We went from the Chewbacca Defense to the Autism Defense

Tonight is vx-underground Trivia night at 9PM EST! Hosted by Laurie Wired, and Helen of Tor

Special guests include: Ali from Hak5, TracketPacer, and 0xTib3rius (as the evil Team Rocket)

Sponsored by Malcoreio – last place wins a crusty sock worn by Smelly:(

You can watch us (and the guests) absolutely make a mess out of trivia here: https://www.twitch.tv/vxunderground_live

Trivia night is live.

Hosted by the wonderful lauriewired

Sponsored by Malcoreio

https://www.twitch.tv/vxunderground_live

A long time, when a VXUG member was an adolescent, their relatives told them to never download untrustworthy .exe's.

When using Limewire, they encountered song.mp3.exe.

They became excited and thought it was both a song and a program from the music artist.

It was malware.

Today 70,000,000+ records from an unspecified division of AT&T were leaked onto Breached. No information is available to indicate whether it is a 3rd party compromise, or which 'division' this data is from.

Regardless, upon review we can confirm the stolen data is legitimate.

Today Twitter open sourced Grok – the Twitter AI thing people get access to when they have Twitter Premium+

Very cool

https://github.com/xai-org/grok-1

Large update to vx-underground tomorrow. Until that time comes please enjoy the rest of your weekend. Sunday is the day to relax.

Unless you're in Australia, or something because it's already Monday there. If you're in Australia it's time to work, nerd. >:(

It appears Apex Legends RCE is real. We do not know the technicalities behind it, but based on the response by the Apex Legends Esports organization, and the messages appearing in game, it looks legit.

Very cool

Subscriber's submission

Hello, how are you? Lots of updates today. Believe it or not, we actually have a lot more to add besides this. We've decided to upload it in increments so we don't bomb your timeline.

Cheers,

Papers:
- 2024-03-18 - Abusing SeTrustedCredmanAccessPrivilege to dump user creds
- 2024-03-15 - Capping process CPU usage
- 2024-03-09 - YARP as a C2 Redirector
- 2024-03-03 - A Trip Down Memory Lane - A history of AV evasion
- 2024-03-03 - Explorer.exe LOLBIN and persistence
- 2021-05-21 - Dumping Stored Credentials with SeTrustedCredmanAccessPrivilege

Malware sample updates:
- Amadey
- BumbleBeeLoader
- CobaltStrike
- DarkMeLoader
- DarkMeRAT
- HijackLoader
- LummaStealer
- Pikabot
- RaspberryRobin
- RedLine
- RhadamanthysLoader
- STOPRansomware
- Stealc
- TrollStealer
- Vidar
- VirusSign.2024.03.15
- VirusSign.2024.03.16
- VirusSign.2024.03.17

An underestimated security threat to organizations is employee apathy and burn out.

NSFW ---- 🔞

Two people fight to the death arguing Rust and C++

nerds online trash talking furries but as soon as your job has a serious network issue guess whos fixing it

We've updated the vx-underground Windows malware paper collections. We've got more to come too 🫡

- 2024-03-08 - Manipulating Token Attribute structures
- 2024-02-25 - Keylogging in the Windows kernel with undocumented data structures
- 2024-02-16 - InflativeLoading
- 2023-12-29 - Usermode encryption but only LOCALSYSTEM can decrypt
- 2023-11-29 - Unwind - Callstack spoofing in Rust
- 2023-11-06 - Running PEs Inline Without a Console
- 2023-09-15 - An Introduction into Stack Spoofing
- 2020-04-30 - Fax Shell - Using Fax service for system
- 2020-01-23 - Starting WERSVR from a restricted users

its crazy af when you realize the internet is literally just sand

With a budget of $0.00 we are bringing in roughly 8,500 malware samples a day.