We've updated the vx-underground Windows malware paper collection

- 2023-08-28 - Uac bypass via UIPI or Windows Task Manager
- 2023-08-27 - Demonstrating Parent Process ID Spoofing
- 2023-08-23 - Demonstrating how IIS decrypts AppPool credentials
- 2023-07-26 - WSPCoerce - PoC to allow authentication from Windows hosts using MS-WSP
- 2023-06-18 - DCOMHijack - Demonstating lateral movement using DCOM and DLL hijacking
- 2023-06-09 - No Alloc, No Problem - Leveraging Program Entry Points for Process Injection
- 2023-06-01 - Improving the stealthiness of memory injections techniques
- 2023-05-21 - PCAPeek - PoC reassembler for reverse VNC traffic
- 2022-09-05 - DirectX and HyperV - An Offensive View

The leader singer of Smash Mouth, Steve Harwell, has passed away at age 56.

Their hit song "All Star" alongside the film "Shrek" inspired hundreds, if not thousands, of memes and trolls.

Rest in power, king.

https://youtu.be/L_jWHffIx5E?si=5f54sugwfY29zwjB

Today at 9:31AM EST Stake, an Australian based crypto gambling site, was compromised. The currently unidentified threat actor(s) steal over $41,000,000 in cryptocurrency.

- First transaction, $16,000,000 stolen
- Second series of transactions, $25,000,000 stolen

Absolutely tragic news. Geoff Chappell, the reverse engineer and author, has passed away today. His work was incredible.

Our deepest condolences to Geoff's family, friends, and colleagues.

Check out Mr. Chappell's work. It's amazing: https://geoffchappell.com

We have personally used his research and documentation hundreds, if not thousands, of times.

He was a true gift with an incredible skill for writing.

Rest in Peace.

We are doing a book giveaway on Twitter. If you're interested in books, or something, check it out here:

https://twitter.com/vxunderground/status/1698911064539206022

Some dork on Telegram is selling vx-underground samples for $300. He even takes a screenshot of our website, proclaiming it to be his (???), and says he got the malware from a seizure (???)

👏DON'T 👏PAY 👏FOR 👏 MALWARE 👏

Threat Actors when they trip the EDR

Before we make more updates to vx-underground we have to sync our off-site backups across a few different regions. We're syncing 7TB+ of data at like, 5Mbps.

tl;dr meme game continues (also the giveaway is tomorrow)

Have a nice day:)

Some nerd named ParkinsonFrost has created an Infosec muppet show.

United States Presidential Candidate Vivek Ramaswamy has proposed abolishing the United States Federal Bureau of Investigation. His proposed solution does not account for Cyber Crime (although maybe the financial aspects of it).

Anyone familiar with the Apex Legends™ IDE?

We have extremely exciting news. Our second book will be released next weekend.

Black Mass Volume II.

Digital copies are free on vx-underground. Physical copies will be available for purchase on Amazon.

Update on the off-site backups we're doing

Today the United States and United Kingdom sanctioned 11 individuals believed to be responsible for the Trickbot botnet.

They sanctioned Trickbot managers, HR representatives, developers, QA engineers, network administrators and more.

More information: https://home.treasury.gov/news/press-releases/jy1714

tfw Trickbot, an internationally wanted cyber-gang, was more organized and had better benefits for employees than your employer