We've updated the vx-underground Malware Defense paper collection. We've added 150+ new papers.

Have a nice day and enjoy your Friday.

Check it out here: https://www.vx-underground.org/malware_defense.html

One time someone, an unnamed individual, accidentally detonated several thousands malware samples on their host machine when prepping to upload to vx-undergound.

Windows Defender some how magically re-enabled itself, almost like the second coming of Christ, and thwarted the samples - sort of. Machine CPU usage and disk usage spiked to 100%. Windows Defender detected malware listing was so long the scroll bar was microscopic.

In an attempt to quarantine and remove the malware, Windows Defender locked all of the files and, because of the amount of CPU and disk usage, the machine was essentially locked

Because this individual was due for an upgrade, they just threw away the entire machine

Western Digital sent out a notification to customers regarding what we believe to be about ALPHV ransomware group.

Information via CorruptedPixl

We've updated the vx-underground Windows malware paper collection.

- 2021-02-13 - x64 Deep Dive
- 2023-04-11 - Stepping Insyde System Management Mode
- 2023-04-18 - Diving into Intel Killer bloatware

https://www.vx-underground.org/windows.html

Our friends over at OnlyMalware did their first talk today. rad98 presented: "Getting Started with Windows Malware Development".

It provides a high-level overview for nerds who want to write malware. It also features a Q&A.

https://youtu.be/Rs0xPnVr0dQ

OnlyMalware is a community for malware writers who want to discuss nothing but malware writing because they are all slowly descending into madness.

Discord invite link: https://discord.gg/onlymalware

Any nerd behind a computer can make a ransom group. But, how many can make a handsome group?

We have located a cold war era nuclear bomb shelter for sale.

It is $100,000.

New fundraiser for vx-underground HQ 😎

In a post-apocalyptic society the only thing remaining will be cockroaches and vx-underground

We have been gifted 5 licenses to Malcat standard edition. If you're interested in a license of Malcat, leave a comment on our tweet =D

Malcat is a new binary analysis software. More information: https://malcat.fr

https://twitter.com/vxunderground/status/1655536899237511168

We are excited to announce some winners have been chosen from the vx-underground x SentinelOne malware research challenge.

Winners will be announced soon.

Nerds will win swag, entries on the SentinelOne site, the vx-underground site, and 1 nerd gets a Macbook Pro.

A new potential replacement to Breached has exploded in popularity. Interestingly, unlike Breached, they did not allow attacks against Russia.

Also, the logo they use is interesting.

The new Windows 11 boot screen looks really good

We've updated the VXUG Windows malware paper collection

-2017-09-19 - Abusing Delay Load DLLs for Remote Code Injection
-2021-01-24 - LSASS Memory Dumps are Stealthier than Ever Before Part 1 & 2
-2023-04-17 - An in-depth look at the Golang Windows calls

https://www.vx-underground.org/windows.html

We've updated the vx-underground AV Tech paper collection

- 2023-04-19 - Demonstrating monitoring abnormal syscalls with ETW
- 2023-04-27 - The Art of Clipboard Forensics Recovering Deleted Data

Check it out here: https://www.vx-underground.org/malware_defense.html

vx-underground will be 4 years old soon