Latest additions to vx-underground.

Read them.

2015-08-12 - Stealth Techniques - Hiding Files in the Registry
2015-08-20 - Manually Enumerating Process Modules
2015-12-05 - Abusing WMI To Build A Persistent Asynchronous And Fileless Backdoor
2019-12-17 - Calling Local Windows RPC Servers from NET
2021-02-27 - Windows object permissions as a backdoor
2021-10-21 - Windows Exploitation Tricks - Relaying DCOM Authentication
2024-01-31 - Abusing the GPU for Malware with OpenCL
2024-04-19 - Detecting Sandboxes Without Syscalls
2024-09-12 - Proof of Concept - Transforming an EXE or DLL to Shellcode
2024-09-13 - ScriptBlock Smuggling
2024-09-16 - Kernel ETW is the best ETW
2024-09-20 - Anti-Anti-Rootkit Techniques - Part II Stomped Drivers and Hidden Threads
2024-09-28 - Notes on unprivileged access to Bitlocker
2024-10-04 - Notes on xWizard.exe and xWizards.dll
2024-10-09 - XBL Live Game Save DCOM for lateral movement
2024-10-22 - Offensive Groovy programming.pdf
2024-10-22 - Reading BitLocker numerical passwords via API
2024-10-24 - EmbedPayloadInPng
2024-10-27 - ExecutePeFromPngViaLNK
2024-10-30 - EV code signing with pfx in 2024
2024-10-31 - SysVEHSyscalls in Rust
2024-11-09 - Structured Storage and Compound Files.pdf
2024-11-09 - Using VBS enclaves for anti-cheat purposes.pdf

Our Telegram channel's bank account continues to grow.

We now possess over $1,200 in some weird magical Telegram cryptocurrency we cannot use because it is not available in the United States.

Crime pays — Telegram is letting Threat Actors advertise on our posts

¯\_(ツ)_/¯

Some of these Cybersecurity career advice and/or Cybersecurity career influencers should be beaten over the head with an old CRT monitor.

Updates to our Malware Analysis collection.

It's too big for a Telegram post, so just read the text file.

boomers in the 90s: ppl will try to take advantage of you, so be careful

boomers now: believes everything on facebook

Jack Teixeira, the United States military intelligence analyst who leaked classified military documents onto a Minecraft Discord, has been sentenced to 15 years in prison.

Yes, he was the person who named the Minecraft chatroom "Thug Shaker Central".

Ignore previous spam. Telegram won't let me copy-pasta a Linux schizo copy-pasta.

Here is a photo of a cat instead.

Security researcher Cristian Cornea authored a fake ransomware builder dubbed Jinn ransomware builder.

It was a fake Builder — it was actually a payload.

It infected over 100 people on Breached.

https://corneacristian.medium.com/how-i-hacked-100-hackers-5c3c313e8a1a

Cristian Cornea was correct in his statement that some Threat Intelligence analysts fell for this ... 'honeypot'. We advise people do their due diligence when discussing anything said on forums (people lie, do honeypots, watch anime)

Me: Hey Google, can you tell me some musicians that sound similar to Linkin Park?

Google:

Me: Okay, so like, y'know, Google is an IPv4, IPv6, Linux system. It is a 4x4 bilateral system and it can't be split, okay?

Show us someone using a "hacker" cheatsheet and we'll show you someone who doesn't watch anime.

Club31337 has returned to Telegram

https://news.1rj.ru/str/club31337

EDIT: Heather Morgan, an individual found guilty of laundering $4,500,000,000 in Bitcoin cryptocurrency, HAS NOT BEEN SENTENCED yet. Her husband was sentenced to 5 years in prison for his role in the operation.

Regardless, here is her hip-hop alter-ego "razzlekhan".