrike #APT #cybercrime
pdf:
https://github.com/blackorbird/APT_REPORT/blob/master/summary/2023/CrowdStrike2023GlobalThreatReport.pdf
๐ฃblackorbird
๐@malwr
pdf:
https://github.com/blackorbird/APT_REPORT/blob/master/summary/2023/CrowdStrike2023GlobalThreatReport.pdf
๐ฃblackorbird
๐@malwr
cisagov/decider: A web application that assists network defenders, analysts, and researcher in the process of mapping adversary behaviors to the MITRE ATT&CKยฎ framework.
๐ฃjnazario
I guess I'm trying to understand the place of this tool. Is this the idea if you don't have an existing TIP feeding you intelligence to source and map things on your own?
๐คasecuredlife
Can someone point me to the benefits of mapping adversary behaviours in the scope of an incident ? I always feel like I do this for higher management, rarely for myself in the scope of forensics/incident analysis. What do I miss?
๐คbromomotatata
๐@malwr
๐ฃjnazario
I guess I'm trying to understand the place of this tool. Is this the idea if you don't have an existing TIP feeding you intelligence to source and map things on your own?
๐คasecuredlife
Can someone point me to the benefits of mapping adversary behaviours in the scope of an incident ? I always feel like I do this for higher management, rarely for myself in the scope of forensics/incident analysis. What do I miss?
๐คbromomotatata
๐@malwr
GitHub
GitHub - cisagov/decider: A web application that assists network defenders, analysts, and researchers in the process of mappingโฆ
A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CKยฎ framework. - cisagov/decider
Updated FREE Complete Reverse Engineering Tutorial to include C, C++ and Go
๐ฃMaterial_Opinion_321
๐@malwr
๐ฃMaterial_Opinion_321
๐@malwr
GitHub
GitHub - mytechnotalent/Reverse-Engineering: A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bitโฆ
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures. - mytechnotalent/Reverse-Engineering
Malware Families CheatSheet https://marcoramilli.com/2023/03/02/malware-families-cheatsheet/ por @Marco_Ramilli #malwarefamilies
๐ฃSeifreed
๐@malwr
๐ฃSeifreed
๐@malwr
Marco Ramilli Web Corner
Malware Families CheatSheet
During talks and presentations people often ask me how do I remember so many names, different โartifactsโ (a.k.a Malware) and groups. I actually ended up with a โhemmm โฆ welโฆ
๐ฅ1
Trend Micro researchers analyse a recent malspam campaign distributing the RedLine stealer and targeting the hospitality industry. https://www.trendmicro.com/en_us/research/23/c/managed-xdr-exposes-spear-phishing-campaign-targeting-hospitalit.html
๐ฃvirusbtn
๐@malwr
๐ฃvirusbtn
๐@malwr
Malware development: Persistence:
Part 1: Registry run keys. C++ example: https://cocomelonc.github.io/tutorial/2022/04/20/malware-pers-1.html
2: https://cocomelonc.github.io/tutorial/2022/04/26/malware-pers-2.html
3: https://cocomelonc.github.io/tutorial/2022/05/02/malware-pers-3.html
4: https://cocomelonc.github.io/tutorial/2022/05/09/malware-pers-4.html
5: https://cocomelonc.github.io/tutorial/2022/05/16/malware-pers-5.html
6: https://cocomelonc.github.io/tutorial/2022/05/29/malware-pers-6.html
7 https://cocomelonc.github.io/tutorial/2022/06/12/malware-pers-7.html cr @cocomelonckz
๐ฃbinitamshah
๐@malwr
Part 1: Registry run keys. C++ example: https://cocomelonc.github.io/tutorial/2022/04/20/malware-pers-1.html
2: https://cocomelonc.github.io/tutorial/2022/04/26/malware-pers-2.html
3: https://cocomelonc.github.io/tutorial/2022/05/02/malware-pers-3.html
4: https://cocomelonc.github.io/tutorial/2022/05/09/malware-pers-4.html
5: https://cocomelonc.github.io/tutorial/2022/05/16/malware-pers-5.html
6: https://cocomelonc.github.io/tutorial/2022/05/29/malware-pers-6.html
7 https://cocomelonc.github.io/tutorial/2022/06/12/malware-pers-7.html cr @cocomelonckz
๐ฃbinitamshah
๐@malwr
cocomelonc
Malware development: persistence - part 1. Registry run keys. C++ example.
๏ทฝ
ESET researchers analysed a recent Mustang Panda backdoor which is part of an ongoing campaign. MQsTTang (Kumquat) uses the MQTT protocol for C&C communication, one of the benefits of which is that it hides the rest of the infrastructure behind a broker. https://www.welivesecurity.com/2023/03/02/mqsttang-mustang-panda-latest-backdoor-treads-new-ground-qt-mqtt/
๐ฃvirusbtn
๐@malwr
๐ฃvirusbtn
๐@malwr
๐2
"Incident Response in Azure "
#pentest #redteam #infosec
https://invictus-ir.medium.com/incident-response-in-azure-c3830e7783af
๐ฃCyberWarship
๐@malwr
#pentest #redteam #infosec
https://invictus-ir.medium.com/incident-response-in-azure-c3830e7783af
๐ฃCyberWarship
๐@malwr
How to break the onlyfans paywall, is it posible
?
๐ฃchamodhb7
The amount of effort required would probably not be worth it. Just pay the fee or go to pornhub for free bro
๐คPackathonjohn
Horny fuck
๐คTheGOATofMinecraft99
Anything is possible if you try hard enough.
๐คDoc-Brown1911
#Fun
๐@malwr
?
๐ฃchamodhb7
The amount of effort required would probably not be worth it. Just pay the fee or go to pornhub for free bro
๐คPackathonjohn
Horny fuck
๐คTheGOATofMinecraft99
Anything is possible if you try hard enough.
๐คDoc-Brown1911
#Fun
๐@malwr
Reddit
How to break the onlyfans paywall, is it posible : r/Hacking_Tutorials
231K subscribers in the Hacking_Tutorials community. Hacking Tutorials is a sub where Redditors can post various resources that discuss and teach theโฆ
๐1
refinery: High Octane Triage Analysis - The Binary Refineryโข is a collection of Python scripts that implement transformations of binary data such as compression and encryption
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
GitHub
GitHub - binref/refinery: High Octane Triage Analysis
High Octane Triage Analysis. Contribute to binref/refinery development by creating an account on GitHub.