Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @jeromesegura
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @jeromesegura
-
Jérôme Segura proslijedio/la je Tweet
Seeing lots of
#malspam distributing#AgentTesla via Word/Excel combo, followed by PowerShell -> fake image Subject: eFAX Message from #[0-9]{8} Payload URL: 107.189.10[.]150/ui/10357780.jpg Payload hash: 7ca62123dabe70a6419aec5cbb2244a5be224789beaf4f4356b6cea9b29df7a7pic.twitter.com/hYi5sKyMBq
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
Some light relief? A brand new episode of "Smashing Security" is out now: Episode 163 - "Russian heists and Ring wrongs" with special guest
@LisaForteUK and a featured interview with@sawaba Enjoy!https://www.smashingsecurity.com/163Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
Malpam with
#Dridex VBS loader fingerprinting the system. * IoCs * Dridex: 635ded83b8e1be3fea6e8899627164f0f983831ce59bb37ddf4a89f86b86b46dpic.twitter.com/RVRNrRikms
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
Le CERT-FR a publié un rapport sur la menace rançongiciel à l'encontre des entreprises et institutions : https://www.cert.ssi.gouv.fr/cti/CERTFR-2020-CTI-001/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
#Malspam pushing#AgentTesla via CVE-2017-11882 (Equation Editor exploit). * IoCs * f440a587d49886b52586d9dfa8f9a17226b612e10e17cb5b09851ee6abdfdf82 windowsfirewallsecurityauthorise.duckdns[.]org/lvc/svch.exe 7984f74486d3ea0408c80b7474d555b4a2fe5cc9982d8468bd3887a8dbef22b7pic.twitter.com/Yg6NZMmQi5
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
Our 2019 Website Threat Research Report is live! Catch up on the latest trends in malware and hacked websites in this detailed analysis: https://sucur.it/30YE65i
#websitesecurity#infosecpic.twitter.com/XwyoA2cd40
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
#EKFiddle Version 0.9.5 - New contextual menus and items - Added@urlscanio as a lookup source - Added 'Force CORS' option (Rules -> Force CORS) https://github.com/malwareinfosec/EKFiddle …pic.twitter.com/MCTkDZwIRI
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
Following our investigation into the most sophisticated browser locker campaign to date, a large part of the infrastructure (including the stegano server) was taken down. No new browlock observed since 01/23. Ref: https://blog.malwarebytes.com/threat-analysis/2020/01/woof-locker-stealthy-browser-locker-tech-support-scam/ …
#WOOFlocker#browlock#TechSupportScamspic.twitter.com/SIurLCSlSv
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
Thanks to data from
@ecomscan we were able to see a new digital skimmer/#magecart loader that's starting to be utilized. It's unique enough that it merits some discussion, even if it's also not fully operational. Let's call it the Prototype loader, I guess.pic.twitter.com/xkXXdNQ1SC
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
Interested in
#threat hunting and making the internet a safer place? We are looking for a passionate threat intelligence#analyst to join our team. Apply here: https://jobs.malwarebytes.com/job/2035502#ThreatIntel#infosecjobs#hiringpic.twitter.com/GYNQl0CrEi
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operationhttps://blog.malwarebytes.com/threat-analysis/2020/01/woof-locker-stealthy-browser-locker-tech-support-scam/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
#Emotet changed Webshells for S.A.P v.2.1. The same code logic is being pushed by the same upstream servers via POST queries. My script emotet_webshell_finder.py has been updated to also find those onespic.twitter.com/HkgDBTMHzb
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
My new blog post with
@WeAreConfiant is like a mini highlight reel of some of our favorite findings over the past ~6 months. The focus is on clever#javascript trickery employed by#malvertising groups.https://blog.confiant.com/trending-client-side-innovations-in-malvertising-payloads-914d9f614ed1 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
The servers pushing the payloads to the infected
#Emotet WordPress are running a copy of a deleted Nginx from /tmp/ directory and have ports 31181 (SOCKS) & 31182 (authenticated HTTP Proxy) open, likely to allow forwarding of attackers' queriesPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
Want to capture network traffic from the new Microsoft Edge (or Google Chrome)? I've published a short video to show how easy it is to capture traffic using the built-in Net Export feature, and how to analyze it using free tools.https://www.youtube.com/watch?v=2RGdZbGgskk …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
#EKFiddle Version 0.9.4.1 - Detection of steganographic payloads and skimmers (disabled by default) - Added elapsed time when running regexes manually (with the run command) https://github.com/malwareinfosec/EKFiddle …pic.twitter.com/yrbEKKgbnf
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
Interested in threat hunting and making the internet a safer place? We are looking for a threat intelligence analyst to join our team. Apply here: https://jobs.malwarebytes.com/job/2035502
#infosecjobs#ThreatIntelHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
#Magecart skimmer stealing from folks donating to Australia's bushfire effort. Skimmer is 'ATMZOW', exfiltration domain vamberlo[.]com was already known.pic.twitter.com/1qwPqSPEQm
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
Active
#TechSupportScam#browlock hosted on@Azure comes from Google Ads malvertising and cloaking. Visit the site directly -> normal blog Visit the site via Google Ad -> browlock IOCs (all domains to block): https://gist.github.com/MBThreatIntel/8ea3b84c6e9732711b9801828ad05bbc …pic.twitter.com/DNQMlhIMs1
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jérôme Segura proslijedio/la je Tweet
Research Brain-Dump
Join us for a deep dive into the how’s and why’s of automated malware unpacking.
In this video we discuss how we built UnpacMe!https://youtu.be/FctDptnYukQ Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.