Olivia
Online
Brian Baskin
@bbaskin
Threat researcher, malware analysis, RE, incident response, with some old school forensics and CTFing. Apologetic ginger. These are my personal opinions
Bawlmer, Maruhlan, US
Joined November 2008
883 Following
7.3K Followers
16.2K Posts
Thank you @BSidesVancouver for an awesome event. Happy to present on a modern, unique targeted phishing account, and then win the event @corelight_inc CTF.
Credit to the CoreLight platform. I've never used it before but picked it up quickly to finish first.
Spent the last 2 weeks working on a devirtualizer for VMProtect 3.5 and learning Remill. Idk yet if I will blog about it, but I at least wanted to publish the code:
https://t.co/GLqKWpOOU7
The approach is different from my last blog, as it lifts the whole x86 code of the VM
At a Free Palestine protest in a city when a car passenger throws a water bottle at a protestor... And then just sits there because they're stuck in traffic
Cops just walks over and yanks him out of car. If you're going to commit a crime at least think through your escape 😂
I'm optimistic we can create _some_ type of knowledge-based security-related community activity but traditional online jeopardy-style CTF as a competitive format is on its deathbed and this video hurts. Big love to the community that has meant the world to me the past 11 years!
Who to follow
volatility
@volatility
Official account of the Volatility Memory Analysis Project and Windows Malware and Memory Forensics Training. https://t.co/A4TZ1FOjpg
Sarah Edwards 👩🏻💻🐈⬛ 
@iamevltwin
Apple 4N6 Nerd, Head of DFIR @IsMyPhoneHacked, Author/Instructor @sansforensics FOR518 Mac/iOS DFIR. Opinions are mine. RT ≠ Endorse
Devon Kerr
@_devonkerr_
Director of DE&TH @HuntressLabs and custodian of secret histories. Posts are my own.
My current experience with coding models.
Might be a dumb question, but how are devs on personal machines supposed to catch this?
Or do a lot of them just stay pwned and never know it?
hilarious phishing email I just got. 10/10 execution
We keep talking about the housing crisis. We never discuss how our kids will never afford services we were grandfathered into
new Lifetime Plex Pass will price increase to $749.99 on July 1st (from $249.99) https://t.co/USt6IjsvHR
still not quite over the fact that i watched 15 year olds get sued for millions of dollars for downloading twelve songs and now we all have to accept AI slop because every tech company in the known universe decided that IP laws don't exist now that they're inconvenient for them
@bugfireIO @sublime_sec Thank you! Luke and I had fun with the webinar, even if it was just the two of us chatting with an audience
I can try to produce a sanitized version of one of the variants. Shoot me a DM and I can get it to you in a safe way.
Shark Tank Billionaire Kevin O'leary says 2 people fighting data centers in Utah are Chinese agents. Turns out its just 2 local girls in Utah, they make a hilarious video calling him the fuck out
@TheUncleBob Hah and almost guarantee this person did.
And also probably banking on the other not wanting the trouble of filing a police report.
TIL, if you forget $60 cash back at a Walmart self checkout, it will just patiently keep it there for anyone to take. It won't retract it. Kudos to the two people after me at that station who ignored it, but not to the third that took it.
Q: Did you talk to Xi about the cyber attacks that he's done in the United States?
TRUMP: I did. And he talked about attacks we did in China. You know, what they do, we do too. We spy like hell on them too. I told him, 'we do a lot of stuff to you that that you don't know about.'
I don't know how anything works anymore
@bugfireIO @sublime_sec Each sample has the victim's address embedded, so we're not able to directly share any unfortunately.
This type of decoding is always fun to me. I gave a presentation 14 years ago (OMG!) at @novahackers on deobfuscating and reading encoded Java opcodes:
https://t.co/E1vqkj1Day
Teammate raised this as an interesting campaign ITW
Full in-memory VM written in JavaScript (e.g. ADD, SUB, MOV instructions as functions). Zero hits on internet, VT hits were just a few weeks old.
What I thought was a clever VM attack was just a brand new open-source project
🚨 Threat actors are now using JavaScript virtual machines to hide phishing payloads inside HTML attachments.
Sublime Threat Intelligence and Research (STIR) observed FlowerStorm operators adopting KrakVM just weeks after its release.
The campaign included:
• VM-based obfuscation
• Credential harvesting
• Real-time MFA interception
A key takeaway: advanced obfuscation is becoming easier to operationalize.
Our latest research breaks down the attack chain and what defenders should watch for next.
https://t.co/2PaLq4eQvE
#Cybersecurity #Phishing
It wasn't until I started searching variables for code reuse on Github did I realize it was a brand new open source project released just a few weeks prior: https://t.co/hfyNcbFDbI
Lesson to learn: New open source tools will be found and immediately put into use by threat actors
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers