While 21-year-old Jack Teixeira did leak TS/NOFORN documents onto a Minecraft Discord, we at vx-underground believe him and his legal team will be able to invoke the 1999 HARD CHAT ACT.
It is well within his rights to leak government documents to win internet nerd fights.
It is well within his rights to leak government documents to win internet nerd fights.
π€£80π8β€6π€―4π€ͺ3π«‘2π₯°1
Tomorrow is the last day to submit content for the vx-underground & SentinelOne malware research challenge.
First place wins a brand new Mac Book =D
Link for entry if you'd like to make a last minute submissions: s1.ai/vx-s1/
First place wins a brand new Mac Book =D
Link for entry if you'd like to make a last minute submissions: s1.ai/vx-s1/
β€22π3π₯1
We've updated the vx-underground Windows malware paper collection
- No Loitering - Exploiting Lingering Vulnerabilities in Default COM Objects
- Early Bird Injection - APC Abuse
- COM Hijacking for Persistence
Check it out here: https://www.vx-underground.org/windows.html
- No Loitering - Exploiting Lingering Vulnerabilities in Default COM Objects
- Early Bird Injection - APC Abuse
- COM Hijacking for Persistence
Check it out here: https://www.vx-underground.org/windows.html
β€15π6
We've had people contact us who have read nearly every single paper in the vx-underground corpus - thousands upon thousands of malware papers.
vx-underground is a malware monastery and we are producing next-generation malware monks.
vx-underground is a malware monastery and we are producing next-generation malware monks.
β€56π4π2π±2β€βπ₯1
There has been some updates to the Pompompurin court case.
The United States Magistrate Judge John F. Anderson has authorized the usage of mass victim notification via a case-specific web page on the Eastern District of Virginia website.
tl;dr getting his own webpageπ
The United States Magistrate Judge John F. Anderson has authorized the usage of mass victim notification via a case-specific web page on the Eastern District of Virginia website.
tl;dr getting his own webpageπ
π₯°26β€7π’4π2π€2π₯1
This media is not supported in your browser
VIEW IN TELEGRAM
POV: you're talking to someone obsessed with privacy and online anonymity
π€£69β€7π―4π₯°2π1
Lockbit ransomware group has created their first MacOS-based payload. We believe this is the first time a large ransomware threat group has developed a payload for Apple products.
We have samples.
Intel via malwrhunterteam & BrettCallow
Download: https://samples.vx-underground.org/samples/Families/LockBitRansomware/Samples/
We have samples.
Intel via malwrhunterteam & BrettCallow
Download: https://samples.vx-underground.org/samples/Families/LockBitRansomware/Samples/
π23β€9π«‘5π’4π₯2π€ͺ2β€βπ₯1π1
Based on the tsunami of information we received:
1. The Lockbit MacOS ransomware is real. Lockbit has confirmed this.
2. People speculate it is incomplete. The MacOS payload is riddled with bugs - including a good ol' buffer overflow.
3. It is Sunday. We'll see you nerds later
1. The Lockbit MacOS ransomware is real. Lockbit has confirmed this.
2. People speculate it is incomplete. The MacOS payload is riddled with bugs - including a good ol' buffer overflow.
3. It is Sunday. We'll see you nerds later
π45π«‘15β€4π₯3
Today Microsoft announced they're changing the way they name and label threat groups. The new naming convention now aligns with "the theme of weather"
The new names are absolutely ridiculous and we are having a difficult time taking it seriously
See attached images for examples
The new names are absolutely ridiculous and we are having a difficult time taking it seriously
See attached images for examples
π€£88π7π€7
We've updated the vx-underground malware collection.
- Virusshare.00466
- Updates to the Redline family
- Updates to the Magniber family
- Updates to the xLoader family
- New family added: Mmon
Check it out here: https://www.vx-underground.org/malware.html
- Virusshare.00466
- Updates to the Redline family
- Updates to the Magniber family
- Updates to the xLoader family
- New family added: Mmon
Check it out here: https://www.vx-underground.org/malware.html
β€21π1
The 3CX supply chain attack was the result of previously undiscovered X-Trader supply chain attack
The 3CX CEO wasn't lying about an upstream vendor being the result of the compromise.
tl;dr supply chain attack to supply chain attack
More information: https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise
The 3CX CEO wasn't lying about an upstream vendor being the result of the compromise.
tl;dr supply chain attack to supply chain attack
More information: https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise
Google Cloud Blog
3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsibleβ¦
π±12π7β€2π2π―1
February 21st, 2023, ALPHV ransomware group informed their affiliates of a new 'product' update.
Their new ransomware variant is named Sphynx.
Their new ransomware variant is named Sphynx.
π14π«‘7π₯2β€1
We've updated the vx-underground malware sample collection. We have added new samples for the following families:
- Nanocore
- AsyncRAT
- NetwireRAT
- AgentTesla
- LokiBot
- Formbook
- CobaltStrike
- NjRat
- Chaos Ransomware
Check it out here: https://samples.vx-underground.org/samples/Families/
- Nanocore
- AsyncRAT
- NetwireRAT
- AgentTesla
- LokiBot
- Formbook
- CobaltStrike
- NjRat
- Chaos Ransomware
Check it out here: https://samples.vx-underground.org/samples/Families/
β€14π₯7π2