Open-Source Remote Access Trojan Targets Armenian Airport and State Institutions - from Sept 22
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
CyberHUB-AM
Open-Source Remote Access Trojan Targets Armenian Airport and State Institutions - CyberHUB-AM
Threat-researchers at CyberHUB-AM, with the support from Internews’ Martijn Grooten, are tracking […]
Strengthening Your Defense Against IdP (Identity Provider)Attacks: Leveraging Google Workspace Admin Logs - pay to play in some cases
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
Medium
Strengthening Your Defense Against IdP (Identity Provider)Attacks: Leveraging Google Workspace…
In recent times, identity service provider (IdP) attacks have surged, impacting even major providers like Okta, Cloudflare, and Microsoft…
Critical Vulnerabilities in Progress Software WS_FTP Server - exploitable with a single HTTPS POST request and a pre-existing ysoserial.net gadget - exploitation observed
🗣digicat
https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 vendor advisory
👤digicat
https://x.com/MCKSysAr/status/1707855204647899194?s=20 < claimed exploit PoC
👤digicat
https://censys.com/cve-2023-40044/
👤digicat
🎖@malwr
🗣digicat
https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 vendor advisory
👤digicat
https://x.com/MCKSysAr/status/1707855204647899194?s=20 < claimed exploit PoC
👤digicat
https://censys.com/cve-2023-40044/
👤digicat
🎖@malwr
Rapid7
Critical Vulnerabilities in WS_FTP Server | Rapid7 Blog
Sub7 source code released - an old code but it checks out
🗣digicat
Fond memories 🥳
👤castleinthesky86
🎖@malwr
🗣digicat
Fond memories 🥳
👤castleinthesky86
🎖@malwr
GitLab
illwill / Sub7 · GitLab
Source code for SubSeven 2.1.3
😈2
Visual Studio Code: embedded reverse shell and how to block, create Sentinel Detection, and add Environment Prevention — well more like ideas and concepts
Little summary I did when I worked on securing my lab/home network.
https://medium.com/@truvis.thornton/visual-studio-code-embedded-reverse-shell-and-how-to-block-create-sentinel-detection-and-add-e864ebafaf6d
🗣thattechkitten
🎖@malwr
Little summary I did when I worked on securing my lab/home network.
https://medium.com/@truvis.thornton/visual-studio-code-embedded-reverse-shell-and-how-to-block-create-sentinel-detection-and-add-e864ebafaf6d
🗣thattechkitten
🎖@malwr
Medium
Visual Studio Code: embedded reverse shell and how to block, create Sentinel Detection, and add Environment Prevention — well more…
UPDATE: Looks like MS released GPO controls finally: https://learn.microsoft.com/en-us/azure/developer/dev-tunnels/policies
Malware News pinned «Guys with premium telegram account, boost please: https://t.me/malwr?boost»
What is the term used to describe the process of reverse-engineering malware to understand its inner workings?
Final Results
27%
Sandboxing
59%
Decompilation
11%
Obfuscation
3%
Code Injection
👍3
NetworkMiner 2.8.1 Released
I am happy to announce the release of NetworkMiner 2.8.1 today! This new release brings a VNC parser to NetworkMiner, so that screenshots, keystrokes and clipboard data can be extracted from unencrypted VNC traffic. NetworkMiner 2.8.1 additionally includes parsers for command-and-control (C2) protoc...
https://www.netresec.com/?page=Blog&month=2023-10&post=NetworkMiner-2-8-1-Released
🎖@malwr
I am happy to announce the release of NetworkMiner 2.8.1 today! This new release brings a VNC parser to NetworkMiner, so that screenshots, keystrokes and clipboard data can be extracted from unencrypted VNC traffic. NetworkMiner 2.8.1 additionally includes parsers for command-and-control (C2) protoc...
https://www.netresec.com/?page=Blog&month=2023-10&post=NetworkMiner-2-8-1-Released
🎖@malwr
Netresec
NetworkMiner 2.8.1 Released
I am happy to announce the release of NetworkMiner 2.8.1 today! This new release brings a VNC parser to NetworkMiner, so that screenshots, keystrokes and clipboard data can be extracted from unencrypted VNC traffic. NetworkMiner 2.8.1 additionally includes…
👍1
fit: FIT is a Python3 application for forensic acquisition of contents like web pages, emails, social media, etc. directly from the internet.
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
GitHub
GitHub - fit-project/fit: FIT is a modular suite of Python applications for digital forensic acquisition of online contents such…
FIT is a modular suite of Python applications for digital forensic acquisition of online contents such as web pages, emails, social media, and more. Each module can run independently or as part of ...
Infección en sitio web de e-commerce chileno - Infection on Chilean e-commerce website - after generating a connection to binance to be able to read a “smart contract”, you must execute whatever comes as a response through the “eval” method.
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
FINSIN
Infección en sitio web de e-commerce chileno
Por un proceso de simple suerte, visitando a un sitio de e-commerce chileno, me encontré con un popup extraño que me hizo recorrer una serie saltos y encontrar que el sitio había sido comprometido …