Source Byte

j00ru//vx tech blog https://j00ru.vexillium.org/articles/ #exp

Analysis of some feature of vmprotect https://sachiel-archangel.medium.com/analysis-of-vmprotect-0b28c8e47ca5 #protector

The changes to the IDAPython API in IDA 9 has broken some plugins and scripts Here's how to fix some of these issues: https://blog.junron.dev/IDAPython%20Research/IDAPython%208%20to%209.html

🔥 Iran Ethical Hackers 2016

RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software https://www.bleepingcomputer.com/news/security/ransomhub-ransomware-abuses-kaspersky-tdsskiller-to-disable-edr-software/

⚙️From COM Object Fundamentals To UAC Bypasses A 25-minute crash course covering Tokens, Privileges, UAC, COM, and ultimately bypassing UAC. 🔗Research: https://www.youtube.com/watch?v=481SI_HWlLs 🔗Source: https://github.com/tijme/conferences/tree/master/2024-09%20OrangeCon/code #windows #com #uac #bypass

RedTeam Workshop - Part 3

Execution + T1059.001 | PowerShell + T1059.003 | Windows Command Shell + T1059.005 | Visual Basic + T1106 | Native API + T1053.005 | Scheduled Task + T1569.002 | Service Execution + T1024.002 | Malicious File Persistence + T1543.003 | Windows Service

https://www.youtube.com/watch?v=XjeIPE4g33s slides / notes : https://github.com/soheilsec/RT-workshop-2024 credit : @soheilsec language : persian

Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups

Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine.

GitHub

Schools need to stop teaching kids malware is like, 'trojans', and 'worms', etc. It's not 1996 anymore. New malware types: - Ransomware - Loaders - Information Stealers - Piles of shit that doesn't work - RATs