Process injection via GetThreadDenoscription and SetThreadDenoscription.
This makes this the 9,001 process injection technique on Windows.
https://research.checkpoint.com/2024/thread-name-calling-using-thread-name-for-offense/
This makes this the 9,001 process injection technique on Windows.
https://research.checkpoint.com/2024/thread-name-calling-using-thread-name-for-offense/
Check Point Research
Thread Name-Calling - using Thread Name for offense - Check Point Research
Research by: hasherezade Highlights: Introduction Process injection is one of the important techniques used by attackers. We can find its variants implemented in almost every malware. It serves purposes such as: Due to the fact that interference in the memory…
🤣59👍7🤓4😎3
If you don't want to wait for the merch giveaway, or you want to do other stuff with merch, you can buy it at vx-underwear.org
That name was chosen when we did a poll and you jackasses chose this dumbass domain name 😭
That name was chosen when we did a poll and you jackasses chose this dumbass domain name 😭
😁52👍17🤣16❤9🔥4🤓3😎3🫡2🎉1💯1
This media is not supported in your browser
VIEW IN TELEGRAM
If you're an attendee of DEFCON this year: there will be a person distributing limited edition holographic vx-underground stickers.
(Half the staff roster doesn't even have them)
(Half the staff roster doesn't even have them)
❤🔥104🔥20❤12🤣8😢7🤯6🤔5👍2
This media is not supported in your browser
VIEW IN TELEGRAM
If you're an attendee of DEFCON this year: there will be a person distributing limited edition holographic vx-underground vx-uwu stickers. They're ultra rare.
(We didn't even know this existed)
(We didn't even know this existed)
❤102🔥20😁17😢9❤🔥8🤔4
Good morning,
tl;dr internal updates, ignore if you only care about memes or internet TMZ.
Administrative updates:
- Black Mass Volume III, our third independently published book, is currently scheduled to be released October, 2024. It is being handled primarily by b0t and h3l3n. They're being busy bees, collecting stuff, organizing, handling typos, and wrestling distributors.
- We are currently expanding our malware collection capabilities. If things go as planned we should be able to dramatically expand our malware collection set. By late August, 2024 we should be bringing in an estimated 3,165,000 samples a month. This is a large achievement for a group with a budget of $2.00, a slice of pizza, and a limewire downloaded MP3. More details on this soon.
- August, or September, 2024 we will be holding a special event fundraiser. We will auctioning away 5 limited edition vx-underground items. Proceeds will allow us to ball out (buy stuff, watch anime, whatever). This actually took us quite a bit of time to produce (it was expensive for us) but we hope it'll be cool and people will like it.
- We have a massive queue of malware research and development papers to add. Adding these sort of papers actually require a bit of effort – verification, etc, but it's on the todo list. Of course, we are also pulling data from malpedia for malware reverse engineering and detection. We're currently behind schedule on that too though. 😭
Thanks for reading and hanging around. Enjoy your Friday, your weekend, and the perpetual internet crime.
Thanks,
tl;dr internal updates, ignore if you only care about memes or internet TMZ.
Administrative updates:
- Black Mass Volume III, our third independently published book, is currently scheduled to be released October, 2024. It is being handled primarily by b0t and h3l3n. They're being busy bees, collecting stuff, organizing, handling typos, and wrestling distributors.
- We are currently expanding our malware collection capabilities. If things go as planned we should be able to dramatically expand our malware collection set. By late August, 2024 we should be bringing in an estimated 3,165,000 samples a month. This is a large achievement for a group with a budget of $2.00, a slice of pizza, and a limewire downloaded MP3. More details on this soon.
- August, or September, 2024 we will be holding a special event fundraiser. We will auctioning away 5 limited edition vx-underground items. Proceeds will allow us to ball out (buy stuff, watch anime, whatever). This actually took us quite a bit of time to produce (it was expensive for us) but we hope it'll be cool and people will like it.
- We have a massive queue of malware research and development papers to add. Adding these sort of papers actually require a bit of effort – verification, etc, but it's on the todo list. Of course, we are also pulling data from malpedia for malware reverse engineering and detection. We're currently behind schedule on that too though. 😭
Thanks for reading and hanging around. Enjoy your Friday, your weekend, and the perpetual internet crime.
Thanks,
❤🔥75❤16👍7🫡7🔥3🥰3😢1
via verge – due to the recent CrowdStrike incident Microsoft is discussing migrating security products away from the Windows kernel and into other spaces such as VBS Enclaves or Microsoft Azure Attestation
CrowdStrike accidentally leveled the playing field for Threat Actors
Of course, forcing security vendors out of kernel space is a bit of a knee jerk reaction and nothing is certain. It appears a lot of details are up in the air, but Microsoft isn't happy about what's happening.
More information:
https://www.theverge.com/2024/7/26/24206719/microsoft-windows-changes-crowdstrike-kernel-driver
CrowdStrike accidentally leveled the playing field for Threat Actors
Of course, forcing security vendors out of kernel space is a bit of a knee jerk reaction and nothing is certain. It appears a lot of details are up in the air, but Microsoft isn't happy about what's happening.
More information:
https://www.theverge.com/2024/7/26/24206719/microsoft-windows-changes-crowdstrike-kernel-driver
The Verge
Microsoft calls for Windows changes and resilience after CrowdStrike outage
Microsoft drops subtle hints about the future direction of Windows security.
🤣58🔥15👍7😍4😢3❤1🤔1
tl;dr ¯\_(ツ)_/¯
Today it's being reported multiple bulletproof hosts are being seized by law enforcement agencies. Also today, on various forums, users noted issues with other bulletproof hosts such as zServers-dot-ru believing it to be under 'cyber attack'.
Earlier in the week we were notified zServer-dot-ru had been compromised. We are currently unable to 100% verify the authenticity of the claims. However, the images we have received, as well as the individual offering to provide us more evidence, is pretty damning.
The timing is pretty strange. Multiple bulletproof hosts taken down, another allegedly compromised, and users reporting issues with it.
Note: we've censored the image sent to us.
Today it's being reported multiple bulletproof hosts are being seized by law enforcement agencies. Also today, on various forums, users noted issues with other bulletproof hosts such as zServers-dot-ru believing it to be under 'cyber attack'.
Earlier in the week we were notified zServer-dot-ru had been compromised. We are currently unable to 100% verify the authenticity of the claims. However, the images we have received, as well as the individual offering to provide us more evidence, is pretty damning.
The timing is pretty strange. Multiple bulletproof hosts taken down, another allegedly compromised, and users reporting issues with it.
Note: we've censored the image sent to us.
😢47👍18🤯4❤3🥰3😁3😱3
Media is too big
VIEW IN TELEGRAM
🚨BREAKING NEWS🚨
This year Gojira became the first metal band to perform at the Opening Ceremony of the Olympics.
This is incredibly cool and badass. France will now forever be labeled as cool and badass.
This year Gojira became the first metal band to perform at the Opening Ceremony of the Olympics.
This is incredibly cool and badass. France will now forever be labeled as cool and badass.
❤146🤣45🔥28🤓16😎10😢9🤔8❤🔥3👍2
vx-underground
🚨BREAKING NEWS🚨 This year Gojira became the first metal band to perform at the Opening Ceremony of the Olympics. This is incredibly cool and badass. France will now forever be labeled as cool and badass.
This isn't breaking news. But when we saw this we lost our minds.
France is cool and badass.
France is cool and badass.
❤77🤣35🤓21😢9🤔7❤🔥2🫡1
vx-underground
🚨BREAKING NEWS🚨 This year Gojira became the first metal band to perform at the Opening Ceremony of the Olympics. This is incredibly cool and badass. France will now forever be labeled as cool and badass.
vX-uNdErGroUnD hOw cOuLd u LiKE THiZ tRaSg muSiC it"s SaTanIC
> Logo is a 16bit computer with a pentagram.
> Website, artwork posted – all 'edgy' and 'dark'.
> Malware
> Half of us are weirdo hottopic mall goths
> Other half looks homeless
What did you seriously expect?
> Logo is a 16bit computer with a pentagram.
> Website, artwork posted – all 'edgy' and 'dark'.
> Malware
> Half of us are weirdo hottopic mall goths
> Other half looks homeless
What did you seriously expect?
❤147🤣77😁22🤓21❤🔥10🤝8😢6🤔3🤯1
vx-underground
We're witnessing people complain in droves because of us praising the recent appearance of Gojira at the Olympics. Unapproved: Praising Gojira for their performance at the Olympics Approved: Communicating with internationally wanted criminals
Never imagined so many angry people because of a type of music. It's extremely confusing.
😁63🤣42🤓24❤9🤯2👍1😢1
Is it ethical for security researchers to do "hack-backs" on criminals?
Anonymous Poll
59%
Yes
15%
No
26%
Yes, but needs legal approval
🤣92🤝18😁13💯6❤4😘3😢2😱1
Good morning, afternoon, or night.
Today is the day of the rest. It's been quite a week, lots of crazy stuff happening. We hope all of you had a good week, weekend, and are enjoying your Sunday:)
Love you, see you tomorrow:)
Today is the day of the rest. It's been quite a week, lots of crazy stuff happening. We hope all of you had a good week, weekend, and are enjoying your Sunday:)
Love you, see you tomorrow:)
❤77👍7🎉6🤓6🔥2😢1💯1🫡1