Zoekresultaten
  1. 6 uur geleden

    PROPagate Code Injection Technique Detected in the Wild for the First Time

    4 retweets
  2. 10 uur geleden

    [2018-06-30] -> ->

    1 antwoord 3 retweets 6 vind-ik-leuks
    Deze collectie tonen
    Deze collectie tonen
  3. 17 uur geleden

    2018-06-29 - Data Dump: fake Flash update and -

    13 retweets 22 vind-ik-leuks
  4. 25 jun.

    [2018-06-25] Unknown Campaign -> -> Dropper -> Miner

    1 antwoord 19 retweets 23 vind-ik-leuks
  5. 12 jun.

    Exploit kits: Spring 2018 review. Featuring , , and .

    56 retweets 76 vind-ik-leuks
  6. 25 mei

    adds CVE-2018-8174 (source: ). Blog post updated:

    34 retweets 58 vind-ik-leuks
  7. 16 mei

    Now you can open malicious link in the default browser at without downloading HTML files. Very useful for researching exploits. And it is already available on FREE plans! example:

    3 antwoorden 161 retweets 301 vind-ik-leuks
    Deze collectie tonen
    Deze collectie tonen
  8. 9 apr.

    to then by exploiting Flash vulnerability CVE-2018-4878 (other runs seen by and earlier today) drops . Using Flash 28,0,0,126 and fully patched Win 7 64 bit. 😬 I blogged! Files and such on ->

    4 antwoorden 26 retweets 40 vind-ik-leuks
  9. 9 apr.

    began using CVE-2018-4878🤔😇 (CC: )

    1 antwoord 42 retweets 56 vind-ik-leuks
  10. 14 mrt.

    2018-03-14 - freegogpcgames[.]pro is a fake domain that led to campaign pushing - 53hshshshs[.]info is the gate and was on 46.229.213.39 when I checked - sample:

    2 antwoorden 26 retweets 37 vind-ik-leuks
  11. 12 mrt.

    3-11-2018: -> Landing 92.53.127[.101 (AS9123) Decrypt payload key "uDoW4P6LPK" cmd.exe (char obfuscation/split/XOR) Possible sequence detection on RigEK drops: 'cmd.exe /q /c cd /d "%tmp%"' & 'start wscript //B //E:JScript' Paste: ⚔️

    37 retweets 46 vind-ik-leuks
  12. 1 mrt.

    RT thlnk3r "RT nao_sec: (gate5) -> 92.53.124.205 -> "

  13. 15 feb.

    2-15-2018: via -> banker -> gang's hidden VNC module Tested: exports & hidden session via another explorer.exe 🤔 Hash: 5ae2ad8f0be144ce732badf7dec0a16e Still a formidable weapon for (Demetra) crooks to control a remote PC for carding/ATO 🧐

    57 retweets 53 vind-ik-leuks
  14. 13 feb.

    2018-02-12 - campaign sends - pcap/malware/more info at:

    32 retweets 35 vind-ik-leuks
  15. 30 jan.

    2018-01-30 - sends , follow-up malware: - pcaps/malware/more info at - possibly the campaign but cannot confirm

    2 antwoorden 39 retweets 38 vind-ik-leuks
  16. 29 jan.

    2018-01-29 - Three days of campaign pushing - pcaps/malware samples at: - Wikipedia tells me "Gand" is an Indian slang term for the buttocks, so you might hear me refer to "GandCrab" as "ButtCrab" ransomware.

    3 antwoorden 65 retweets 91 vind-ik-leuks
  17. 19 jan.

    2018-01-19 - Three recent examples of campaign - pcap and malware samples at:

    33 retweets 48 vind-ik-leuks
  18. 17 jan.

    Let's Learn: Dissect Rig Exploit Kit Anti-Bot Filter Gate Malchain: Seamless Gate -> Anti-Bot Filter Gate -> Landing Page -> Flash Exploit CVE-2015-8651 -> Banking Source:

    40 retweets 61 vind-ik-leuks
  19. 11 jan.

    2018-01-11 - (probably the campaign) sends / which grabs - pcap/malware available at:

    38 retweets 59 vind-ik-leuks
  20. 10 jan.

    2018-01-09 - campaign continues using to send - pcap/malware/artifacts at: - also has a recent example at - Thanks to for his help!

    36 retweets 42 vind-ik-leuks

Geen resultaten.

Het laden lijkt wat langer te duren.

Twitter is mogelijk overbelast of ondervindt een tijdelijke onderbreking. Probeer het opnieuw of bekijk de Twitter-status voor meer informatie.