Affable Kraut

@AffableKraut

Doing cyber stuff. Views are my own and do not reflect those of my employer.

Over There
Vrijeme pridruživanja: siječanj 2015.

Tweetovi

Blokirali ste korisnika/cu @AffableKraut

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @AffableKraut

  1. Prikvačeni tweet
    1. kol 2019.

    Want to learn to hunt for some infrastructure? Then you've come to the right place. Going to walk you through how to do it, from the very start to the end. /thread (probably 30-35 tweets, so hope you're interested)

    Prikaži ovu nit
    Poništi
  2. prije 1 sat

    Think of the time saved each year if Github would improve their search even a little bit. That it is unable to do even the most basic code searches properly is just baffling, let alone thinking I care about the last date it indexed a file, versus when that file was last modified

    Poništi
  3. 31. sij

    Can't decide: normally bypassing auth to log in to an app is bad, but what if you can't really access any data or perform any meaningful actions? Like, it's not optimal, but is it actually bad or does it just make you look dumb?

    Poništi
  4. proslijedio/la je Tweet

    Edward Snowden and the Insider Threat - Steven Bay - ESW #170 featuring:

    Poništi
  5. proslijedio/la je Tweet
    29. sij
    Poništi
  6. proslijedio/la je Tweet
    26. sij

    Some didn’t want to use the charging station last year at . Wonder if I would get takers for these?

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    27. sij

    ⚡️Group-IB's Cyber Investigations Team helps take down a responsible for the infection of hundreds of websites all over the world. More details about the operation here->

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    27. sij

    Magento hackers still operate magecart[.]net despite 3 arrests on Dec 20th. File syncdb.exe is actually a text file with stolen UK cards, last modified Jan 7th.

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    26. stu 2019.

    i am truly devastated to announce that the y2k bug is now officially classified as a feature

    Poništi
  10. proslijedio/la je Tweet
    25. sij
    Poništi
  11. proslijedio/la je Tweet
    25. sij

    Indonesian police arrests 3 Magecart hackers who ran skimming operation since 2017. They recently registered "magecart[.]net" for payment interception.

    Prikaži ovu nit
    Poništi
  12. 25. sij
    Prikaži ovu nit
    Poništi
  13. 25. sij

    If you're looking to poke around at that last bit, I'd recommend dropping a breakpoint or debugger; on line 358. The "a" array that is created has interesting stuff in it: 5/5

    Prikaži ovu nit
    Poništi
  14. 25. sij

    Running that creates a second chunk of code, which is here: And here is the prettified version of it with the deobfuscation function prepended: 4/x

    Prikaži ovu nit
    Poništi
  15. 25. sij

    For those interested, here's the code. It's multilayered, with the second layer needing the obfuscation function from the first. Here's a copy of the first layer: 3/x

    Prikaži ovu nit
    Poništi
  16. 25. sij

    Interestingly a version of the skimmer code itself has been seen before. I wrote some details up here: At the end of that thread added some of their infrastructure and linked a tweet form which has even more. 2/5

    Prikaži ovu nit
    Poništi
  17. 25. sij
    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet

    Joint press conference by Indonesian National Police & on Operation Night Fury led by INTERPOL’s Desk, sharing the successful arrest of 3 suspects involved in JS-sniffer campaign compromising e-commerce websites to steal credit card or online payment information

    Poništi
  19. proslijedio/la je Tweet
    25. sij

    Spotted new malicious domains inc jquery[.]us & hotjar[.]us in the wild (spoiler: nothing to do with jQuery or Hotjar!). Payloads only delivered under specific circumstances & include code to hide itself to anyone looking for it. Several UK ecommerce sites infected

    Poništi
  20. 25. sij
    Poništi
  21. proslijedio/la je Tweet
    24. sij
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·