Found an interesting #PowerShell dropper today that uses multiple rounds of complex obfuscation, even actual encryption. And I reversed the whole things using one stupid trick: Replace 'Invoke-Expression' with 'Write-Host' Wanna see?
0 new OPEN, 13 new PRO (0 + 13). VictoryGate, CoinMiners, Others.
For those of you attending #SuriCon2021 - be sure to attend 'Making CENTS of Malware Configurations' Oct 21st, 11:45-12:30 (EDT), by several members of the Emerging Threats team!
Google TAG (@ashl3y_shen) with others disrupting YouTube channel takeover by cybercriminal groups.
The attackers combine social engineering, malware and cookie theft in their operations.
First GitHub, now Twitter. @apple is attacking me for posting a link (actually an IP address) to the website which hosts their documentation. And the website is still publicly available (google "Atlas is a toolbox" in quotes). How messed up is that!?
#Bollène 🚨 Intervention #gendarmerie en cours.
+ de 100 #gendarmes mobilisés.
⚠️ 𝐄𝐯𝐢𝐭𝐞𝐳 𝐥𝐞 𝐬𝐞𝐜𝐭𝐞𝐮𝐫 du massif du Barry.
Individu en fuite, potentiellement dangereux et armé : si vous l'apercevez, n'intervenez pas vous-même et contactez immédiatement le 17.
Dear operational MNO teams, here a really good primer how the port/IP assignment works for GTP. This is not that easy, in particular for collocated nodes it is easy to make mistakes. piped.kavin.rocks/watch?v=FPfExr9b…
#MagnitudeEK is now stepping up its game by using CVE-2021-21224 and CVE-2021-31956 to exploit Chromium-based browsers. This is an interesting development since most exploit kits are currently targeting exclusively Internet Explorer, with Chromium staying out of their reach.
🚨 CrowdStrike Intelligence reports multiple intrusions targeting the telecommunications sector from a sophisticated actor tracked as the LightBasin activity cluster. Read all about our investigation in the @ CrowdStrike blog → bit.ly/3DTM6qE via @dan__mayer
🚨 Fake Malwarebytes support page and number
Create date: 2021-09-21
Domain name: webservicesonline[.]info
Domain registrar: NameCheap, Inc
@Namecheap could you please take action?