mdyOzQThJn0TyX+LVlwEp8xdC+KiZb4dvJoJ4/U2FznS4AI7FI7L3ezZKUSxSGxeHXp4wsFPqWWKuVqgoUBdVxjBQy5hVFOa2GWTarURNoSwsPD4diuDf/N8l+vVhSnd4zQpMRMx/P43H2TOoJBQrUjtkjbsy3MbUBY+/baaDn4sAbK32Cr6RrngAghisvVukLwuA6uqxEbjW6cZRTtXfjKUvlzpPPqwBo9EnwPs/Y8=
π€22π€£5π4π2π€‘2π1
yx6HByVP3gAxmF97cpf7uLTN9iaTyFe3sXjsLf+IbGYogJf4lHItWphTW98ZjRpnLmi9SUizL8jGWLlfUQhtP3ocBWOYQbfFzilxgAZzdg0usZvAb7WvlITSUsbn9E4Y4ffzh4sODejXmdsr8oIiDA==
π€15π€―9π₯°3π€‘3π2π2
We've updated the vx-underground Windows malware paper collection
- 2022-09-26 - Sacrificing Suspended Processes
- 2023-02-01 - Weird things I learned while writing an x86 emulator
- 2023-02-07 - Lets Make Some OneNote Phishing Attachments
https://www.vx-underground.org/windows.html
- 2022-09-26 - Sacrificing Suspended Processes
- 2023-02-01 - Weird things I learned while writing an x86 emulator
- 2023-02-07 - Lets Make Some OneNote Phishing Attachments
https://www.vx-underground.org/windows.html
π₯°11π6β€1π€©1π€‘1π1π1
Exciting to see search engines implement ChatGPT, or something similar, into their products. It will be exciting receiving disinformation, propaganda, or advertisements from the highest bidders
π₯°53π7π€‘6π«‘3π―2π€£1π1
The United States and United Kingdom have sanctioned Trickbot.
More information: https://home.treasury.gov/news/press-releases/jy1256
More information: https://home.treasury.gov/news/press-releases/jy1256
U.S. Department of the Treasury
United States and United Kingdom Sanction Members of Russia-Based Trickbot Cybercrime Gang
The United States and United Kingdom issue historic joint cyber sanctions WASHINGTON β Today, the United States, in coordination with the United Kingdom, is designating seven individuals who are part of the Russia-based cybercrime gang Trickbot. This actionβ¦
π€‘17π5π€£2β‘1π1π1
The absolute state of "hack tools". Hahahahaha. Image courtesy of malwrhunterteam
π€£57π10β€3π2π₯1π©1π1π1
Reddit was breached February 5th - the threat actors were able to exfiltrate internal documents and source code. Reddit confirmed the attack was conducted via a spear-phish.
Reddit is currently doing an AMA regarding the incident:
https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/
Reddit is currently doing an AMA regarding the incident:
https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/
Reddit
From the reddit community on Reddit
Explore this post and more from the reddit community
π18π9π¦5π2π€1π1
vx-underground
Reddit was breached February 5th - the threat actors were able to exfiltrate internal documents and source code. Reddit confirmed the attack was conducted via a spear-phish. Reddit is currently doing an AMA regarding the incident: https://www.reddit.com/β¦
We would like to advise companies, of any size or demographic, to not hold public "AMAs" following a breach. The questions and comments presented by users on Reddit are ... interesting... posing questions such as "Why didn't the employee use a password manager?"
π16π6β‘1π1π₯1π1
This media is not supported in your browser
VIEW IN TELEGRAM
Modern day cyber security explained featuring:
- Reddit
- Microsoft (Bing)
- Rockstar Games
- NVIDIA
- Okta
- Uber
- Ubisoft
- Samsung
- Riot Games
- Microsoft (Bing)
- Rockstar Games
- NVIDIA
- Okta
- Uber
- Ubisoft
- Samsung
- Riot Games
π€£105π24π5β€2π1π1
We've updated the vx-underground paper collection
- 2022-10-22 - WAM BAM - Recovering Web Tokens From Office
- 2023-02-09 - Transitioning from UM to KM - Extravagant Prick
- 2023-02-10 - Forensic Log-Based Detection of Keystroke Injection BadUSB Attacks
https://www.vx-underground.org/
- 2022-10-22 - WAM BAM - Recovering Web Tokens From Office
- 2023-02-09 - Transitioning from UM to KM - Extravagant Prick
- 2023-02-10 - Forensic Log-Based Detection of Keystroke Injection BadUSB Attacks
https://www.vx-underground.org/
π7π₯2π€‘1π1
February 8th Avast announced the discovery of a Threat Actor targeting users through DOTA2.
DOTA contained an outdated build of V8 which the Threat Actor exploited through malicious game mods. V8 was not sandboxed.
Incredible read here: https://decoded.avast.io/janvojtesek/dota-2-under-attack-how-a-v8-bug-was-exploited-in-the-game/
DOTA contained an outdated build of V8 which the Threat Actor exploited through malicious game mods. V8 was not sandboxed.
Incredible read here: https://decoded.avast.io/janvojtesek/dota-2-under-attack-how-a-v8-bug-was-exploited-in-the-game/
Gendigital
Dota 2 under attack: How a V8 bug was exploited in the game
Exploiting V8 in Popular Games
π€‘15π6π2π₯1π1
This media is not supported in your browser
VIEW IN TELEGRAM
The Windows OS needs to stop forcing updates on users before this man implodes like a dying sun
*Warning: extremely loud, swearing. Don't wanna blow your ear drums:)
*Warning: extremely loud, swearing. Don't wanna blow your ear drums:)
π27π15π€£9π€¬4π1
The government of Oakland, California, has been hit by ransomware.
Bravo for the full disclosure and not saying this is a "cyber incident".
https://twitter.com/Oakland/status/1624142546946633729
Bravo for the full disclosure and not saying this is a "cyber incident".
https://twitter.com/Oakland/status/1624142546946633729
Twitter
The City of Oakland has learned that it was recently subject to a ransomware attack. The Information Technology Department (ITD) is coordinating with law enforcement and actively investigating the scope and severity of the issue.
π11π₯7π2πΎ1π1
We've updated the vx-underground malware sample collection.
- Virusshare 0458, Virusshare0459
- 80,000+ unique samples
- All named using Kaspersky naming convention
Check it out here: https://samples.vx-underground.org/samples/Blocks/
- Virusshare 0458, Virusshare0459
- 80,000+ unique samples
- All named using Kaspersky naming convention
Check it out here: https://samples.vx-underground.org/samples/Blocks/
π7π©1π€‘1π1
Twitter administration have determined making access to the Twitter API exclusively an enterprise privilege to be ... not ideal.
They have implemented free and limited usage which will suffice for our RansomwareNews bot.
tl;dr RansomwareNews bot not going anywhere.
https://twitter.com/RansomwareNews
They have implemented free and limited usage which will suffice for our RansomwareNews bot.
tl;dr RansomwareNews bot not going anywhere.
https://twitter.com/RansomwareNews
β€20π4π2π©1π€‘1π₯±1π³1π1π1
We've updated the vx-underground Windows malware paper collection. The latest additions demostrate the following:
- Unhooking NTDLL from Disk
- Unhooking NTDLL from KnownDlls
- Unhooking NTDLL from Remote Server
- Unhooking NTDLL from Suspended Process
https://www.vx-underground.org/
- Unhooking NTDLL from Disk
- Unhooking NTDLL from KnownDlls
- Unhooking NTDLL from Remote Server
- Unhooking NTDLL from Suspended Process
https://www.vx-underground.org/
π8π€‘7π©4π₯3π2π1
Ransomware but instead of encrypting files and extorting your company, it makes you watch corporate compliance training videos on repeat
π€―44π14π₯6π±4π©3π2π2π
2