We’ve just published another great Plugin Focus article! Can Bölük ( @_can1357 ) introduces his NtRays plugin for automated simplification of Windows Kernel decompilation. Read more 🌐 https://hex-rays.com/blog/plugin-focus-ntrays/?utm_source=Social-Media-Post&utm_medium=Twitter&utm_campaign=Plugin-Focus-ntrays
#IDAPro #IDAPython #IDAPlugin #NtRays
🗣HexRaysSA
🎖@malwr
#IDAPro #IDAPython #IDAPlugin #NtRays
🗣HexRaysSA
🎖@malwr
Medusa Ransomware technical analysis report
MedusaLocker ransomware has been active since September 2019. MedusaLocker actors typically access victims’ networks by exploiting vulnerabilities in Remote Desktop Protocol (RDP).
https://link.medium.com/G8YxzhstHzb
ℹ️ Sent from one of our channel members
🎖@malwr
MedusaLocker ransomware has been active since September 2019. MedusaLocker actors typically access victims’ networks by exploiting vulnerabilities in Remote Desktop Protocol (RDP).
https://link.medium.com/G8YxzhstHzb
ℹ️ Sent from one of our channel members
🎖@malwr
Medium
Medusa Ransomware technical analysis report
Hello cybermen, I’m about to present a repo about the Medusa locker
👍3
Check out my writeup on #Vidar #Stealer https://www.esentire.com/blog/esentire-threat-intelligence-malware-analysis-vidar-stealer 😊
@esthreat
🗣AnFam17
🎖@malwr
@esthreat
🗣AnFam17
🎖@malwr
eSentire
eSentire Threat Intelligence Malware Analysis: Vidar Stealer
Dive deeper into the technical details gathered during eSentire’s Threat Response Unit (TRU) team’s research and threat analysis of the Vidar Stealer…
Sophos researchers look into a recently observed ransomware family dubbed Akira and describe how it was deployed by different actors in two incidents they assisted with. https://news.sophos.com/en-us/2023/05/09/akira-ransomware-is-bringin-88-back/
🗣virusbtn
🎖@malwr
🗣virusbtn
🎖@malwr
Deep & Dark web User Profiling @Mont4na - Mont4na users are professional Access Brokers that sell website vulnerabilities and leaked information from various countries including Korea, and mainly sell database access information and web shell privileges
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
Medium
Deep & Dark web User Profiling @Mont4na
Author: HOTSAUCE (위협탐지팀) | S2W TALON
Did you know you can tell IDA to load additional types for Windows API? See how to do that 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-140-loading-pdb-types/?utm_source=Social-Media-Post&utm_medium=Twitter&utm_campaign=Igor-Tip-140
#IgorsTipOfTheWeek #IDAtips #IDAProTutorials
🗣HexRaysSA
🎖@malwr
#IgorsTipOfTheWeek #IDAtips #IDAProTutorials
🗣HexRaysSA
🎖@malwr
Check Point has published its April 2023 Global Threat Index report: AgentTesla was the most prevalent malware last month, with an impact of 10% worldwide organizations, followed by Qbot with a global impact of 7%, and Formbook with a global impact of 6%. https://blog.checkpoint.com/security/april-2023s-most-wanted-malware-qbot-launches-substantial-malspam-campaign-and-mirai-makes-its-return/
🗣virusbtn
🎖@malwr
🗣virusbtn
🎖@malwr
JPCERT/CC has observed attacks on cryptocurrency exchanges believed to be related to the DangerousPassword attack campaign (aka CryptoMimic or SnatchCrypto). They describe the new attack technique used recently by DangerousPassword. https://blogs.jpcert.or.jp/en/2023/05/dangerouspassword.html
🗣virusbtn
🎖@malwr
🗣virusbtn
🎖@malwr
🚀 Just released an updated Windows API function cheatsheet! 📚💻 Level up your skills in #ReverseEngineering #MalwareAnalysis and more with this comprehensive resource. #WindowsAPI #CheatSheet
🔗 Check it out: https://github.com/snowcra5h/windows-api-function-cheatsheets
🗣snowcra5h
🎖@malwr
🔗 Check it out: https://github.com/snowcra5h/windows-api-function-cheatsheets
🗣snowcra5h
🎖@malwr
GitHub
GitHub - 7etsuo/windows-api-function-cheatsheets: A reference of Windows API function calls, including functions for file operations…
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization,...
👍2
Guide to Enterprise Patch Management Planning
Source: NIST
Download Link:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-40r4.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
🗣JMonteagudoE
🎖@malwr
Source: NIST
Download Link:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-40r4.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
🗣JMonteagudoE
🎖@malwr
Selena Larson (@selenalarson), Joe Wise (@joewise34) & the Proofpoint Threat Research Team examine major landscape shifts and common tactics, techniques & procedures (TTPs) adopted by a variety of threat actors over the last year. https://www.proofpoint.com/us/blog/threat-insight/crime-finds-way-evolution-and-experimentation-cybercrime-ecosystem
🗣virusbtn
🎖@malwr
🗣virusbtn
🎖@malwr
Excited to have several of our engineers @offensive_con this week! Among them will be @yarden_shafir, who gives us an intro to Windows Notification Facility's (WNF) Code Integrity features in our latest blog post.
https://blog.trailofbits.com/2023/05/16/introducing-windows-notification-facilitys-wnf-code-integrity/
🗣trailofbits
🎖@malwr
https://blog.trailofbits.com/2023/05/16/introducing-windows-notification-facilitys-wnf-code-integrity/
🗣trailofbits
🎖@malwr
Latest Certified Ethical Hacker (CEHv12)
Free resources drive, featuring video lectures, PDF
notes, and practical labs - all at your fingertips!
https://mega.nz/folder/xacxzDxI#wPLPpfdk8m8lCmM-X0BbvQ
🗣khalilApriday
🎖@malwr
Free resources drive, featuring video lectures, PDF
notes, and practical labs - all at your fingertips!
https://mega.nz/folder/xacxzDxI#wPLPpfdk8m8lCmM-X0BbvQ
🗣khalilApriday
🎖@malwr
mega.nz
File folder on MEGA