Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @C1ar3nce_
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @C1ar3nce_
-
Clar3nce proslijedio/la je Tweet
New #fuzzing blogpost :) Quick blogpost about how I found a OOM/DoS bug in a famous@npmjs/@nodejs package using coverage-guided#javascript fuzzer.
Fuzzer: Jsfuzz by @fuzzitdev
Target: wasm-parser
Bug: DoS/OOM
https://webassembly-security.com/fuzzing-npm-nodejs-webassembly-parsing-library-with-jsfuzz/ …
#WeAssembly#js#wasm#NodeJSHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
I found this article to be excellent. From building Windbg Tooling to working exploits. Its a dense and rich read. Really well done. I thought. Introduction to SpiderMonkey exploitation. https://doar-e.github.io/blog/2018/11/19/introduction-to-spidermonkey-exploitation/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
Here's my PoC for CVE-2020-7980, a script to gain RCE (root level) to some Satellite controllers.https://github.com/Xh4H/Satellian-CVE-2020-7980 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
Interested in learning Windows Kernel exploitation ?
@Synacktiv wrote 3 challenges to help you write your first Windows Kernel shellcodes ! You can already try the first one, or all of them if you're a premium member. https://www.root-me.org/en/breve/New-set-of-challenges-in-Microsoft-Windows-kernel …pic.twitter.com/q8oSwfd5cC
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
Ahem. We are expecting some royalties from this...https://twitter.com/realDonaldTrump/status/1220821545746141187 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
2020-01-24:


#Buer Loader |
Low Detection #Signed Cert ->
[VAS CO PTY LTD] #DigiCert
Masks as "UBlockPlugin" | x32|64 |
Block C2: 108.62.118 .46:443
Anti-CIS Language Check & Main Flow
h/t @malwrhunterteam Ref -> https://twitter.com/malwrhunterteam/status/1220656579260841984 …pic.twitter.com/aiOfFgRyCm
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
#ursnif used multi com object to its code. thanks to@JAMESWT_MHT for sharing the sample#malware#re#sample https://twitter.com/JAMESWT_MHT/status/1220378881863057409?s=20 …@JAMESWT_MHT@VK_Intel@felixw3000@fumik0_@58_158_177_102@sugimu_sec@VirITeXplorer@luc4m@James_inthe_box@matte_lodi@0xFrostpic.twitter.com/77TKJc7PHz
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
#FIN6 | Vitali Kremez diving into the FIN6 “FrameworkPOS”, targeting payment card data from Point-of-Sale (POS) or eCommerce systems. https://labs.sentinelone.com/fin6-frameworkpos-point-of-sale-malware-analysis-internals-2/ …#POS#eCommerce#FrameworkPOS@VK_IntelHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Clar3nce proslijedio/la je Tweet
2020-01-22:
Pro-
#Gamaredon#APT#Implant Flush DNS |
Excel/Word Macro .NET Interop
Continues Targeting
Ukrainian Law Enforcement & Military
C:\Users\Opolos\source\repos\LoderApp\LoderApp\obj\Debug\Aversome.pdb
C2:masseffect. space
MD5:107010d9e4ff8436f872f17a2b13bbe4pic.twitter.com/vo5J0T6uGW
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
2020-01-22:


#Dridex Banker |
#EvilCorp Group & Offshoots
Module:
"vnc_x32|64.dll"
VncStart|StopServer
Activating Inject Function via VNC Redirection |
"VNC is starting your browser..."
Remote Connect for #Fraud/Account Takeover
Re-Used #Carberp/#ISFB VNC Modulepic.twitter.com/6VqRwUZi4z
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
Dustman APT: Art of Copy-Paste, https://swapcontext.blogspot.com/2020/01/dustman-apt-art-of-copy-paste.html …pic.twitter.com/8cz3JV2XMG
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
2020-01-15:

#Malware ITW:
'#Million' Loader Project | 'millionware' Node.js
Seems to be Active/In Development
C2: 178.32.201. 225
Logging:
[*] connected
[>] sending handshake
...
[>] requesting/receiving new loader
h/t @malwrhunterteam Ref
https://twitter.com/malwrhunterteam/status/1217489385354121217 …pic.twitter.com/qoyx7759b1
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
2020-01-15:


#Dridex Loader 'ldr.exe' | Botnet ID "40300"
Conf (0x04):
{
104.131.41.185:443
178.62.75 .204:1443
138.201 .138.91:3389
62.75.191 .14:3389
}
Stay Safe
Dridex Seems Extremely Active Now in Distro Mode
https://twitter.com/James_inthe_box/status/1217481969581219840 …
h/t @James_inthe_boxpic.twitter.com/jfYYdqBoEi
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
2020-01-15:


#TrickBot#Loader#Signed Cert ->
[MONT-DMD d.o.o.] #Sectigo Same Crypter New
Added "foldhelper" Windows 10 UAC bypass by hijacking a special key in the Registry
Focuses More & More on Windows 10
MD5:18A19C324963BB69A492ACCF4E9A7600
h/t @malwrhunterteampic.twitter.com/fvwbNk4CUJ
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
Nemty Ransomware - Control Panel - Paying a ransom merely incentivizes future ransomware attacks by financing the attackers and proving that victims will pay ...
#NotPay

pic.twitter.com/maurJaxMXj
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
2020-01-14:

#Dridex Banker#Loader 'lrd.exe' | Botnet ID "10222"
Spam Theme: @QuickBooks Invoice -> Watch Out
December 29 Build
Same "[ERR] Heap corrupted" Fake Error
Dridex Top Cybercrime Enterprise Going Strong in 2020
h/t @cocaman Link: https://app.any.run/tasks/0d3e540e-4f8b-4d20-a1e2-dc89332372b6/ …pic.twitter.com/cIPylY1rlr
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
This project was built in order to practice my C++ skills. A simple POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread.https://github.com/panagioto/Mimir
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
CCT ZbotScan as VT graph: https://www.virustotal.com/graph/embed/gf288663e9d4245c7b8384b9ab36b64f41b58a7df62a145e3ad643bfe140ffb02 … with some additional details related to Microsoft citadel sinkhole operation (warning: heavy graph)pic.twitter.com/iGIBGasm9K
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Clar3nce proslijedio/la je Tweet
A nice analysis of a NTCrypt PE crypter from
#reverseengineering#itsec#hacking#cybersec#malware@ReversingLabs@ap0xhttps://blog.reversinglabs.com/blog/the-hunt-for-ntcrypt-exposing-a-malicious-packer …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.