tag:blogger.com,1999:blog-65965772555679636962024-03-13T08:30:40.098-07:00TL;DR NewsInfosec and Other News FeedMilahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comBlogger4445125tag:blogger.com,1999:blog-6596577255567963696.post-67243508540565495812024-03-13T08:30:00.001-07:002024-03-13T08:30:08.543-07:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">Using ChatGPT to Deobfuscate Malicious Scripts https://t.co/a8y73V8qKb</p>
— SANS.edu Internet Storm Center (@sans_isc) <a href="https://twitter.com/sans_isc/status/1767830794704175324">Mar 13, 2024</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/sans_isc<br />
<br />
March 13, 2024 at 08:31AM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
Using ChatGPT to Deobfuscate Malicious Scripts https://t.co/a8y73V8qKb<br />
<br />
sans_isc<br />
<br />
https://twitter.com/sans_isc/status/1767830794704175324<br />
<br />
https://i5c.us/d30740
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-48538455730375922342024-02-17T06:54:00.001-08:002024-02-17T06:54:39.412-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">I wrote a YARA rule designed to identify emails attempting to exploit CVE-2024-21413, a vulnerability in Microsoft Outlook that permits the unauthorized acquisition of NTLM credentials #100daysofYARA #YARA https://t.co/RhIcyltkKV https://t.co/rSATinTuhk</p>
— Florian Roth (@cyb3rops) <a href="https://twitter.com/cyb3rops/status/1758792873254744344">Feb 17, 2024</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/cyb3rops<br />
<br />
February 17, 2024 at 09:57AM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
I wrote a YARA rule designed to identify emails attempting to exploit CVE-2024-21413, a vulnerability in Microsoft Outlook that permits the unauthorized acquisition of NTLM credentials #100daysofYARA #YARA https://t.co/RhIcyltkKV https://t.co/rSATinTuhk<br />
<br />
cyb3rops<br />
<br />
https://twitter.com/cyb3rops/status/1758792873254744344<br />
<br />
https://ift.tt/JaIsboy
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-25148945125928461022024-02-17T06:39:00.001-08:002024-02-17T06:39:41.758-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">#How to PCAP without wireshark on Windows #start a capture pktmon start -c -f PktMon.etl #view the stats pktmon counters #sleep for 60 seconds sleep 60 #Stop the Capture pktmon stop #convert it to PCAP pktmon etl2pcap PktMon.etl --out capture.pcap https://t.co/vFzFuE01f3</p>
— mRr3b00t (@UK_Daniel_Card) <a href="https://twitter.com/UK_Daniel_Card/status/1758435515563446606">Feb 16, 2024</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/UK_Daniel_Card<br />
<br />
February 16, 2024 at 10:17AM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
#How to PCAP without wireshark on Windows #start a capture pktmon start -c -f PktMon.etl #view the stats pktmon counters #sleep for 60 seconds sleep 60 #Stop the Capture pktmon stop #convert it to PCAP pktmon etl2pcap PktMon.etl --out capture.pcap https://t.co/vFzFuE01f3<br />
<br />
UK_Daniel_Card<br />
<br />
https://twitter.com/UK_Daniel_Card/status/1758435515563446606<br />
<br />
https://twitter.com/UK_Daniel_Card/status/1758435515563446606/photo/1
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-45240225953678946272024-02-10T15:34:00.001-08:002024-02-10T15:34:33.575-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">Nate White @Ipitythepoorfo1 https://t.co/zbkjjpQDTN</p>
— Tarquin 🇺🇦 (@Tarquin_Helmet) <a href="https://twitter.com/Tarquin_Helmet/status/1756065557621690390">Feb 9, 2024</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/Tarquin_Helmet<br />
<br />
February 09, 2024 at 09:20PM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
Nate White @Ipitythepoorfo1 https://t.co/zbkjjpQDTN<br />
<br />
Tarquin_Helmet<br />
<br />
https://twitter.com/Tarquin_Helmet/status/1756065557621690390<br />
<br />
https://twitter.com/Tarquin_Helmet/status/1756065557621690390/photo/1
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-71399074493029512622024-02-10T05:29:00.001-08:002024-02-10T05:29:28.266-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">We just released our latest REsearch insights on exploiting UEFI spec vulnerabilities on ARM and x86 CPUs. Our Binarly Transparency Platform discovered all these bugs. All the related ARM tools and PoCs are out now. Check it: https://t.co/SQe26R9BO0 https://t.co/jIb5BlkW67</p>
— Alex Matrosov (@matrosov) <a href="https://twitter.com/matrosov/status/1756054958028300630">Feb 9, 2024</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/matrosov<br />
<br />
February 09, 2024 at 08:38PM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
We just released our latest REsearch insights on exploiting UEFI spec vulnerabilities on ARM and x86 CPUs. Our Binarly Transparency Platform discovered all these bugs. All the related ARM tools and PoCs are out now. Check it: https://t.co/SQe26R9BO0 https://t.co/jIb5BlkW67<br />
<br />
matrosov<br />
<br />
https://twitter.com/matrosov/status/1756054958028300630<br />
<br />
https://ift.tt/DCl3wbG
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-50727692079031581552024-01-29T04:24:00.001-08:002024-01-29T04:24:13.448-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">"DFIR Team Support" (2024, colorized) https://t.co/on05AfnVfB</p>
— Florian Roth (@cyb3rops) <a href="https://twitter.com/cyb3rops/status/1751886277195022666">Jan 29, 2024</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/cyb3rops<br />
<br />
January 29, 2024 at 08:33AM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
"DFIR Team Support" (2024, colorized) https://t.co/on05AfnVfB<br />
<br />
cyb3rops<br />
<br />
https://twitter.com/cyb3rops/status/1751886277195022666<br />
<br />
https://twitter.com/cyb3rops/status/1751886277195022666/photo/1
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-82240231633274365312024-01-08T08:30:00.003-08:002024-01-08T08:30:55.996-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">#100DaysofYara Day 7 and Day 8: Going a little easy this time... For these two days, we will cover the rules for #IllyrianStealer (another mundane .NET stealer) and the most recent version of #RaccoonStealer (v2.3.1.1) IllyrianStealer: https://t.co/RIJ8wmyO5A RaccoonStealer:… https://t.co/u9e6SOIR8x https://t.co/5zGBzZtIhu</p>
— RussianPanda 🐼 🇺🇦 (@AnFam17) <a href="https://twitter.com/AnFam17/status/1744247453119910228">Jan 8, 2024</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/AnFam17<br />
<br />
January 08, 2024 at 06:39AM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
#100DaysofYara Day 7 and Day 8: Going a little easy this time... For these two days, we will cover the rules for #IllyrianStealer (another mundane .NET stealer) and the most recent version of #RaccoonStealer (v2.3.1.1) IllyrianStealer: https://t.co/RIJ8wmyO5A RaccoonStealer:… https://t.co/u9e6SOIR8x https://t.co/5zGBzZtIhu<br />
<br />
AnFam17<br />
<br />
https://twitter.com/AnFam17/status/1744247453119910228<br />
<br />
https://ift.tt/rlPhwB2
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-83324688368093894782024-01-08T08:30:00.001-08:002024-01-08T08:30:55.412-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">Happy New Year! I have for you a new #PEbear (v0.6.7) with some of the requested features, such as strings, and patterns searching. Plus other improvements & bugfixes. Check it out! https://t.co/AsAbJGR9nb 🐻💙 https://t.co/fuPQoqANva</p>
— hasherezade (@hasherezade) <a href="https://twitter.com/hasherezade/status/1744386167976423700">Jan 8, 2024</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/hasherezade<br />
<br />
January 08, 2024 at 03:50PM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
Happy New Year! I have for you a new #PEbear (v0.6.7) with some of the requested features, such as strings, and patterns searching. Plus other improvements & bugfixes. Check it out! https://t.co/AsAbJGR9nb 🐻💙 https://t.co/fuPQoqANva<br />
<br />
hasherezade<br />
<br />
https://twitter.com/hasherezade/status/1744386167976423700<br />
<br />
https://ift.tt/StfLmaV
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-7983763777899632092024-01-07T16:14:00.001-08:002024-01-07T16:14:22.362-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">Update https://t.co/4XVNgNrxgr https://t.co/cZkh63HFpZ</p>
— Ange (@angealbertini) <a href="https://twitter.com/angealbertini/status/1654429033042411523">May 5, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/angealbertini<br />
<br />
May 05, 2023 at 10:13AM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
Update https://t.co/4XVNgNrxgr https://t.co/cZkh63HFpZ<br />
<br />
angealbertini<br />
<br />
https://twitter.com/angealbertini/status/1654429033042411523<br />
<br />
https://twitter.com/angealbertini/status/1654429033042411523/photo/1
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-23487517162780943572024-01-07T16:10:00.001-08:002024-01-07T16:10:02.464-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">Most PE executables only have a DOS stub, but Robert Xiao combined DOOM Dos and Windows executables into a single universal file. Advanced merge of genuine Dos headers, relocations, DOS4/GW headers and PE file. https://t.co/RfMejxAJK4 https://t.co/lR5IILcyKs</p>
— Ange (@angealbertini) <a href="https://twitter.com/angealbertini/status/1737121148368810169">Dec 19, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/angealbertini<br />
<br />
December 19, 2023 at 02:42PM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
Most PE executables only have a DOS stub, but Robert Xiao combined DOOM Dos and Windows executables into a single universal file. Advanced merge of genuine Dos headers, relocations, DOS4/GW headers and PE file. https://t.co/RfMejxAJK4 https://t.co/lR5IILcyKs<br />
<br />
angealbertini<br />
<br />
https://twitter.com/angealbertini/status/1737121148368810169<br />
<br />
https://ift.tt/ouFi4bZ
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-17253420450623714172024-01-07T16:04:00.001-08:002024-01-07T16:04:51.335-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">#100DaysOfYara Day 6: Yara can be used to access specific data at a given position. 👇 This feature is often used to identify Magic Numbers (used to determine the file format) to match your rule against a specific file type, such as a PE (0x4D5A), for example. Today, no… https://t.co/6O7Ld9iLce https://t.co/ST0vIJc1q4</p>
— Thomas Roccia 🤘 (@fr0gger_) <a href="https://twitter.com/fr0gger_/status/1743504876745998655">Jan 6, 2024</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/fr0gger_<br />
<br />
January 06, 2024 at 05:28AM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
#100DaysOfYara Day 6: Yara can be used to access specific data at a given position. 👇 This feature is often used to identify Magic Numbers (used to determine the file format) to match your rule against a specific file type, such as a PE (0x4D5A), for example. Today, no… https://t.co/6O7Ld9iLce https://t.co/ST0vIJc1q4<br />
<br />
fr0gger_<br />
<br />
https://twitter.com/fr0gger_/status/1743504876745998655<br />
<br />
https://twitter.com/i/web/status/1743504876745998655
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-49768684334462558652023-11-26T05:34:00.003-08:002023-11-26T05:34:27.923-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">Microsoft has uncovered a supply chain attack by North Korean threat actor Diamond Sleet (ZINC) involving the modification of an installer file from software maker CyberLink. The payload calls back to attacker infrastructure for instructions. Learn more: https://t.co/iKatpcMN7G</p>
— Microsoft Threat Intelligence (@MsftSecIntel) <a href="https://twitter.com/MsftSecIntel/status/1727373881206296891">Nov 22, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/MsftSecIntel<br />
<br />
November 22, 2023 at 05:10PM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
Microsoft has uncovered a supply chain attack by North Korean threat actor Diamond Sleet (ZINC) involving the modification of an installer file from software maker CyberLink. The payload calls back to attacker infrastructure for instructions. Learn more: https://t.co/iKatpcMN7G<br />
<br />
MsftSecIntel<br />
<br />
https://twitter.com/MsftSecIntel/status/1727373881206296891<br />
<br />
https://ift.tt/pdLnF2g
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-23290111741425482962023-11-26T05:34:00.001-08:002023-11-26T05:34:26.900-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">🔥Malware Analysis with @HuntressLabs 🔥 Watch as we analyse a bloated (1.5GB) Golang file and dynamically extract an Xworm payload. We'll touch on Procmon, Process Hacker, Entropy Analysis, Debloating, Breakpoints, Debuggers and lots more🤠 [1/14] 🧵 #Malware #Golang https://t.co/NCs1Eh6mTt</p>
— Matthew (@embee_research) <a href="https://twitter.com/embee_research/status/1694635899903152619">Aug 24, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/embee_research<br />
<br />
August 24, 2023 at 09:00AM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
🔥Malware Analysis with @HuntressLabs 🔥 Watch as we analyse a bloated (1.5GB) Golang file and dynamically extract an Xworm payload. We'll touch on Procmon, Process Hacker, Entropy Analysis, Debloating, Breakpoints, Debuggers and lots more🤠 [1/14] 🧵 #Malware #Golang https://t.co/NCs1Eh6mTt<br />
<br />
embee_research<br />
<br />
https://twitter.com/embee_research/status/1694635899903152619<br />
<br />
https://twitter.com/embee_research/status/1694635899903152619/photo/1
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-18928640420353691692023-11-20T04:59:00.001-08:002023-11-20T04:59:55.844-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">Here is a list of researchers and offensive security accounts I recommend following, based on their consistently excellent content and objective, respectful interactions: @wdormann @HackingLZ @FuzzySec @mariuszbit @0gtweet @ippsec</p>
— Florian Roth (@cyb3rops) <a href="https://twitter.com/cyb3rops/status/1726344841540346183">Nov 19, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/cyb3rops<br />
<br />
November 19, 2023 at 09:00PM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
Here is a list of researchers and offensive security accounts I recommend following, based on their consistently excellent content and objective, respectful interactions: @wdormann @HackingLZ @FuzzySec @mariuszbit @0gtweet @ippsec<br />
<br />
cyb3rops<br />
<br />
https://twitter.com/cyb3rops/status/1726344841540346183<br />
<br />
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-64721352340534382372023-11-10T11:50:00.001-08:002023-11-10T11:50:05.010-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">US Treasuries Trading Affected by Ransomware Hack via @MihirBagwe & @daveperera https://t.co/DHwWu4gI0J</p>
— Allan “Ransomware Sommelier🍷” Liska (@uuallan) <a href="https://twitter.com/uuallan/status/1723064796071821760">Nov 10, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/uuallan<br />
<br />
November 10, 2023 at 07:47PM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
US Treasuries Trading Affected by Ransomware Hack via @MihirBagwe & @daveperera https://t.co/DHwWu4gI0J<br />
<br />
uuallan<br />
<br />
https://twitter.com/uuallan/status/1723064796071821760<br />
<br />
https://ift.tt/MqhVSZN
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-28027878382320423252023-11-10T04:50:00.001-08:002023-11-10T04:50:26.255-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">I just learned that apps like Snapchat are giving push notifications WHEN SOMEBODY IS TYPING and all I want to know is why the product manager that decided this was a great idea is still alive with all 4 limbs intact.</p>
— Wim Remes TR (@wimremes) <a href="https://twitter.com/wimremes/status/1722675526077165897">Nov 9, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/wimremes<br />
<br />
November 09, 2023 at 06:00PM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
I just learned that apps like Snapchat are giving push notifications WHEN SOMEBODY IS TYPING and all I want to know is why the product manager that decided this was a great idea is still alive with all 4 limbs intact.<br />
<br />
wimremes<br />
<br />
https://twitter.com/wimremes/status/1722675526077165897<br />
<br />
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-83924565910393902252023-11-06T08:51:00.009-08:002023-11-06T08:51:49.173-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">NEW BLOG: Common mistakes during Microsoft Defender for Endpoint (MDE) deployments. What are typical common mistakes during Defender for Endpoint deployment? In this blog, I will explain common mistakes/misconfigurations. Blog: https://t.co/hJqm6OD1UP #MDE #M365D</p>
— Jeffrey Appel | Microsoft MVP (@JeffreyAppel7) <a href="https://twitter.com/JeffreyAppel7/status/1702384606798860696">Sep 14, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/JeffreyAppel7<br />
<br />
September 14, 2023 at 06:11PM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
NEW BLOG: Common mistakes during Microsoft Defender for Endpoint (MDE) deployments. What are typical common mistakes during Defender for Endpoint deployment? In this blog, I will explain common mistakes/misconfigurations. Blog: https://t.co/hJqm6OD1UP #MDE #M365D<br />
<br />
JeffreyAppel7<br />
<br />
https://twitter.com/JeffreyAppel7/status/1702384606798860696<br />
<br />
https://ift.tt/tMzDJpE
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-24578824505195190232023-11-06T08:51:00.007-08:002023-11-06T08:51:48.356-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">Since February 2023, Microsoft has observed password spray activity by Iranian threat actor Peach Sandstorm (HOLMIUM) against thousands of orgs, likely an attempt to collect intelligence to support Iranian interests. Get TTPs, mitigation, hunting guidance: https://t.co/Qdz3JIsIzc</p>
— Microsoft Threat Intelligence (@MsftSecIntel) <a href="https://twitter.com/MsftSecIntel/status/1702359807095673106">Sep 14, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/MsftSecIntel<br />
<br />
September 14, 2023 at 04:33PM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
Since February 2023, Microsoft has observed password spray activity by Iranian threat actor Peach Sandstorm (HOLMIUM) against thousands of orgs, likely an attempt to collect intelligence to support Iranian interests. Get TTPs, mitigation, hunting guidance: https://t.co/Qdz3JIsIzc<br />
<br />
MsftSecIntel<br />
<br />
https://twitter.com/MsftSecIntel/status/1702359807095673106<br />
<br />
https://ift.tt/dYv8Kgt
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-43401888917588815062023-11-06T08:51:00.005-08:002023-11-06T08:51:47.547-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">Happy to announce the release of my JADX dynamic scripting plugin, JADXecute. Now you write and share scripts to automate your Android APK analysis! #ReverseEngineering https://t.co/J3cNWZ1lBT https://t.co/aJDLbKPSao</p>
— LaurieWired (@lauriewired) <a href="https://twitter.com/lauriewired/status/1638566067198128128">Mar 22, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/lauriewired<br />
<br />
March 22, 2023 at 03:39PM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
Happy to announce the release of my JADX dynamic scripting plugin, JADXecute. Now you write and share scripts to automate your Android APK analysis! #ReverseEngineering https://t.co/J3cNWZ1lBT https://t.co/aJDLbKPSao<br />
<br />
lauriewired<br />
<br />
https://twitter.com/lauriewired/status/1638566067198128128<br />
<br />
https://ift.tt/XRjHOxv
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-35585758714866279552023-11-06T08:51:00.003-08:002023-11-06T08:51:46.652-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">I tried ChatGPT-4 and I am not impressed. https://t.co/WLidBjW78b</p>
— Halvar Flake (@halvarflake) <a href="https://twitter.com/halvarflake/status/1666730978482462728">Jun 8, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/halvarflake<br />
<br />
June 08, 2023 at 08:56AM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
I tried ChatGPT-4 and I am not impressed. https://t.co/WLidBjW78b<br />
<br />
halvarflake<br />
<br />
https://twitter.com/halvarflake/status/1666730978482462728<br />
<br />
https://ift.tt/zwA9IeK
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-3107603341105934172023-11-06T08:51:00.001-08:002023-11-06T08:51:45.422-08:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="en" dir="ltr" xml:lang="en">Microsoft Threat Actor Naming for Office 365 https://t.co/UBp8O9ljX8</p>
— x0rz (@x0rz) <a href="https://twitter.com/x0rz/status/1648571522750070787">Apr 19, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/x0rz<br />
<br />
April 19, 2023 at 06:17AM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
Microsoft Threat Actor Naming for Office 365 https://t.co/UBp8O9ljX8<br />
<br />
x0rz<br />
<br />
https://twitter.com/x0rz/status/1648571522750070787<br />
<br />
https://twitter.com/x0rz/status/1648571522750070787/photo/1
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-38013652777694634762023-10-24T04:59:00.001-07:002023-10-24T04:59:46.721-07:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="" dir="ltr" xml:lang="">At the beginning of the infection chain, the victim receives an invisible iMessage attachment with a zero-click exploit. https://t.co/Tqq7HsCcyT</p>
— Stefan Tanase (@stefant) <a href="https://twitter.com/stefant/status/1716447708376924266">Oct 23, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/stefant<br />
<br />
October 23, 2023 at 09:33AM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
At the beginning of the infection chain, the victim receives an invisible iMessage attachment with a zero-click exploit. https://t.co/Tqq7HsCcyT<br />
<br />
stefant<br />
<br />
https://twitter.com/stefant/status/1716447708376924266<br />
<br />
https://t.co/Tqq7HsCcyT
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-60857040598529315592023-10-22T21:16:00.003-07:002023-10-22T21:16:42.516-07:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="" dir="ltr" xml:lang="">Although I have permanently transitioned to vulnerability research, I have plans to release new versions of Malwoverview and continue maintaining it after I finish writing the five pending articles: https://t.co/SfVTmQUgEC There've been 91K downloads so far. #threathunting https://t.co/RZF8eJ7fXa https://t.co/Ari00pdL9w</p>
— Alexandre Borges (@ale_sp_brazil) <a href="https://twitter.com/ale_sp_brazil/status/1716200038244794547">Oct 22, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/ale_sp_brazil<br />
<br />
October 22, 2023 at 05:09PM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
Although I have permanently transitioned to vulnerability research, I have plans to release new versions of Malwoverview and continue maintaining it after I finish writing the five pending articles: https://t.co/SfVTmQUgEC There've been 91K downloads so far. #threathunting https://t.co/RZF8eJ7fXa https://t.co/Ari00pdL9w<br />
<br />
ale_sp_brazil<br />
<br />
https://twitter.com/ale_sp_brazil/status/1716200038244794547<br />
<br />
https://t.co/SfVTmQUgEC
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-89154835276213547992023-10-22T21:16:00.001-07:002023-10-22T21:16:41.776-07:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="" dir="ltr" xml:lang="">Do you want to start the RemoteRegistry service without Admin privileges? Just write into the "winreg" named pipe 👇 https://t.co/1XkxK0FfbU</p>
— Antonio Cocomazzi (@splinter_code) <a href="https://twitter.com/splinter_code/status/1715876413474025704">Oct 21, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/splinter_code<br />
<br />
October 21, 2023 at 07:43PM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
Do you want to start the RemoteRegistry service without Admin privileges? Just write into the "winreg" named pipe 👇 https://t.co/1XkxK0FfbU<br />
<br />
splinter_code<br />
<br />
https://twitter.com/splinter_code/status/1715876413474025704<br />
<br />
https://t.co/1XkxK0FfbU
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comtag:blogger.com,1999:blog-6596577255567963696.post-28221839807785683182023-10-19T04:40:00.003-07:002023-10-19T04:40:13.913-07:00Favorite tweets<blockquote class="twitter-tweet">
<p lang="" dir="ltr" xml:lang="">Palo Alto Networks' Unit 42 researchers analyse Munchkin, a new utility that allows BlackCat operators to propagate the payload to remote machines and shares on a victim organization network. https://t.co/3l0QwWep1Y https://t.co/jYK8ure5el</p>
— Virus Bulletin (@virusbtn) <a href="https://twitter.com/virusbtn/status/1714931643025072379">Oct 19, 2023</a></blockquote>
<script async="async" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script><br />
from Twitter https://twitter.com/virusbtn<br />
<br />
October 19, 2023 at 05:09AM<br />
via <a href="https://ifttt.com/?ref=da&site=blogger">IFTTT</a><br />
<br />
Palo Alto Networks' Unit 42 researchers analyse Munchkin, a new utility that allows BlackCat operators to propagate the payload to remote machines and shares on a victim organization network. https://t.co/3l0QwWep1Y https://t.co/jYK8ure5el<br />
<br />
virusbtn<br />
<br />
https://twitter.com/virusbtn/status/1714931643025072379<br />
<br />
https://t.co/3l0QwWep1Y
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com