Malware defense stuff is boring and I respect these AV and/or EDR nerds so much for working on this stuff.
I've spent the past few days really locking in on developing an ETW consumer and using the YARA static analysis engine in conjunction with it.
It is all documented. It is easy-ish to follow. It all makes sense. Even the more "hardcore" stuff like the kernel mode callback routines and minifilters are handed to you on a silver platter with tons of documentation and examples from Microsoft.
These AV and/or EDR nerds unironically have to spend their days monitoring microscopic potential edge cases for malware evasion and then making a tiny little change in code to account for it. If they don't account for this tiny little potential attack vector they're criticized and insulted endlessly.
Conversely, this tiny line of code they've added burns the hours of research I've placed into developing something.
I've spent the past few days really locking in on developing an ETW consumer and using the YARA static analysis engine in conjunction with it.
It is all documented. It is easy-ish to follow. It all makes sense. Even the more "hardcore" stuff like the kernel mode callback routines and minifilters are handed to you on a silver platter with tons of documentation and examples from Microsoft.
These AV and/or EDR nerds unironically have to spend their days monitoring microscopic potential edge cases for malware evasion and then making a tiny little change in code to account for it. If they don't account for this tiny little potential attack vector they're criticized and insulted endlessly.
Conversely, this tiny line of code they've added burns the hours of research I've placed into developing something.
π₯°56β€15π2π―2
vx-underground
Malware defense stuff is boring and I respect these AV and/or EDR nerds so much for working on this stuff. I've spent the past few days really locking in on developing an ETW consumer and using the YARA static analysis engine in conjunction with it. It isβ¦
Malware defense stuff is pretty much just standing by the front door with a really big stick waiting for someone to walk in, bonking them on the head with it, and then throwing their unconscious body back outside ... forever and ever ... until you're dead or retire.
π―70π11β€6π€£6π₯°5π₯1
Someone sent me a malware sample they found on Discord. I'll tell you one thing right now, Chat. StealIt is a colossal pain in the fucking ass to reverse engineer.
I was crashing out on Xitter for a second about it. This thing is soooo annoying. It is super evasive because of their GOD DAMN SEA BLOBS AND NODE JS BULLSHIT
I was crashing out on Xitter for a second about it. This thing is soooo annoying. It is super evasive because of their GOD DAMN SEA BLOBS AND NODE JS BULLSHIT
π₯°73β€20π15π€―7π’2
RIP Chuck Norris
I'll never forget all the goofy jokes you inspired
I'll never forget all the goofy jokes you inspired
π«‘207β€27π’14π€―5π€£5β€βπ₯4π±3π2π€1π1π1
vx-underground
RIP Chuck Norris I'll never forget all the goofy jokes you inspired
Chuck Norris doesnβt read books.
He stares them down until he gets the information
He stares them down until he gets the information
β€119π€£44π6π«‘4π2π2π€2π₯°1
November, 2024 weight:
285lbs
129.2kg
March, 2026
226lbs
102.5kg
After my son was born I fell off the weight loss wagon due to sleep deprivation and exhaustion from baby stuff. I got back on it.
I feel a lot better since losing so much weight. Health and science and stuff
285lbs
129.2kg
March, 2026
226lbs
102.5kg
After my son was born I fell off the weight loss wagon due to sleep deprivation and exhaustion from baby stuff. I got back on it.
I feel a lot better since losing so much weight. Health and science and stuff
β€157π56π₯13π€£9π8β€βπ₯3π2π€2π₯°1π1π1
Mildly Interesting:
Windows Defender 1.445.674.0 contains logic to detect malware designed to target "AIGen" threats.
It is titled "AIGen.Trojan.ClawHavoc".
Windows Defender 1.445.674.0 contains logic to detect malware designed to target "AIGen" threats.
It is titled "AIGen.Trojan.ClawHavoc".
π€£50π₯°40π9π€7β€3
> be IT
> new hardware comes in
> need to image 2000 new DELLs
> protect kids from pedos law drops
> id verification at OS level
> enter my ID for 2000 PCs
> FBI raids office building
> everyone arrested
> everyone was using pc with my ID
> all arrested for identity theft
> new hardware comes in
> need to image 2000 new DELLs
> protect kids from pedos law drops
> id verification at OS level
> enter my ID for 2000 PCs
> FBI raids office building
> everyone arrested
> everyone was using pc with my ID
> all arrested for identity theft
π€£122π₯°90π€―8β€5π3π1π€1
vx-underground
> be IT > new hardware comes in > need to image 2000 new DELLs > protect kids from pedos law drops > id verification at OS level > enter my ID for 2000 PCs > FBI raids office building > everyone arrested > everyone was using pc with my ID > all arrested forβ¦
this is how i imagine ID verification at OS level working in enterprise environments. it haunts me (it makes me giggle)
π₯°66π37π’6π4π€4β€2β€βπ₯1π―1
> wake up
> take a shit
> get out of bed
> baby screaming
> see whats wrong
> mad as hell cause hungry
> feed him
> hes eepy
> snuggle him
> headbutts face
> busts my lip
> ow
> calm down
> snuggle him
> rips glasses off my face
> bends my glasses
> laughs in my suffering
> get glasses back
> he shits his pants
> try to clean up
> angry at me because ???
> new fresh diaper on
> holding him
> slaps my face
> tries to put fingers in my nose
> put him down
> crawls to plants
> tries to eat dirt
> take away dirt
> mad as hell because wont let eat dirt
> calm him down
> shits pants again some how
> try to change him
> mad because ???
> rolls around bed
> poop stamps from ass cheeks on bed
> wrestle him
> calm him down
> new diaper again
> put him in walker to prepare breakfast
> runs over my toes
> ow
> pulls spatula off table
> chases dog around kitchen with spatula
> take away spatula
> mad as hell again
> pick him up to calm him down
> kicks me in testicles
anyway, thats been my sunday so far with a 1 year old
> take a shit
> get out of bed
> baby screaming
> see whats wrong
> mad as hell cause hungry
> feed him
> hes eepy
> snuggle him
> headbutts face
> busts my lip
> ow
> calm down
> snuggle him
> rips glasses off my face
> bends my glasses
> laughs in my suffering
> get glasses back
> he shits his pants
> try to clean up
> angry at me because ???
> new fresh diaper on
> holding him
> slaps my face
> tries to put fingers in my nose
> put him down
> crawls to plants
> tries to eat dirt
> take away dirt
> mad as hell because wont let eat dirt
> calm him down
> shits pants again some how
> try to change him
> mad because ???
> rolls around bed
> poop stamps from ass cheeks on bed
> wrestle him
> calm him down
> new diaper again
> put him in walker to prepare breakfast
> runs over my toes
> ow
> pulls spatula off table
> chases dog around kitchen with spatula
> take away spatula
> mad as hell again
> pick him up to calm him down
> kicks me in testicles
anyway, thats been my sunday so far with a 1 year old
β€120π€£75π«‘17π8π―8π₯°4π±4π₯1
This media is not supported in your browser
VIEW IN TELEGRAM
Me at BSides doing a talk on cybersecurity
π’35π€£35π₯17π₯°5π―2β€1π1
Forwarded from International Cyber Digest
π¨βΌοΈ BREAKING: Crunchyroll breached through outsourcing partner in India.
A threat actor exfiltrated data from Crunchyroll's ticketing system and also managed to pull 100 GB of personally identifiable customer analytics data.
We've analyzed sample data and it includes IP addresses, email addresses, credit card details, and more.
An employee of their outsourcing partner Telus had executed malware on his system, which gave a threat actor access to Crunchyroll's environment.
The threat actor told us the breach happened on March 12, 2026. Crunchyroll revoked their access after 24 hours.
They also said Crunchyroll is ignoring all messages and still hasn't publicly disclosed the breach.
A threat actor exfiltrated data from Crunchyroll's ticketing system and also managed to pull 100 GB of personally identifiable customer analytics data.
We've analyzed sample data and it includes IP addresses, email addresses, credit card details, and more.
An employee of their outsourcing partner Telus had executed malware on his system, which gave a threat actor access to Crunchyroll's environment.
The threat actor told us the breach happened on March 12, 2026. Crunchyroll revoked their access after 24 hours.
They also said Crunchyroll is ignoring all messages and still hasn't publicly disclosed the breach.
π€£103π₯59π±17β€8π₯°6π€6π«‘3π1π’1
Leonid Radvinsky, founder of MyFreeCams and majority owner of OnlyFans, has died of cancer.
π223π«‘72π€£37π’17β€9π8π5π₯°2π±2π₯1