Johannes Bader

@viql

Malware analyst, Reverse Engineer. Header image by Valentin B. Kremer on Unsplash

Schweiz
johannesbader.ch
Vrijeme pridruživanja: kolovoz 2013.
13 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @viql

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @viql

  1. Prikvačeni tweet
    8. srp 2019.

    I just published a blog post about the virtualized DGA of : The malware is ancient, but as recently showed (), Pitou is still active with the same DGA and seeds as five years ago.

    1 reply 40 proslijeđenih tweetova 68 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    29. sij

    Introducing my newest project: I got phished The goal is to notify IT-security representatives about phishing victims within their constituency 📨 👉 A big thanks to who initiated the project! 👏 For bug reports and feature requests -> DM me

    15 replies 174 proslijeđena tweeta 328 korisnika označava da im se sviđa
    Poništi
  3. 23. sij

    .blackfriday, .tickets and .feedback top-level domains? Of course that's a thing. And they are even used by domain generation algorithms:

    5 proslijeđenih tweetova 5 korisnika označava da im se sviđa
    Poništi
  4. proslijedio/la je Tweet
    15. sij

    New (active) Emotet botnet C&Cs over the past 12 months 📅 You can clearly see the long vacation Emotet took in June and July 🌅

    17 proslijeđenih tweetova 26 korisnika označava da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    20. pro 2019.

    Countries 🌍 with the most TrickBot infections (commonly used to drop Ryuk Ransomware 💰). Almost 1/4 of all TrickBot infections are are located in the US 🇺🇸 Here's how to mitigate Emotet and TrickBot:

    55 proslijeđenih tweetova 80 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    12. pro 2019.

    Some interesting figures from on Emotet:

    8 proslijeđenih tweetova 11 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    6. pro 2019.

    Here are the slides for the talk by and me on YARA-Signator, a tool for automated generation of code-based YARA signatures for ! Including some bonus slides on statistics for the 157,806,663 instructions processed. :) ->

    41 proslijeđeni tweet 91 korisnik označava da mu se sviđa
    Poništi
  8. 11. stu 2019.

    Blog Post: The DGAs of , attacking QNAP-NAS devices.

    6 proslijeđenih tweetova 2 korisnika označavaju da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    28. svi 2019.

    Attention : envoi par email de documents Word infectés par le cheval de Troie bancaire "Retefe", provenant de correspondants connus mais dont le compte email a été compromis ! Merci d'annoncer les emails suspects sur

    1 reply 26 proslijeđenih tweetova 7 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    26. tra 2019.

    FWIW, I've compiled a bunch of "empty" projects in MSVC under different settings. I'll use this data for function similarity matching as isolated groundtruth for lib code that is commonly found in malware. Maybe others will benefit from it as well. 😉

    6 proslijeđenih tweetova 14 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    15. ožu 2019.

    Ich hasse die neuen Werbescreens in Trams. Bewegte Werbebilder trüben mein Fahrerlebnis und an gewissen Stellen sind die Infomonitore weniger gut zu sehen. Bitte aufhören mit dem Bödsinn öV abzuwerten.

    2 proslijeđena tweeta 2 korisnika označavaju da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    12. ožu 2019.

    It is 9am Swiss Time, , Olivier Pereira & I are releasing details of a cryptographic trapdoor that we found in the Swiss Post system that would allows admins to falsely "prove" mixes that alter votes & undetectably compromise elections:

    16 replies 860 proslijeđenih tweetova 1.196 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    27. sij 2019.

    Released 0.1.7.2 • bugfix release avoiding deadlock during long-running low-level disk operations such as those executed by Disk Utility or Boot Camp Assistant →

    1 proslijeđeni tweet 5 korisnika označava da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    20. stu 2018.

    As requested by , I've integrated on URLhaus. Malware tags should now point to the appropriate Malpedia entry

    1 reply 22 proslijeđena tweeta 65 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    13. stu 2018.

    hey how about a link to in the database entry to help potential victims understand what malware family is discussed?

    1 reply 1 proslijeđeni tweet 3 korisnika označavaju da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    17. ruj 2018.

    Hafragilsfoss

    1 proslijeđeni tweet 1 korisnik označava da mu se sviđa
    Poništi
  17. proslijedio/la je Tweet
    8. lip 2018.

    On Monday 11th June, URLhaus will start to notify hosting providers and network owners about active malware download sites (~3,400 at the moment). New additions to URLhaus will automatically be dispatched to the responsible hosting provider too.

    45 proslijeđenih tweetova 77 korisnika označava da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    30. svi 2018.

    Heads up: Spam campaign incoming, pretending to come from , distributing TrickBot: /cc

    21 proslijeđeni tweet 17 korisnika označava da im se sviđa
    Poništi
  19. 29. tra 2018.

    I just published a blog post on a new word-list-based domain generation algorithm of the Nymaim malware: . The algorithm has already been included in the DGArchive . .

    70 proslijeđenih tweetova 110 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    9. tra 2018.

    AnMAXX, Gerber EDV and the Qrypter connection: "Fake" VPN services hosting more than 5'000+ RAT botnet controllers. Full list:

    19 proslijeđenih tweetova 16 korisnika označava da im se sviđa
    Poništi

@viql još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·