SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp
#malware_spreading #malware_analysis
#malware_campaing
@ZwLowLevel
Trustwave
SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp
SpiderLabs has recently identified a banking Trojan we dubbed Eternidade Stealer, which is distributed through WhatsApp hijacking and social engineering lures.
Windows User Space Emulator
#syscall #emulator #user_mode
#sandbox
@ZwLowLevel
https://github.com/momo5502/sogen
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - momo5502/sogen: 🪅 Windows User Space Emulator
🪅 Windows User Space Emulator . Contribute to momo5502/sogen development by creating an account on GitHub.
Ghost is a process injection detection tool written in Rust.
#malware_analysis #process_injection
@ZwLowLevel
Please open Telegram to view this post
VIEW IN TELEGRAM
Medium
BOF Writeup (Pwnable.kr)
About Pwnable.kr
Threat Intelligence Report: APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and Domestic Iranian Targets
#apt #cyber_threat_intelligence
#malware_campaing
@ZwLowLevel
DomainTools Investigations | DTI
Threat Intelligence Report: APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and…
Unmasking APT35 (Charming Kitten). New report analyzes leaked internal documents, revealing their operational profile, Exchange attack chains (ProxyShell, EWS), and quota-driven compromise strategies.
#windows_internals #windows_kernel
#import_address_table #reverse_engineering
@ZwLowLevel
https://eversinc33.com/posts/driver-reversing-ii.html
Please open Telegram to view this post
VIEW IN TELEGRAM
#reverse_engineering #reversing
#hardware_hacking
@ZwLowLevel
https://medusalix.github.io/posts/miele-interface/
Please open Telegram to view this post
VIEW IN TELEGRAM
Severin's Blog
Reverse Engineering the Miele Diagnostic Interface
#windows_internals #os_internals
#stack
@ZwLowLevel
https://hulkops.gitbook.io/blog/red-team/x64-return-address-spoofing
Please open Telegram to view this post
VIEW IN TELEGRAM
hulkops.gitbook.io
x64 Return Address Spoofing | HulkOps
#windows_kernel #edr
#windows_internals
@ZwLowLevel
https://github.com/Ap3x/Panoptes
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - Ap3x/Panoptes: Panoptes Endpoint Detection and Response Solution
Panoptes Endpoint Detection and Response Solution. Contribute to Ap3x/Panoptes development by creating an account on GitHub.
#uefi #hardware_hacking
#firmware_analysis
@ZwLowLevel
https://hackmag.com/security/lenovo-uefi-hack
Please open Telegram to view this post
VIEW IN TELEGRAM
HackMag
Bypassing the Lenovo UEFI Wi‑Fi Whitelist to Upgrade the Wireless Card
Tech magazine for cybersecurity specialists
#windows_internals #windows_telemetry
#os_internals #etw
@ZwLowLevel
https://blog.trailofbits.com/2023/11/22/etw-internals-for-security-research-and-forensics
Please open Telegram to view this post
VIEW IN TELEGRAM
The Trail of Bits Blog
ETW internals for security research and forensics
Why has Event Tracing for Windows (ETW) become so pivotal for endpoint detection and response (EDR) solutions in Windows 10 and 11? The answer lies in the value of the intelligence it provides to security tools through secure ETW channels, which are now also…