5 of the top programming languages for cybersecurity
While far from all roles in security explicitly demand coding skills, it’s challenging to envision a career in this field that wouldn’t derive substantial advantages from at least a basic understanding of fundamental coding principles
https://www.welivesecurity.com/en/secure-coding/5-top-programming-languages-cybersecurity/
🎖@malwr
While far from all roles in security explicitly demand coding skills, it’s challenging to envision a career in this field that wouldn’t derive substantial advantages from at least a basic understanding of fundamental coding principles
https://www.welivesecurity.com/en/secure-coding/5-top-programming-languages-cybersecurity/
🎖@malwr
Welivesecurity
5 of the most popular programming languages in cybersecurity
While not all roles in security demand coding skills, it’s challenging to envision a career in this field that wouldn’t derive substantial advantages from at least a basic understanding of fundamental coding principles.
Newly Discovered APT Attacker AtlasCross Exploits Red Cross Blood Drive Phishing for Cyberattack
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
Warning: Newly Discovered APT Attacker AtlasCross Exploits Red Cross Blood Drive Phishing for Cyberattack - NSFOCUS, Inc., a global…
NSFOCUS Security Labs recently discovered a new APT attacker named AtlasCross, who uses two new Trojan programs and many rare attack techniques and tactics for attack activities.
Malware News pinned «Guys with premium telegram account, boost please: https://t.me/malwr?boost»
How to Improve Cybersecurity Awareness and Training
Bill Malik, former Research Director at Gartner, discusses how to leverage the Capability Maturity Model to create an effective awareness program.
https://www.trendmicro.com/en_us/ciso/23/i/improve-cybersecurity-awareness-training.html
🎖@malwr
Bill Malik, former Research Director at Gartner, discusses how to leverage the Capability Maturity Model to create an effective awareness program.
https://www.trendmicro.com/en_us/ciso/23/i/improve-cybersecurity-awareness-training.html
🎖@malwr
Trend Micro
How to Improve Cybersecurity Awareness and Training
Bill Malik, former Research Director at Gartner, discusses how to leverage the Capability Maturity Model to create an effective cybersecurity awareness and training program.
Malicious ad served inside Bing's AI chatbot
https://www.malwarebytes.com/blog/threat-intelligence/2023/09/malicious-ad-served-inside-bing-ai-chatbot
🎖@malwr
https://www.malwarebytes.com/blog/threat-intelligence/2023/09/malicious-ad-served-inside-bing-ai-chatbot
🎖@malwr
Malwarebytes
Malicious ad served inside Bing’s AI chatbot
In February 2023, Microsoft disclosed its new AI-assisted search engine, Bing Chat, powered by OpenAI’s GPT-4. Even though Google has been...
JonMon: a collection of open-source telemetry sensors designed to provide users with visibility into the operations and activity of their Windows systems. JonMon has a kernel-level driver component, which is designed to collect information related to system operations such as process creation etc.
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
GitHub
GitHub - jsecurity101/JonMon
Contribute to jsecurity101/JonMon development by creating an account on GitHub.
Hacking with Havoc C2 - Basic setup, installation, usage, and Windows Defender Bypass
Check out this video posted on Gemini Cyber Security Youtube channel, whereby the setup and installation step-by-step guide is demonstrated in the video. The video also showcases basic usage of the Havoc C2 tool, such as setting up a listener and generating payload for it.
As a bonus, it was also demonstrated how you can bypass the latest Windows Defender by utilising the shellcode format of the Havoc C2 payload (Demon agent) and executing the shellcode using AES encryption with a .DLL loader.
https://www.youtube.com/watch?v=DXJNWiZJGko
🗣cybermepls
🎖@malwr
Check out this video posted on Gemini Cyber Security Youtube channel, whereby the setup and installation step-by-step guide is demonstrated in the video. The video also showcases basic usage of the Havoc C2 tool, such as setting up a listener and generating payload for it.
As a bonus, it was also demonstrated how you can bypass the latest Windows Defender by utilising the shellcode format of the Havoc C2 payload (Demon agent) and executing the shellcode using AES encryption with a .DLL loader.
https://www.youtube.com/watch?v=DXJNWiZJGko
🗣cybermepls
🎖@malwr
YouTube
Havoc C2 Framework - Setup Demonstration with Windows Defender Bypass
Be better than yesterday -
This video provides a step-by-step guide on how to install the infamous Havoc C2 framework tool on a fresh Kali Virtual Machine with VMWare Workstation Player from scratch.
The video further provides a practical hands-on demonstration…
This video provides a step-by-step guide on how to install the infamous Havoc C2 framework tool on a fresh Kali Virtual Machine with VMWare Workstation Player from scratch.
The video further provides a practical hands-on demonstration…
APT34 Deploys Phishing Attack With New Malware
We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.
https://www.trendmicro.com/en_us/research/23/i/apt34-deploys-phishing-attack-with-new-malware.html
🎖@malwr
We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.
https://www.trendmicro.com/en_us/research/23/i/apt34-deploys-phishing-attack-with-new-malware.html
🎖@malwr
Trend Micro
APT34 Deploys Phishing Attack With New Malware
👍2
2023-09-28 - IcedID (Bokbot) infection with Keyhole VNC and Cobalt Strike
https://www.malware-traffic-analysis.net/2023/09/28/index.html
🎖@malwr
https://www.malware-traffic-analysis.net/2023/09/28/index.html
🎖@malwr
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company
While analyzing a Lazarus attack luring employees of an aerospace company, ESET researchers discovered a publicly undocumented backdoor
https://www.welivesecurity.com/en/eset-research/lazarus-luring-employees-trojanized-coding-challenges-case-spanish-aerospace-company/
🎖@malwr
While analyzing a Lazarus attack luring employees of an aerospace company, ESET researchers discovered a publicly undocumented backdoor
https://www.welivesecurity.com/en/eset-research/lazarus-luring-employees-trojanized-coding-challenges-case-spanish-aerospace-company/
🎖@malwr
Welivesecurity
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company
ESET researchers uncover a Lazarus attack against an aerospace company in Spain, where the group deployed several tools, including a publicly undocumented backdoor we named LightlessCan.
❤1
RetrievIR - PowerShell script to assist DFIR teams with the collection of live-system evidence
🗣panscanner
Hey everyone - posting a new tool I've been working on to help blue team operators capture evidence from live systems - most operations are described in the readme, most common use-case is likely running RetrievIR.ps1 from an administrative prompt like 'retrievir.ps1 -tags sans_triage' - this will capture most artifacts described in the KAPE SANS Triage package.
Please let me know if there are any questions/feedback! It is still a WIP but very much functional - I created this because I love KAPE but the enterprise license sometimes holds me back from using it in certain situations. I am also working on the ingestion of tkape configuration files.
👤panscanner
🎖@malwr
🗣panscanner
Hey everyone - posting a new tool I've been working on to help blue team operators capture evidence from live systems - most operations are described in the readme, most common use-case is likely running RetrievIR.ps1 from an administrative prompt like 'retrievir.ps1 -tags sans_triage' - this will capture most artifacts described in the KAPE SANS Triage package.
Please let me know if there are any questions/feedback! It is still a WIP but very much functional - I created this because I love KAPE but the enterprise license sometimes holds me back from using it in certain situations. I am also working on the ingestion of tkape configuration files.
👤panscanner
🎖@malwr
GitHub
GitHub - joeavanzato/RetrievIR: PowerShell script designed to help Incident Responders collect forensic evidence from local and…
PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices. - joeavanzato/RetrievIR
A Call To Action: Building the Cyber Workforce the Nation Needs | ONCD | The White House
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
The White House
A Call To Action: Building the Cyber Workforce the Nation Needs
By Kemba Walden, Acting National Cyber Director October is Cybersecurity Awareness Month and I’d like to reflect on our collective responsibility to defend our country, serve our communities, and protect our families. Digital technologies today touch nearly…