sysopfb

@sysopfb

Malware research

sysopfb.github.io
Vrijeme pridruživanja: kolovoz 2016.
32 fotografije ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @sysopfb

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @sysopfb

  1. 3. velj

    Vitali talked me into leaving my malware lab

    2020-02-02:📆[Meetup] I will be in 🇮🇱 Tel Aviv, Israel on the first time trip🙂. 🤗I invite you to join our researher meetup if you're local and/or there for on February 6 @ 6pm. We'll share notable observations from & world.
    2 proslijeđena tweeta 12 korisnika označava da im se sviđa
    Poništi
  2. 30. sij

    TrickBot gtag MAN1 if you want the history of why me and THL talk about MAN1 -> a paper I wrote using lots data sets that had been gathered over the years!

    check this out raqmiyat[.]com/man1.exe trickbot. cool filename.
    7 proslijeđenih tweetova 10 korisnika označava da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    13. sij

    We've published the file with decrypted traffic from our live demo at . The capture file contains traffic, Google searches, a submission and a user logging in and posting to Twitter.

    1 reply 50 proslijeđenih tweetova 133 korisnika označavaju da im se sviđa
    Poništi
  4. 10. sij

    Empire running on 3.15.22[.]188 port 80 and http over port 443 with an open directory...

    1 reply 2 korisnika označavaju da im se sviđa
    Poništi
  5. 2. sij

    Downloader using google drive to download an updated version of Remcos Converted from MalConfScan into a static decoder and very minor changes to account for the new variant

    5 proslijeđenih tweetova 12 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    14. pro 2019.

    Archive of is now available | All attachments are public | Note that attachments have PHP file extension but are actually archives | Rename according to its file type (ZIP, RAR, ...) and open it | Thanks for everybody who contributed over those ~10 years!

    108 proslijeđenih tweetova 218 korisnika označava da im se sviđa
    Poništi
  7. 11. pro 2019.

    Anchor TrickBot has been around for a lot longer than a few months 6500190bf8253c015700eb071416cbe33a1c8f3b84aeb28b7118a6abe96005e3 First Submission 2018-07-26 14:34:19

    14 proslijeđenih tweetova 38 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    11. pro 2019.

    2019-12-11: [] ⚓️ "" Project Deployed 🇰🇵 Tool | Our Discovery: ⚡️Probably One of the Biggest Crimeware Story 2019 w/ Technical Evidence of Collaboration | More to Come 🔦 cc/story More ->

    27 proslijeđenih tweetova 51 korisnik označava da mu se sviđa
    Poništi
  9. proslijedio/la je Tweet
    11. pro 2019.

    Today we announce , our new threat intelligence division, led by award-winning & a team of world-renowned researchers. Subscribe to the Labs blog to join us at the cutting edge of the threat landscape.

    11 proslijeđenih tweetova 21 korisnik označava da mu se sviđa
    Poništi
  10. 19. stu 2019.

    qakbot domains north[.]drwongandassociates[.]com;inmotion[.]heatherling[.]com;qth[.]w3wvg[.]com

    3 korisnika označavaju da im se sviđa
    Poništi
  11. 19. stu 2019.

    "PureLocker"? It's wrapped in the same manner as TerraLoader (84d4902be41e2ffa8ce720a4e5406158) cr1-websmart@protonmail.com YOUR_FILES.txt

    2 proslijeđena tweeta 3 korisnika označavaju da im se sviđa
    Poništi
  12. 18. stu 2019.

    Just casually setting off everyones VT alerts on a Monday morning ? I like the idea of putting a header in the uploads though

    1 reply 2 korisnika označavaju da im se sviđa
    Poništi
  13. proslijedio/la je Tweet
    22. lis 2019.

    A lot of code overlap between Maze ransomware and Glupteba Trojan. 100+ shared functions Glupteba - 5486f07cccc300dd939b4936daeb37b83d4c818d1735470bf791b6fd112db25d Maze - 5c9b7224ffd2029b6ce7b82ea40d63b9d4e4f502169bc91de88b4ea577f52353

    2 proslijeđena tweeta 2 korisnika označavaju da im se sviđa
    Poništi
  14. 12. lis 2019.

    Put some of my modified unsafe golang libraries on github for doing things like putting data into the modulus of a public key of a x509 cert

    7 proslijeđenih tweetova 10 korisnika označava da im se sviđa
    Poništi
  15. 27. ruj 2019.

    Dumped 8 months of data from my TLS honeypot onto my github, up next is writing a bunch of parsers for the TLS packets to dump into a mineable format.

    1 reply 1 proslijeđeni tweet 2 korisnika označavaju da im se sviđa
    Poništi
  16. 26. ruj 2019.

    1 reply 10 proslijeđenih tweetova 13 korisnika označava da im se sviđa
    Poništi
  17. 24. ruj 2019.

    DNS based packer that uses resolved IP as a XOR key; used by , , and Crypto wallet replacer malware campaigns:

    20 proslijeđenih tweetova 39 korisnika označava da im se sviđa
    Poništi
  18. 23. ruj 2019.

    Did a quick DOH exfiltration POC while flying back home based on nicely laid out golang code from

    2 proslijeđena tweeta 5 korisnika označava da im se sviđa
    Poništi
  19. 13. ruj 2019.

    The SMB portions are hexlified for EB and DP, I copied and pasted the ones from here into a yara and got direct hits

    2019-09-11: 👿 -> Golang 👻 💙 SMB Implementation "eternalblue" | 🔦 Config” | Disable PatchGuard | Defender Exclusions avIsPresent cloudnetIsRunning disablePatchGuard downloadSMBExploit7 h/t
    1 reply 14 proslijeđenih tweetova 32 korisnika označavaju da im se sviđa
    Poništi
  20. 6. ruj 2019.

    Excellent writeup and sums up pretty much the reason I've focused on crimeware my entire career is that the threats are real and interesting.

    3 proslijeđena tweeta 22 korisnika označavaju da im se sviđa
    Poništi

@sysopfb još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·