NEW BOT Телеграм, страница - 832088792

HackerOne

11K subscribers

644 photos

31 videos

79 files

2.74K links

Community : @Sec0x01
@Bug0x

Download Telegram

About

Blog

Apps

Platform

11K subscribers

#threatleak #malware

https://any.run/cybersecurity-blog/introduction-to-malware-analysis/

ANY.RUN's Cybersecurity Blog

Introduction to Malware Analysis - ANY.RUN's Cybersecurity Blog

Investigate malicious files with our guest writer. He will lead you through each step of Dridex and IcedID analysis, so you can repeat it by yourself.

1.92K viewsAdeL, 12:27

https://youtu.be/zDxCnzNAkAk

1.93K viewsAdeL, 12:18

https://mitre-engenuity.org/blog/2021/07/19/engenuity-releases-ics-security-tools/

1.98K viewsAdeL, 19:10

Automation in Reverse Engineering: String Decryption https://synthesis.to/2021/06/30/automating_string_decryption.html

1.86K viewsAdeL, 16:19

A good historic background of Pegasus, a weapon system by NSO Group and role of Israel 🇮🇱 (government) in supporting the cyber espionage and specifics to India 🇮🇳

Israeli government is trying to evade sanctioning NSO and similar companies under international pressure. Lobbying is not working for Israel. Public is aware and only thing in Israels favour is to stay quiet till the heat dies out.

https://youtu.be/0OWw8IEj9oQ

2.14K viewsAdeL, 17:30

https://www.trendmicro.com/en_us/research/21/g/updated-xcsset-malware-targets-telegram--other-apps.html

Updated XCSSET Malware Targets Telegram, Other Apps

In our last update on the XCSSET campaign, we updated some of its features targeting latest macOS 11 (Big Sur). Since then, the campaign added more features to its toolset, which we have continually monitored. We have also discovered the mechanism used to…

👎1

1.94K viewsAdeL, 13:39

Fuzzing with Grammars

https://www.fuzzingbook.org/html/Grammars.html

www.fuzzingbook.org

Fuzzing with Grammars - The Fuzzing Book

In the chapter on "Mutation-Based Fuzzing", we have seen how to use extra hints – such as sample input files – to speed up test generation. In this chapter, we take this idea one step further, by providing a specification of the legal inputs to a program.…

1.79K viewsAdeL, 20:38

Elasticsearch ECE 7.13.3 - Anonymous Database Dump

https://www.exploit-db.com/exploits/50152

Exploit Database

Elasticsearch ECE 7.13.3 - Anonymous Database Dump

Elasticsearch ECE 7.13.3 - Anonymous Database Dump. CVE-2021-22146 . webapps exploit for Multiple platform

1.75K viewsAdeL, 11:29

Microsoft Warns of LemonDuck Malware Targeting Windows and Linux Systems

https://ift.tt/3zvPwgW

1.69K viewsAdeL, 11:33

New PetitPotam attack
https://twitter.com/cyb3rops/status/1419193618745675776?s=19

Keep calm. This is much less serious than it initially appeared.

1.79K viewsDmitriy, 11:36

Apple fixes zero-day affecting iPhones and Macs, exploited in the wild

https://ift.tt/3eYuZJY

BleepingComputer

Apple fixes zero-day affecting iPhones and Macs, exploited in the wild

Apple has released security updates to address a zero-day vulnerability exploited in the wild and impacting iPhones, iPads, and Macs.

1.85K viewsAdeL, 19:55

CVE-2021-27850 Exploit
https://github.com/kahla-sec/CVE-2021-27850_POC

GitHub - kahla-sec/CVE-2021-27850_POC: A Proof of concept for CVE-2021-27850 affecting Apache Tapestry and leading to unauthencticated…

A Proof of concept for CVE-2021-27850 affecting Apache Tapestry and leading to unauthencticated remote code execution. - kahla-sec/CVE-2021-27850_POC

1.87K viewsAmir Kiani, 19:50

Pegasus is open source and available under the Apache V2 license.

https://pegasus.isi.edu/downloads/

1.89K viewsAdeL, 04:27

https://cio.ubc.ca/sites/cio.ubc.ca/files/documents/resources/Software%20Application%20Security%20Checklist.pdf

1.74K viewsAdeL, 05:44

Portable Executable Injection

https://malwareunicorn.org/workshops/peinjection.html#0

1.79K viewsAdeL, 05:53

Fuzzing online udp protocols of online games to achieve RCE

http://blog.ret2.io/2021/07/21/wtf-snapshot-fuzzing/

RET2 Systems Blog

All Your Base Are [Still] Belong To Us

Axel ‘0vercl0k’ Souchet recently open-sourced a promising new snapshot-based fuzzer. In his own words: ”what the fuzz or wtf is a distributed, code-coverage ...

1.81K viewsAdeL, 09:13

https://attack.mitre.org/versions/v9/techniques/enterprise/
https://shield.mitre.org/
https://car.mitre.org/
https://d3fend.mitre.org/
#MITRE

MITRE Cyber Analytics Repository

Welcome to the Cyber Analytics Repository

1.67K viewsAdeL, 09:40

https://github.com/DFW1N/DFW1N-OSINT/

GitHub - DFW1N/DFW1N-OSINT: Australian Open Source Intelligence Gathering Resources, …

Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cybe...

1.57K viewsAmir Kiani, 18:02

https://www.youtube.com/watch?v=fKuqYQdqRIs

How To Protect Your Linux Server From Hackers!

Do you have a linux server and do you know how to prevent getting hacked? In this video we will critically discuss a few best practices. The video can be summarized as: "a lot of fluff, not much use".

Prefer to read? Blog article version: https://liveov…

1.57K viewsAmir Kiani, 18:13

https://www.secureworks.com/blog/state-of-the-bronze-union-snapshot

State of the Bronze Union: A Brief Snapshot

The BRONZE UNION threat group focuses on espionage and targets a broad range of organizations and groups using a variety of tools and methods.

1.52K viewsAmir Kiani, 18:29

https://www.youtube.com/watch?v=SiFWF1i5Quc&ab_channel=F-SecureLabs

F-Secure Labs Investigate The Crash

A webinar covering how to determine the exploitability of a software crash. In the previous episode we showed how to find crashes using AFL. This episode qualifies what type of crash has occurred and how it can be exploited.
Tools
AFL: https://lcamtuf.coredump.cx/afl/…

1.73K viewsAmir Kiani, 18:37