Olivia
Online
Nguyen Anh Tu
@_tuna99
VCS | Intelligence Center
Hanoi
Joined June 2013
668 Following
130 Followers
180 Posts
Huge respect to api monitor. It's such a beautiful tool for windows apps but hasn't been updated for ages. wanted to keep that spirit alive so built a fresh one.
Currently tracking 30k apis. very early alpha so expect some bugs.☺️
would love your feedback and bug reports.
repo: https://t.co/HRbXj5YyuK
So @censysio just deployed the "suspicious-open-dir" label to their search engine.
So far it appears a game changer, giving very solid hit rates on finding malicious infrastructure.
So for today, this will be a thread documenting my findings using the new feature.
1/x
Binwalk v3 now under active development. Faster, smarter, Rustier.
Beta testers and bug reports welcome!
https://t.co/8pnMIiPpCX
First blog! Reversing a VPN client to hijack sessions.
https://t.co/kFDDWuSmGA
@ESETresearch introducing Nimfilt: The Power Tool for Reverse Engineering Nim Binaries!
Learn about the practical examples to help jump-start your journey into analyzing Nim-compiled binaries.
Stay vigilant and integrate #Nimfilt into development and security toolkit today!
Here's my writeup on building your own control flow flattening LLVM pass https://t.co/q9prg6RRVN
The #GoldDigger family grows: Group-IB's TI Unit finds GoldPickaxe.iOS, the first #iOS #Trojan harvesting #FacialRecognition data for unauthorized bank access, targeting #APAC. It is linked to the GoldDigger family discovered last October. Learn more: https://t.co/pC4AAubb47
Unveiling APT WildCard. Emerging from SysJoker shadows, this APT now wields complex Rust malware - RustDown. Its link to Operation ElectricPowder signifies ~7 years of adaptive and persistent targeting of Israel's critical systems
🧵Technical deep-dive on WildCard [1/9]:
Try the ask_ida/c++ GPT [ https://t.co/2UEoY12Xoi ] for IDA SDK related questions in C/C++.
![BinaryWizards's tweet photo. Try the ask_ida/c++ GPT [ https://t.co/2UEoY12Xoi ] for IDA SDK related questions in C/C++. https://t.co/ajCISpoaB4](https://pbs.twimg.com/media/F-7yTEPasAABHV5.jpg)
NEW: Kaspersky releases full details on how they captured the “Triangulation” (suspected US Government) exploits and iPhone spyware targeting their employees. https://t.co/Krladw07eD
Uncovering Stayin’ Alive operation, active since at least 2021:
📞 Targets telecoms in Asia 🇰🇿🇺🇿🇻🇳🇵🇰
🛠️ Spearphishing + DLL side-loading (such as CVE-2022-23748 in Zoom)
🐱 Linked to a China-affiliated threat actor, referred as ToddyCat
👉 Read more: https://t.co/4Hz0fTYY3d
#ESETResearch discovered a campaign by the Evasive Panda APT group targeting an international NGO in China🇨🇳. The attackers hijacked the update channels of legitimate Chinese software to deliver their signature backdoor, #MgBot, to its victims. https://t.co/3h7Pmsv1Xx @0xfmz 1/7
Debugging with IDA: Emulating code from crash dumps - defeating VMP's obfuscated imports https://t.co/SvV2xXxVrI
New blog post and updated #binaryninja plugin: "Statistical Analysis to Detect Uncommon Code" We use statistics to identify obfuscation in an #Anticheat, a mobile DRM, a #Windows kernel module & malware.
Link: https://t.co/AxDgMwgxmT
Code: https://t.co/wWPTnvSflh
New Blog Post: Automating Malware Analysis Operations (MAOps) ^TN
https://t.co/4EPOMiKNlR
In this writeup, we leverage @rustlang's inherent obfuscation against existing AV technologies to quickly bypass all detection on VirusTotal using unsafe code blocks.
We can even achieve 0-total detections with a standard MSFVenom payload!
Check it out
https://t.co/BZlDNaGrB1
Today I released Alcaztaz - an x64 binary obfuscator featuring:
- Obfuscation of immediate moves
- Control flow flattening
- Mutation / Obfuscation of certain instructions like MOV, ADD, LEA
- Anti disassembly
- Entry point obfuscation
Read more at: https://t.co/UWMkq1Mt9J
🚨 New research alert!
Mandiant has observed a new espionage operation targeting #Ukraine. We suspect this activity is being conducted by the Russian #cyberespionage group, Turla Team. Read the blog to learn more. ⬇️ https://t.co/elDZ7erMPV
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.4M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers