Maʁsɛl

@marcelmalware

🐈. "Independent" malware researcher and Threat Hunter.

Vrijeme pridruživanja: svibanj 2017.

Tweetovi

Blokirali ste korisnika/cu @marcelmalware

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @marcelmalware

  1. Prikvačeni tweet
    8. lis 2019.
    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    29. sij

    Need a SOC Reference Architecture? Check out this one we put together to show how Microsoft technology integrates into a SOC. Slide 73 of Azure Security Compass -

    Poništi
  3. proslijedio/la je Tweet
    29. sij

    How to Red Team #1 - A twitter red team mind map Need credentials from the outside? 1. OSINT (Find e-mail/PII) 2. Social Engineer (Trick someone into clicking an e-mail you sent them w/o a payload) 3. Target External Services (Password Spray or find a vulnerable service )

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    27. sij

    Understanding this tweet was the best moment of my day. Sincerely yours, the person who never quite understood Public Key Infrastructure. [Thanks for writing the blog post that put all the pieces together . and still expect some questions]

    Poništi
  5. proslijedio/la je Tweet
    28. sij

    1. Windows Defender 2. EDR 3. Automated defanging of documents 4. Disabling macros, OLE, DDE, etc. 5. Disabling Windows Script Hosting 6. Private VLANs 7. Application whitelisting 8. Users not being local admins 9. 2FA on everything 10. Up-to-date patching

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    28. sij

    1\ Surprisingly, you could build a very mediocre PE malware detector with a single PE feature: the PE compile timestamp. In fact, I built a little random forest detector that uses only the timestamp as its feature that gets 62% detection on previously unseen malware at a 1% FPR.

    Prikaži ovu nit
    Poništi
  7. 28. sij

    "Hackers exploit 'bug' with oversized meat-space payload"

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    27. sij

    sLoad, the PowerShell-based Trojan downloader notable for its almost exclusive use of the Background Intelligent Transfer Service (BITS) for malicious activities, has launched version 2.0. Read about what's changed in our new blog:

    Poništi
  9. proslijedio/la je Tweet
    27. sij

    pwndrop - The new fast & fun way to set up an HTTP/WebDAV server for your payloads is coming! python -m SimpleHTTPServer may soon be retiring. Stay tuned! Here is a quick sneak peek:

    Poništi
  10. 26. sij
    Prikaži ovu nit
    Poništi
  11. 26. sij

    Who are these people and where are they now?

    Prikaži ovu nit
    Poništi
  12. 26. sij
    Prikaži ovu nit
    Poništi
  13. 26. sij

    Oh Wow, has picture archives of their first meetup.

    Prikaži ovu nit
    Poništi
  14. 24. sij

    Someone is uninstalling the Phorpiex malware from infected PCs and telling users to install an antivirus via &

    Poništi
  15. proslijedio/la je Tweet
    23. sij

    For learning RE, check out these: (Sam Bowne's Practical Malware Analysis course - all my love) (PMA book) (MalwareUnicorn's RE101 course) (Assembly intro w/ my friend Cory Kennedy)

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    22. sij

    Here is the link to the SpecterOps Adversary Tactics: PowerShell course material: Enjoy! For information about our current training offerings, information can be found here: (4/4)

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet

    Do you have a and write about related topics? Reply with URL so I can add it to Weekly newsletter aggregation, also RT please fo reach. 😀

    Poništi
  18. proslijedio/la je Tweet
    16. sij

    Updated PoC to include the root trusted CA "Microsoft ECC Product Root Certificate Authority 2018" Also included a signed and unsigned 7z.exe for you to test out. Please only use for research and education.

    Poništi
  19. proslijedio/la je Tweet
    16. sij
    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    15. sij

    I’m so excited! My team is looking for a Security Researcher. Special focus on hunting and malware reversing. I work for Microsoft defender and our work helps protect half a billion people all over the world. If that sounds fun to you, dm me or apply here:

    Poništi
  21. proslijedio/la je Tweet
    15. sij

    Awesome thread on the new event to detect CVE-2020-0601 attempts. Microsoft is doing a great job adding new events for EDRs for event driven detection. Is there an official refreshed documentation with all the latest events?

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·