vx-underground
gronk is this true
Also, unrelated to Gronk, we've updated vx-underground. We've added InTheWild 140 - 151. This is 275,000 new malware samples.
Additionally, we've updated TheOldNewThing archive for January, February, and March.
Large paper tsunami coming today.
Cheers,
Additionally, we've updated TheOldNewThing archive for January, February, and March.
Large paper tsunami coming today.
Cheers,
❤40❤🔥8🤓5👍1😢1
Today Donald J. Trump signed a Presidential Memorandum revoking any active security clearance held by Chris Krebs and his associates.
This includes SentinelOne in totality.
More information: https://www.whitehouse.gov/fact-sheets/2025/04/fact-sheet-president-donald-j-trump-addresses-risks-from-chris-krebs-and-government-censorship/
This includes SentinelOne in totality.
More information: https://www.whitehouse.gov/fact-sheets/2025/04/fact-sheet-president-donald-j-trump-addresses-risks-from-chris-krebs-and-government-censorship/
The White House
Fact Sheet: President Donald J. Trump Addresses Risks from Chris Krebs and Government Censorship
RESTORING TRUST IN GOVERNMENT: Today, President Donald J. Trump signed a Presidential Memorandum revoking any active security clearance held by Chris
👍46🤯13😁9🔥5🥰3❤1🤔1😢1💯1
out.txt
30 KB
Massive update to Malware Defense collection
Chat, we are cookin'. Thanks to Malpedia for letting us get the files. They're the best.
Chat, we are cookin'. Thanks to Malpedia for letting us get the files. They're the best.
🔥45❤5👏4👍2😢1
This media is not supported in your browser
VIEW IN TELEGRAM
me trying to have a rational conversation about computers with someone on twitter
😁69🤣27❤🔥1😱1😢1🎉1
"Nothing is certain except computer viruses and cat pictures" — Benjamin Franklin
👏72🤣29💯7🤓6🤔2😢1
This media is not supported in your browser
VIEW IN TELEGRAM
Windows 10 support ends October 14th, 2025. It is the calling of the Linux nerds.
😁151🤣48🥰18🤓10❤9💯7👍4😢2
The National Police Agency (NPA) of Japan recent documentation of state-sponsored Threat Actors from China is interesting.
A group they believe to be a subset of APT10, abuses WSB (Windows Sandbox) by creating a .wsb configuration file and using it to spin up an instance of the Windows Sandbox.
This is interesting because Windows Defender cannot access the Windows Sandbox (image 1).
The payload enables folder sharing, network access, clipboard access, microphone access, and video access.
tl;dr abusing the sandbox, sandbox as a c2
A group they believe to be a subset of APT10, abuses WSB (Windows Sandbox) by creating a .wsb configuration file and using it to spin up an instance of the Windows Sandbox.
This is interesting because Windows Defender cannot access the Windows Sandbox (image 1).
The payload enables folder sharing, network access, clipboard access, microphone access, and video access.
tl;dr abusing the sandbox, sandbox as a c2
👍81❤🔥24😱19🔥15🤯7🤝7🤔6❤5😁1😢1
vx-underground
Congratulations to APT "Stately Taurus". Throughout 2021 and 2022 Palo Alto was tracking their activity because they left debug symbols in their DLLs. They've since learned to remove the debug symbols. Good job, buddy. It took a few years, but you're getting…
Still not as oopsie-doopsie as when the Indian military left the PDB data present which displayed the developers first name and last name, but making the path "hack" is pretty oopsie too.
😁59👍4🤣3😢1