Top Tweets for #MalwareLabDaily
#MalwareLabDaily 0x114
Recently @NVISOsecurity found 6 private keys, which are used by hundreds of #CobaltStrike servers for encrypting the communication with the beacons. This communication can be now decrypted with @DidierStevens tools👍 #BlueTeam #DFIR
https://t.co/tgiomXdGPh
#MalwareLabDaily 0x113
Creative #captcha on #AvosLocker Press Releases #darknet website.
#dataleaks #hackers #malware #ransomware #cybersecurity #darkweb #tor
#MalwareLabDaily 0x112
New book and interesting project dedicated to #ransomware. Read and learn about history of ransomware, what it is, how to prevent and how to remove it. And more.
https://t.co/0zp2tzQLxs
Big News 🚨!
My ransomware book is out, but the book is just one part of a bigger project, https://t.co/obrYLn6MTo. A comprehensive site designed to help orgs defend against ransomware...and they are making all the content from the book available at no cost. Please visit!
#MalwareLabDaily 0x111
#BlackByte #Ransomware was active mainly in August and it was interesting because it tries to kill @cyb3rops #Raccine specifically and Defender. It also performs common tasks such as disable VSS and other services
@anyrun_app:
https://t.co/ITQ2vydTSc
#MalwareLabDaily 0x110
Older, but still interesting analysis of leaked #Conti #ransomware playbooks by @j91321
Mapping to @MITREattack and their coverage by Atomic Red Team (@redcanary) and @sigma_hq rules.
#BlueTeam #RedTeam #sigmarules #ATTACK
https://t.co/GD5gmYiBUx
#MalwareLabDaily 0x10F
#ThreatHunting, #PowerShell, Fileless malware attacks. What to log and search + how to configure group policies.
Event IDs 4103, 4104 for PowerShell, Event ID 4688 for process creation. Don't forget to include command line. #Windows
https://t.co/m18CgCn9Zt
#MalwareLabDaily 0x10E
@Sysinternals #Sysmon is often mentioned in various #BlueTeam, #ThreatHunting and #DFIR scenarios as a free tool to monitor #Windows system activity. Depending on the provided config, it can bring visibility into endpoints. Now, there is #Linux version, too
#MalwareLabDaily 0x10D
This #Splunk #Bruteforce #Detection module is excellent. Search and detect bruteforce attacks, then create an alert which automatically adds the attacker's IP address to the firewall's blocklist.
@splunk is a powerful tool, suitable for malware hunting, too
#Splunk is an excellent tool for searching, monitoring and examining machine-generated data. It can be used to identify and respond to brute force attacks.
Complete this module for free during the month of October in our Community Edition. Sign up here: https://t.co/sfgzO7QsR5
#MalwareLabDaily 0x109
Second part of the #Top10 free #malware analysis tools by @IstroSec. #Reversing for fun and education without funds is pretty possible with these tools.
#Dotnet decompiler, #Java #Bytecodeviewer by @Konloch, #oletools by @decalage2, @peepdf and #wireshark
#MalwareLabDaily 0x107
Two #free videos from @kaspersky online #ReverseEngineering course. Lets analyze @golang #malware used in the #SolarWinds attack 👍
We released two videos for free from our online reverse engineering course. They focus on Go malware (Sunshuttle).
https://t.co/0xLf56EScI
https://t.co/OXJsr0hoPd
Almost 2 hours of premium IDA Pro entertainment!
#MalwareLabDaily 0x106
October is a #CybersecurityAwarenessMonth. On this occasion @RangeForce released their Community Challenge Series based on network forensics and #ReverseEngineering modules. Successful learners and participants will receive the digital badge via @credly
#MalwareLabDaily 0x104
Webinar tomorrow, 29th September at 10:00 AM ET.
Full Spectrum #CobaltStrike #Detection: A Technical Profile from @RecordedFuture’s Insikt Group
#DFIR #ThreatHunting #ThreatIntelligence #BlueTeam #SOC #CSIRT
https://t.co/DMhBZwohCM
#MalwareLabDaily 0x103
#REvil as #ELF file = #Ransomware which is able to run on #Linux and encrypt your files in similar way as it does it on #Windows machines
Next time someone tells you that Linux is more secure because there are no viruses for Linux, just show them this video
Linux Ransomware: Take a look at #REvil and how it can encrypt your data even on a Ubuntu Linux OS https://t.co/DXDZ74zHhg
#MalwareLabDaily 0x102
#Malware often uses services for #persistence and "stealthy" execution. This #mindmap covers creation and detection of #Windows services for #blueteam, #dfir and #threathunting.
Windows Services (Creation) Mind Map covering service creation and detection methods.
Link: https://t.co/CK1HFcUyC6
#Detection #BlueTeam #Windows #Services
#MalwareLabDaily 0x101
Researchers compile list of #vulnerabilities abused by #ransomware gangs in 2021. @BleepinComputer article based on the work of @uuallan, @pancak3lullz and others.
#Fortinet #Microsoft #Exchange #F5 #PaloAlto #QNAP, #Atlassian, etc.
https://t.co/M6jfyjlmhL
#MalwareLabDaily 0x100
@HexRaysSA 2021 #Plugin Contest is over. Congratulations to the winners and all of the participants, there are new #IDAPro plugins and "toys" for the malware analyst's toolkit.
Check them out at https://t.co/xO0uct3mtB
Our congratulations to the winners of Hex-Rays Plugin Contest 2021!🎉🎁🎆
🥇 Tenet by @gaasedelen
🥈 D-810 by Boris Batteux, eShard
🥉 nmips by @galli_leo_
With many excellent entries selecting just three was a real challenge. Take a look yourself: https://t.co/BZ5SNE9Y8g
#MalwareLabDaily 0xFF
This is perfect yet still simple example how powerful #CyberChef is. This @GCHQ tool comes very handy during deobfuscation for decrypting/decoding the payloads and IOCs extraction (such as #doc example below). Moreover, it is used by #CTF players for puzzles
A silly and straightforward recipe to output the embedded URLs for CVE-2021–40444 weaponized docs or any docs with embedded links for that matter 🙂 It can’t get simpler than that but it’s still effective...
https://t.co/VIa2HKq7nu
#MalwareLabDaily 0xFE
#CobaltStrike detection - great report by @RecordedFuture.
It covers host-based detections (initial access, persistence, lateral movement), network-based detecions (team server and beacon traffic) and keylogger detection and C2 blocking. #ThreatIntelligence
Cobalt Strike was created with the best of intentions, but it has quickly gained traction with threat actors who use it for nefarious reasons. Learn more about how to detect Cobalt Strike in this deep-dive: https://t.co/BnizdFzEgN
#MalwareLabDaily 0xFD
Voices of the past... @sansforensics #DFIR #cheatsheet from 2011. But in general, it is still very accurate lifecycle of forensic investigation and analysis. Binary-malware analysis is here in step 6 in software residue 🙂
Source: https://t.co/JiJwrtCzZt
#MalwareLabDaily 0xFC
#capa is an excellent tool for #malware triage by @FireEye which can identify capabilities in executable files. Now thanks to @IntezerLabs version 3 is out, with support for #Linux #ELF files in addition to #Windows #PE files.
https://t.co/9GAa8gHszn
capa v3 has arrived! 🙌
With help from @IntezerLabs, the tool now recognizes ELF files. Learn more about the extended analysis and other improvements that come with the newest code and ruleset updates, in our latest blog. https://t.co/7jK1rH55cU
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers