We're extremely busy. We have papers and samples in queue. They will be addressed when we can get to them. In the meantime we will continue flooding Telegram with memes, or something, whatever.

Have a nice day.

We are giving away 1 free ticket BlackHat USA 2023.

Please see our Twitter post for details

https://twitter.com/vxunderground/status/1666525598053814285

Daixin ransomware group compromised the Columbus Regional Healthcare System (a non-profit), deleted backups, exfiltrated data, ransomed the facility, and began disclosing sexual harassment complaints.

Information via @BrettCallow via DissentDoe

It appears Russian IP addresses can now exist beyond the 32bit address space of IPv4 addresses.

Incredible technology. Wow.

For those that don't understand: it is someone trying to phish us. The people trying to phish do not understand that IPv4 addresses cannot exceed 255*

Today ALPHV ransomware group listed Coca Cola FEMSA on their victim page.

Coca Cola FEMSA is the largest franchise bottler of Coca Cola located in Mexico City, Mexico.

It is NOT the Coca Cola company headquartered in Atlanta, Georgia.

Some dork on Reddit found this outside in Washington D.C.

Someone has got to teach the people of tomorrow to stop littering!

Ted Kaczynski, the American terrorist nicknamed "The Unabomber" died today.

Hello,

We are behind on ALL of our scheduled projects. Apologies for the frequent delays.

vx-underground is not our full time jobs and personal matters must take priority over internet nerd stuff.

Work will accelerate in July.

Bunchs of love, xoxo ♥️♥️

A visual demonstration explaining the current threat landscape

How to properly stretch your computer before coding:

Reddit nerds and moderators are protesting the API price increase. Thousands of subreddits have been switched to private from subreddit moderators.

Reddit executives seemed to have forgotten their revenue stream is from users. If they have no users, they have no income.

Monoxide x64 wiper virus footage.

Footage recorded on a VM via LaurieWired

Sha256 hash: ae9405b9556c24389ee359993f45926a895481c8d60d98b91a3065f5c026cffe

Today the United States Senate Committee of the Judiciary are speaking with Directors from the NSA, CIA, and FBI regarding warrantless searches and unauthorized access of resources of United States civilians including phone calls, text messages, and more.

https://www.judiciary.senate.gov/oversight-of-section-702-of-the-foreign-intelligence-surveillance-act-and-related-surveillance-authorities

Right off the bat the NSA Deputy Director George Barnes mentions the Colonial pipeline and ALPHV ransomware group.

Today the US Senate Committee of the Judiciary sat down with Directors from the NSA, CIA, FBI, and DoJ.

The committee unveiled last month, May 2023, the FBI conducted over 278,000 warrantless searches on United States citizens - accessing phone calls, text messages, and e-mails.

Only 19,000 were valid. The Senate Committee believes the remaining 259,000 were violations of the 4th amendment.

The FBI allegedly monitored individuals tied to Russia, ISIS, ransomware groups, China, and Black Lives Matter.

We've updated the vx-underground Windows malware paper collection

- 2023-06-05 - Demonstrating how to kill EDR processes using a driver
- 2019-08-12 - Windows Process Injection via KnownDlls Cache Poisoning

Check it out here: https://www.vx-underground.org/windows.html

Sometime in 2019 Lockbit ransomware group began referring to themselves as "post-paid-pentesters". They claimed they are beneficial to companies because they illustrate flaws in their security posture.

The new rapidly evolving 8Base ransomware group makes this same argument.