Source Byte

The tragedy of low-level exploitation https://gynvael.coldwind.pl/?id=791 похожие мысли всегда в голове крутились

🥸

📹 #HITB2022SIN EDR Evasion Primer For Red Teamers - Jorge Gimenez & Karsten Nohl 👤 Hack In The Box Security https://youtu.be/CKfjLnEMfvI?si=Onv4H3CsFYbXmHGA

https://github.com/kbandla/APTnotes yummyyyyy

DEF CON 24 - Joshua Drake, Steve Christey Coley - Vulnerabilities 101 #vulnerability #research #vr #conference Video ——— 🆔 @Infosec_Fortress

Silly EDR Bypasses and Where To Find Them Credit: Marcus Hutchins

A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.

_ Article _ https://github.com/MalwareTech/EDRception.git #edr #redteam

Anyone have any edr installer? Dm me @ke3rnel Thanks

The SOS Intelligence CVE Chatter Weekly Top Ten This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web. https://sosintel.co.uk/category/cve-top-10/ ——— CISA ( America's Cyber Defence Agency ) Bulletins provide weekly summaries of new vulnerabilities. https://www.cisa.gov/news-events/bulletins ———

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office

Automating Malware Deobfuscation with Binary Ninja Writing a Static Unpacker This section will teach participants how to automate unpacking and decryption of malware samples. This will be accomplished using the Qakbot sample as an example. The Qakbot sample is packed (obfuscated using an external program that “unpacks itself”) and therefore we will perform multiple hands-on exercises to automate the extraction of Qakbot from its packed form using Binary Ninja, PEFile and Binary Refinery. + The first exercise will teach attendees how to use Binary Ninja to identify the encryption algorithm used by the first stage of the packer and how to extract key information to decrypt the second stage. +The next exercise will teach attendees how to use PEFile to extract an embedded resource from the packed binary. Once extracted, the resource will then be decrypted using the key information from the first exercise The next exercise will teach attendees how to use Binary Refinery to carve binary files from the decrypted resource Code Slides Workshop Manual

Attribution of Advanced Persistent Threats How to Identify the Actors Behind Cyber-Espionage

Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem

A technical analysis on how CVE-2023-22527 can be exploited by malicious actors for cryptojacking attacks that can spread across the victim’s system.

https://www.trendmicro.com/en_us/research/24/h/cve-2023-22527-cryptomining.html