Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @tccontre18
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @tccontre18
-
Prikvačeni tweet
cobaltstrike - beacon.dll "Your No Ordinary MZ (DOS) Header"
#sample#malware#cobaltstrike blog post: https://tccontre.blogspot.com/2019/11/cobaltstrike-beacondll-your-not.html … links: https://app.any.run/tasks/dc833ad4-508a-42eb-9bc2-cef42a558e89/ … https://www.virustotal.com/gui/file/3462e89f38d399d93e2dbe2cf415f8dabbd93c45bd8b9725274116c9b309be88/detection …pic.twitter.com/VWCnHEbFAF
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
Two attempts to visualize the topology of "malware mordor" -- 110k malware samples random-projected onto a 2d surface, histogrammed to show concentration. Malware datasets contain huge volumes of near-duplicate binaries (~60%?). You can see that pretty clearly here.pic.twitter.com/7GwUeWlJAY
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
2020-02-05:


#Netwalker#Ransomware
Cfg
"prc":["psexec.exe","system"]
net":{"use":true,"ignore":{"use":true,"disk":true,"share":["ipc$","admin$"]
kill":{"use":true,"task":["reboot","restart","shutdown","logoff","back"]}
h/t @malwrhunterteam
https://github.com/k-vitali/Malware-Misc-RE/blob/master/2020-02-05-netwalker-config.vk.raw …pic.twitter.com/BCvqbbVvVX
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
Analyzing WhatsApp Calls with Wireshark, radare2 and Frida
#MobileSecurity#iOSsecurity by Marvin Schirrmacher
https://medium.com/@schirrmacher/analyzing-whatsapp-calls-176a9e776213 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
2020-02-04:


#NetSupport Manager#RAT
V12.10F8 |#Signed
[FAN-CHAI,TOV]#DigiCert NSIS
#PowerShell Script
NSM
HookKeyboard
\.\KeyboardClass|PointerClass0
ftr
[nskbfltr.NT.Wdf]
KmdfService:nskbfltr,nskbfltr_wdfsect
h/t @malwrhunterteam MD5: 603ea83bd595e21d32b87139adf23612pic.twitter.com/pTOkdDGRUv
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
#Patchwork#coronavirus#summary window.sct https://app.any.run/tasks/2644f494-608e-44b2-8fa5-1fc75a07d86b/ … window.jpeg https://app.any.run/tasks/d6f9aecc-42be-4703-aadd-572ed1f4573f/ … Docx https://app.any.run/tasks/92a0892b-72dd-435c-b153-d32e62c401d6 … Xlsx https://app.any.run/tasks/89c1ab9f-b4a0-4855-a504-3bc3d1c20150 … Dropped https://app.any.run/tasks/ca1ee5a3-eeca-418e-aac6-1903bc82a753 … https://app.any.run/tasks/44c03635-c7b8-490b-8186-e8ed578c2a2b … IoCs https://github.com/StrangerealIntel/DailyIOC/blob/master/2020-02-05/Patchwork.csv …@Arkbird_SOLG@blackorbirdPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
SettingSyncHost.exe as a LolBin http://www.hexacorn.com/blog/2020/02/02/settingsynchost-exe-as-a-lolbin/ …
#LOLBIN cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foopic.twitter.com/dOM4EHq4ZuHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore, https://github.com/hfiref0x/KDU pic.twitter.com/s154qYlIKR
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
10 Python Machine Learning Projects on GitHubhttps://buff.ly/2CwM49V
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
Windows 10 UAC bypass for all executable files which are autoelevate true.https://github.com/sailay1996/UAC_Bypass_In_The_Wild …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
1\ Malware sandboxes are useful but extremely limited. Here's a malware call graph, and in red are the functions the malware actually *executed* when run in a sandbox -- a miniscule fraction of the malware's potential badness!pic.twitter.com/Ba5EK5EeIO
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
Reversing C++ executables with OOAnalyzer Ghidra Plugin https://insights.sei.cmu.edu/sei_blog/2019/07/using-ooanalyzer-to-reverse-engineer-object-oriented-code-with-ghidra.html …pic.twitter.com/rK2k4Q17Gd
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
Demystifying the Windows Firewall – Learn how to irritate attackers without crippling your network - thanks for sharing
@jepayneMSFT#infosec#blueteamhttps://channel9.msdn.com/Events/Ignite/New-Zealand-2016/M377 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
Our latest
@McAfee_Labs blog takes a deep dive into Microsoft Rich Text Format and OLE Exploits: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/an-inside-look-into-microsoft-rich-text-format-and-ole-exploits …#malware#cybersecurity#infosecpic.twitter.com/ZGs368sa6Q
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
modexp is one of my fav. researchers; while I often skim on details he is killing it with posts that combine an extensive and comprehensive research on interesting and often nuanced topics and a very well written narrative top quality right therehttps://modexp.wordpress.com/2019/12/08/shellcode-compression/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
#FIN6 | Vitali Kremez diving into the FIN6 “FrameworkPOS”, targeting payment card data from Point-of-Sale (POS) or eCommerce systems. https://labs.sentinelone.com/fin6-frameworkpos-point-of-sale-malware-analysis-internals-2/ …#POS#eCommerce#FrameworkPOS@VK_IntelHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
#ursnif used multi com object to its code. thanks to@JAMESWT_MHT for sharing the sample#malware#re#sample https://twitter.com/JAMESWT_MHT/status/1220378881863057409?s=20 …@JAMESWT_MHT@VK_Intel@felixw3000@fumik0_@58_158_177_102@sugimu_sec@VirITeXplorer@luc4m@James_inthe_box@matte_lodi@0xFrostpic.twitter.com/77TKJc7PHz
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
#ursnif#gozi#italy 24_01_2020 WMIC -> xls Samples doc and payload working 100% with proxy italy engage https://app.any.run/tasks/db0afa40-8b60-4300-ac83-93301d1710e1 … Source IoCs https://urlhaus.abuse.ch/browse/tag/Gozi/ …@VK_Intel@felixw3000@fumik0_@58_158_177_102@sugimu_sec@VirITeXplorer@luc4mPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Br3akp0int proslijedio/la je Tweet
RDP Vuln
#BlueGate CVE-2020-0609 & CVE-2020-0610 RD Gateway PoC (DoS) by@ollypwn https://github.com/ollypwn/BlueGate … Scanner by@MalwareTechBloghttps://github.com/MalwareTech/RDGScanner …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
Malware Researcher | Security Analyst | R.E. | FORENSIC | ML. interested in Pentesting | Red/Blue Team | Exploit Dev.