في تأكيد على ريادتها العالمية في المجال...
حصلت المملكة على المرتبة الأولى عالمياً في مؤشر الأمن السيبراني وفق تقرير #الكتاب_السنوي_للتنافسية_العالمية لعام 2024.
وتفخر #سايت بدورها كذراع تقني لـ
@NCA_KSA في تأسيس قطاع الأمن السيبراني، والإسهام في هذا الإنجاز العالمي في مؤشر الأمن السيبراني 🇸🇦
Wrote a set of YARA rules to detect the specific web shells dropped during the SharePoint CVE-2025-53770 exploitation.
- Cleartext and compiled variants
- Forensic artefacts in logs and on disk
Hope it helps.
Rules will be available in THOR Lite and THOR Cloud Lite shortly.
https://t.co/v27uvFhtrc
https://t.co/AaMCX5PZMD
#SharePoint #YARA #ThreatDetection #CVE202553770 #THORLite #DFIR
EagleVM progress recently:
1. Created an IR language capable of recompiling x86.
2. Abstracted IR→x86 translation for custom VM implementation.
3. Eliminated reliance on native x86 flag generation.
4. IR handler merging pass to obscure logic.
5. Compiler improvements
6. Graphs!
Digital Forensics Lab
(lesson slides)
- Basic Computer Skills for DFIR
- Basic Networking Skills for DFIR
- Computer and DFIR
- Computer Forensics Case Study
- Mobile/IoT Forensics Case Study
- Forensic Intelligence Repository
- AI for Forensics
https://t.co/Ms2te4fRps
Great sereis by @8kSec on arm reversing and exploitation
https://t.co/bgcKhZHRXi
https://t.co/5wfe1djthT
https://t.co/BYfC90anxw
https://t.co/ZjiYNmZkXE
https://t.co/0mgg8B2bzP
https://t.co/crBKanod1i
https://t.co/CJ2jDl1YHV
#arm#cybersecurity
Tip of the week #5: #malcat can help spot odd-looking code thanks to its DNA view.
Each instruction is represented by a colored symbol, while loops and API calls are highlighted. This makes visual pattern recognition a lot easier while #reverseengineering large #malware .
@AlwashmiA and I will be presenting an advanced incident response course at #blackhatmea where we will cover the modern methods of responding to large-scale and enterprise incidents.
https://t.co/6xdha53OcP
سنقدم أنا وصالح بن محيسن @saleh_muhaysin
تدريب متقدم للاستجابة للحوادث في مؤتمر #blackhatmea و سنغطي الأساليب الحديثة للاستجابة للحوادث واسعة النطاق والحوادث المؤسسية.
حيث سكبنا جل خبرة سنوات طويلة في تقديم خدمات ال #DFIR محليًا ودوليًا بتدريب عملي
https://t.co/s9m5StSC4x
اذا كنت تعمل في MSSP بتحتاج تدير عدد كبير من SIEMs بشكل منفصل وهذا يعتبر تحدي ياثر على بعض المهام مثل automation و سحب معلومات من اكثر من مصدر.
نشرت مشروع opensource للتحكم باكثر من LogRhythm SIEMمن api واحده
تفاصيل استخدام المشروع في github
https://t.co/phkJWumV8g
To start with Machine Learning:
1. Learn Python
2. Practice using Google Colab
Take these 2 free courses:
• Introduction to Python Programming (Udacity)
• Machine Learning Crash Course (Google)
If you need a bit more time before diving deeper, finish the following Kaggle tutorials:
• Intro to Machine Learning
• Intermediate Machine Learning
At this point, you are ready to finish your first project: The Titanic Challenge on Kaggle.
If Math is not your strong suit, don't worry. I don't recommend you spend too much time learning Math before writing code. Instead, learn the concepts on-demand: Find what you need when needed.
From here, take the Machine Learning specialization in Coursera. It's more advanced, and it will stretch you out a bit.
The top universities worldwide have published their Machine Learning and Deep Learning classes online. Here are some of them:
• MIT 6.S191 Introduction to Deep Learning
• DS-GA 1008 Deep Learning
• UC Berkeley Full Stack Deep Learning
• UC Berkeley CS 182 Deep Learning
• Cornell Tech CS 5787 Applied Machine Learning
Many different books will help you. The attached image will give you an idea of my favorite ones.
Finally, keep these three ideas in mind:
1. Start by working on solved problems so you can find help whenever you get stuck.
2. ChatGPT will help you make progress. Use it to summarize complex concepts and generate questions you can answer to practice.
3. Find a community here on 𝕏 and share your work. Ask questions, and help others.
During this time, you'll deal with a lot. Sometimes, you will feel it's impossible to keep up with everything happening, and you'll be right.
Here are the good news:
Most people understand a tiny fraction of the world of Machine Learning. You don't need more to build a fantastic career in the space.
Focus on finding your path, and Write. More. Code.
That's how you win.
Good new everyone! MinecraftLauncher.exe is susceptible to DLL sideloading. And YES, it is digitally signed by Mojang. EDRs have no idea what's coming for them😌
هذي بعض ال parsers للتحليل ال artifacts الخاصة بال BITS
- BitsParser (مستخدم في هذي الثريد) - https://t.co/fQXwk27Wm6
- bits_parser - https://t.co/PxVIYV6uoB
🐲 Ghidra Tips 🐲- Malware Encryption and Hashing functions often produce byte sequences that are great for #Yara rules.
Using #Ghidra and a Text Editor - You can quickly develop Yara rules to detect common malware families.
(Demonstrated with #Qakbot)
[1/20]
#Malware#RE
Stage 3 of the CurseForge #malware was accidentally uploaded without obfuscation.
Some analysis:
- Stealers for: Discord tokens, Browser credentials, MSA (pulled from MC mod launchers)
- Virtual machine escape on windows systems
- Injector logic
#ReverseEngineering#Minecraft