APC by Schnieder Easy UPS Online Monitoring Software vulnerabilities - Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior authentication on the Java RMI interface
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
🔥1
Frida 16.0.19 is out! 🎊 We're excited to share that @bezjaje and @hsorbo solved two high-impact reliability issues 🔥
https://frida.re/news/2023/04/27/frida-16-0-19-released/
🗣fridadotre
🎖@malwr
https://frida.re/news/2023/04/27/frida-16-0-19-released/
🗣fridadotre
🎖@malwr
Frida • A world-class dynamic instrumentation toolkit
Frida 16.0.19 Released
Observe and reprogram running programs on Windows, macOS, GNU/Linux, iOS, watchOS, tvOS, Android, FreeBSD, and QNX
Check Point researchers discuss various infection chains and lures used by APT37 in their recent attacks & the resulting payloads of ROKRAT and Amadey. The lures used are largely focused on South Korean foreign and domestic affairs. https://research.checkpoint.com/2023/chain-reaction-rokrats-missing-link/
🗣virusbtn
🎖@malwr
🗣virusbtn
🎖@malwr
❤1🔥1
Debugging with IDA: Understanding how user mode API hooks work and how to detect them in IDA.
https://youtu.be/spsRgAKv6SE
🗣allthingsida
🎖@malwr
https://youtu.be/spsRgAKv6SE
🗣allthingsida
🎖@malwr
YouTube
Debugging with IDA: Understanding and detecting API hooks
In this episode, we will do a brief introduction into API hooks (how they work), then we will show how to use IDA to detect the hooks in a live process or a crash dump file.
SentinelOne's Phil Stokes (@philofishal) takes a close look at how macOS Atomic Stealer works and describes a previously unreported second variant. https://www.sentinelone.com/blog/atomic-stealer-threat-actor-spawns-second-variant-of-macos-malware-sold-on-telegram/
🗣virusbtn
🎖@malwr
🗣virusbtn
🎖@malwr
My colleague Elias Bachaalany (@0xeb) has kept an excellent channel about IDA Pro (@allthingsida) with videos about its advanced features. No doubts, it's worth subscribing and following it.
https://www.youtube.com/@allthingsida
#idapro #reverseengineering
🗣ale_sp_brazil
🎖@malwr
https://www.youtube.com/@allthingsida
#idapro #reverseengineering
🗣ale_sp_brazil
🎖@malwr
Binary Ninja 3.4 released. They are getting scary good at C++ decompilation. Can't wait for @vector35 to get scary-good at Go, Rust, and other compiled languages https://binary.ninja/2023/05/03/3.4-finally-freed.html
🗣OpenMalware
🎖@malwr
🗣OpenMalware
🎖@malwr
Binary Ninja
Binary Ninja - 3.4: Finally Freed
Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.
Zero Trust Architecture (NIST Special Publication 800-207)
Download Link in PDF:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
🗣CyberSecOb
🎖@malwr
Download Link in PDF:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
🗣CyberSecOb
🎖@malwr
Security Researcher @BushidoToken shares an overview of the Raspberry Robin (DEV-0856/Storm-0856) USB malware campaign providing access to ransomware operators. https://blog.bushidotoken.net/2023/05/raspberry-robin-global-usb-malware.html
🗣virusbtn
🎖@malwr
🗣virusbtn
🎖@malwr
Added EA information dumping tool.
https://github.com/daem0nc0re/TangledWinExec/commit/9beabf2ea1bb465aa65421f97e76028d103cddb1
🗣daem0nc0re
🎖@malwr
https://github.com/daem0nc0re/TangledWinExec/commit/9beabf2ea1bb465aa65421f97e76028d103cddb1
🗣daem0nc0re
🎖@malwr
dracon: Security scanning orchestration and results enrichment framework - The purpose of this project is to provide a scalable and flexible framework to execute arbitrary security scanning tools on code and infrastructure while processing the results in a versatile way.
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
GitHub
GitHub - ocurity/dracon: Security scanning & static analysis tool - forked and rewritten from @thought-machine/dracon
Security scanning & static analysis tool - forked and rewritten from @thought-machine/dracon - ocurity/dracon
Clean Rooms, Nuclear Missiles, and SideCopy, Oh My! - file is named “DRDO-K4-Missile-Clean-room.zip”.
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
Fortinet Blog
Clean Rooms, Nuclear Missiles, and SideCopy, Oh My! | FortiGuard Labs
The FortiGuard Labs team highlights threat actors conducting a targeted campaign that takes the time to create a lure relevant enough for the target to pursue.…
攻撃キャンペーンDangerousPasswordに関連する攻撃動向 - Attack trends related to the attack campaign DangerousPassword - continues to carry out attacks against cryptocurrency exchange operators in Japan. This attack group may contact the target from LinkedIn, so be careful when using SNS.
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
JPCERT/CC Eyes
攻撃キャンペーンDangerousPasswordに関連する攻撃動向 - JPCERT/CC Eyes
JPCERT/CCは、2019年6月から継続して攻撃キャンペーンDangerou...