Florian Roth

@cyb3rops

Nextron Systems | Creator of , Valhalla YARA rule feed, Sigma, LOKI, yarGen & much more

Frankfurt, Germany
Vrijeme pridruživanja: lipanj 2013.

Tweetovi

Blokirali ste korisnika/cu @cyb3rops

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @cyb3rops

  1. Prikvačeni tweet
    18. stu 2019.

    I can now issue trial vouchers for our portable multi-platform scanner THOR 10 If you work in or a team, ping me via for a voucher:

    Poništi
  2. prije 3 sata

    Guide on upgrading your SSH keys to Ed25519

    Poništi
  3. proslijedio/la je Tweet
    prije 4 sata
    Poništi
  4. proslijedio/la je Tweet

    This abomination is the regex for validating IPv6 addresses:

    Poništi
  5. prije 5 sati
    Poništi
  6. proslijedio/la je Tweet
    prije 21 sat

    Need a Reference Architecture? Check out this one showing how technology enables this strategy/access model. Slide 14 of CISO Workshop Module 3

    Poništi
  7. proslijedio/la je Tweet
    prije 17 sati

    Raytheon engineer arrested for taking US missile defense data to China | ZDNet

    Poništi
  8. prije 7 sati

    RDG Scanner for Vulnerability CVE-2020-0609 & CVE-2020-0610 - multi-threaded - CIDR support

    Poništi
  9. proslijedio/la je Tweet

    My Sysmon config sees the shell/open reg key being written, if you want to alert on this. /cc

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    29. sij

    1\ I've written a little compiler to ship ML models as standalone Yara rules, and done proof of concept detectors for Macho-O, RTF files, and powershell scripts. So far I have decision trees, random forests, and logistic regression (LR) working.

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    2. velj

    SettingSyncHost.exe as a LolBin cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foo

    Poništi
  12. proslijedio/la je Tweet
    1. velj

    Cutter v1.10.1 released! 🥳 Tomorrow, GitHub will capture and store every repository in an archival facility deep in an Arctic mountain. 🥶🗻 Today, we release a special edition for the benefit of future mankind and other beings 👽 Get it @ Highlights >>

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    1. velj

    My team is reading this book, and some are highlighting portions that I would debate. For example, page 81 discusses "offensive methods" that "become public and disappear." That may be the view of a top tier foreign intelligence organization, but is largely not true for others.

    Prikaži ovu nit
    Poništi
  14. 2. velj

    ICYMI developed an online tool to convert Sigma rules into the query language of your choice FAQs What if my field values differ from the standard? What if I get too many false positives?

    Poništi
  15. proslijedio/la je Tweet
    1. velj

    2020-01-31: 🇨🇳 Targets Universities👨‍🎓 🔩|XOR Decoder| rule apt_win32_winnti_xordec { strings: $decoder_xor = { 8B C3 C1 E3 10 C1 E8 10 03 D8 6B DB 77 83 C3 13 } condition: $decoder_xor } Ref⬇️

    Poništi
  16. proslijedio/la je Tweet
    1. velj

    For those of you using a NV GPU with Volta or Turing chipset, listen up! We hacked our way into the post-48k GPU shared memory region. This improved bcrypt cracking performance by an average of 25%. For instance a GTX2080Ti improved from 42116 H/s to 54770 H/s

    Prikaži ovu nit
    Poništi
  17. 1. velj

    Sigma rule to detect malware process starts as described in ESET's recent blog post on a campaign against HK universities (derived from sandbox reports - won't share them yet) Sigma Rule Report

    Poništi
  18. 1. velj

    If you need a name for a new malware, threat group operation or hack tool, check this Imgur gallery with 29 posters showing deities, monsters and heroes of different mythologies

    Poništi
  19. proslijedio/la je Tweet
    31. sij

    Follow Friday on interesting VT Submitter Ids. My first is ec31b410 uploading from Denmark. Examples in this thread

    Prikaži ovu nit
    Poništi
  20. 31. sij

    Could someone at explain what that VHash is? I find it more and more useful. Is it a secret sauce or something you plan to publish some day?

    Poništi
  21. 31. sij
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·