Hoy en #RootedCon2022 hemos presentado los resultados de una investigación llevada a cabo en @Cylera_ sobre atribución técnica de #Kwampirs y #shamoon . Más info técnica aquí: https://t.co/WEMnKZ5Qte
Beyond rubber ducky: evil mass storage POC with AT90USBKEY2. malware-tool for offline system. USB composite device with keyboard + mass storage + exfiltration via radio: https://t.co/S71X98LUqn
Running out of EDR bypass techniques (that's funny, of course you're not)? Don't worry, Microsoft is here to help you with a new one:
https://t.co/OhCqlE3ieb
While looking at the #SolarWinds#Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar, used by Turla. Our analysis: https://t.co/3EF6Y2G5ly #unc2452#darkhalo
Hace 25 años entré en el mundo de los hackers y me enamoré tanto que les dediqué articulos y incluso un libro. Hoy el libro está en las principales librerias. Ya he hecho todo lo que creía que tenía que hacer. Puedo iniciar otros caminos. https://t.co/jfS3shpSnE
#GuLoader is one of the most widely used loaders to distribute #malware throughout 2020. Learn about the techniques that the loader uses to thwart the analysts and their virtual machines/sandboxes: https://t.co/j4CGlU4wyy #ThreatHunting#ThreatIntel#sandbox#loader
Friends,
I am very pleased to announce that I have managed to re-assemble the original 29a archives in totality.
https://t.co/PEwsR9dyN3
All zines are now present in what was once their original form.
1luv
-smelly__vx
@ASUS_ROG Your AURA software is the biggest piece of shit I've ever seen. Check out your own forums. So many people complaining that it doesn't work, doesn't it tell you anything? Who programs it? Monkeys?
I just published an in-depth analysis of how the #Emotet network protocol works. Also I've released a tool which emulated this protocol and is capable to download new #modules & #malware from the C&Cs.
It's integrated with @hatching_io and @CapeSandbox.
https://t.co/2491AZvGXj
My analysis of a new #ATM#malware called #XFS_DIRECT using a Raspberry Pi Zero W and P4WNP1's HID backdoor for delivery. https://t.co/cTLv4uZ2JB #DFIR @Bank_Security #YARA rule is here --> https://t.co/bbmP2eFCco
#ESETresearch discovered 3 new malware families part of the #Dukes/#APT29 arsenal: #PolyglotDuke, #RegDuke and #FatDuke
📌 Twitter, Reddit as C&C
📌 C&C communications in pictures
🎯 3 European MFAs + 1 embassy in Washington, DC
📅 2013 to June 2019
https://t.co/9t6atlRoGP 2/4