An update our previous graphic we shared on the cyber-front of the #ukraine conflict. This content was collected from various sources and collaborations within the #infosec community. Special thanks to all involved.
@Anti_Expl0it@Autow00t@juanandres_gs@flakpaket
We are sharing this visual for tracking threat actors/groups related to the current #ukraine conflict. The content was collected from various sources within the #infosec community. Special thanks to all involved.
@Anti_Expl0it@Autow00t@juanandres_gs
Probably the easiest CVE number to memorize, also scary enough to be hard to forget. Disable that ActiveX in Internet Explorer, also stop using Internet Explorer. 😆
Thanks for the support on this one @Anti_Expl0it@pedramamini@JosiahSecurity@DmitriyMelikov
Once again, Microsoft will be keeping the Defenders busy.
Now to watch the wave of iterations, collect samples, and improve detection....
DDE --> Equation Editor --> CVE-2021-40444
Find useful info here: https://t.co/MDDtkWJ4rj
#CVE202140444#0day@Autow00t@DmitriyMelikov
Once again, Microsoft will be keeping the Defenders busy.
Now to watch the wave of iterations, collect samples, and improve detection....
DDE --> Equation Editor --> CVE-2021-40444
Find useful info here: https://t.co/MDDtkWJ4rj
#CVE202140444#0day@Autow00t@DmitriyMelikov
Get The Most Out Of Your IoC: The Beginner’s Guide
Here is a quick blog helping you out if you want to add a little spice to your indicators of compromise.
https://t.co/0k9HdokwMj
#threatintel#ThreatResearcher#IOC#Malware
A sample from yesterday that not only uses COVID-19 context within the maldoc, but is targeting distance-learning students in Peru.
#malware#coronavirus#COVID19#COVID
https://t.co/TD88m75ogI
PowerShell Without PowerShell!
Read our newest blog from guest contributor @Valcan_K . He describes how to utilize LOLBins to bypass detection and execute arbitrary scripts on a target machine.
https://t.co/8u4eE7UG0f
#redteam#pentest#cyber
Our new blog is out!
Ransomware in Your Stocking, @Anti_Expl0it describes the increasing danger of ransomware going into the future. There are sample hashes and a map that shows the nationally widespread hits on state and federal utilities. https://t.co/lvgZo79dAQ #cybersecurity
An awesome write-up from @ohjeongwook of @darungrim
on leveraging Time Travel Debugging towards root cause analysis of a fuzzer triggered crash in Adobe Acrobat: https://t.co/HMMj1O3uNK
Interesting #malicious#PowerShell uses #InstallUtil (.NET framework utility).
InstallUtil loads a .NET bin that contains a class inherited from System.Configuration.Install.Installer. It overrides uninstall method. The method injects a shellcode into mem
https://t.co/rxz44uqrtY
Check out @DidierStevens new tool https://t.co/BzKRwWqpdv. https://t.co/BzKRwWqpdv is a Python script that uses Windows 10’s AmsiScanBuffer function to scan input for malware. It reads one or more files or stdin.
https://t.co/gRNcR6m5eZ
InQuest Insider - May
InQuest constantly monitors command and control (C2) communications for signs of anomalous activity. Keeping abreast of the latest C2 nodes through threat intelligence is key for detecting this activity.
Subscribe Here: https://t.co/aXEVjbepGF
InQuest Insider - April
The InQuest Threat Exchange is an integration where anonymous hashes and vectors are pushed to the InQuest cloud. In turn, all newly seen hashes are queried prior to analysis.
Subscribe to the newest issue of the InQuest Insider. https://t.co/aXEVjbepGF