quick update

You said it, not us 👀

I spent the last 5 months reverse engineering Denuvo's protection in Hogwarts Legacy and finally managed to bypass it using more than 2000 hooks 😂

One of the toughest challenges of my life.

Here's my blog post about it:

momo5502.com/posts/2024-03-…

Imagine you are the threat actor behind xz backdoor and you have to explain to your boss why did you spent 6+months building something this complex that a single dude, reversed, documented exploited repurposed honeypoted dockerized in 24hours. This is a W
github.com/amlweems/xzbot…

Really hope this is his ringtone 🤣🤣 'LockbitSupp - It Wasn't Me' 🤣

vx-underground

After last August's international takedown of infrastructure that controlled the #Qakbot botnet, a lot of people – including some here at Sophos – thought we hadn't seen the last of the #spam -delivered #malware .

Any guesses on the date of this document?

Another Christmas present has arrived.
NCSC UK honored me with a #Challengecoin .

Very proud and happy to receive this appreciation of my work.

#challengecoin #NCSC #reward #bugbounty #infosec

I successfully used AI it to re-create missing source code components from Vault 7 and subsequently compiled and use the CIA's Marble framework... ;-)

This Friday we will be doing our last giveaway for the month of December.

This month we managed to giveaway $48,485.45 of educational courses and exams. Thank you everyone who donated to us to make this possible.

We love all of you.

Have a nice day.

Rare ProTip:
Mapped network drives are a crappy hack for DOS and can cause enumeration delays for some processes. Treating remote servers as local drives was an old workaround.
The correct, modern way to 'pin' a network drive is right-click in This PC > 'Add a network location'

Comcast has reported a security breach impacting 35,879,455 Xfinity customers. It is reported the breach was discovered December 6th, 2023 with a suspected initial breach date of mid-October, 2023.

Information via Brett Callow

If you are a sad AlphV affiliate - Chevrolet Corvette can bring back a smile to your face!

Trettonårige Laha bryter glimmer i gruvan på Madagaskar. Aftonbladets Staffan Lindberg och @magnuswennman lyckas koppla mineralen till Teslas leverantör – som erkänner att man inte kan skilja ut barnbruten glimmer. Tesla vägrar svara på frågorna. aftonbladet.se/nyheter/a/jlWA…

Ya Qbot is back, it sucks. But look what happened with Emotet when it came back. Was a half assed attempt at running a botnet which eventually disappeared without any LE. Lets make it so that becomes the case with Qbot as well.

Is there another example where a country has directly self-attributed a wiper like this?

gur.gov.ua/content/zlam-f…

New vx-underground front-end. We do not have a confirmation on its deployment date yet.

- Dynamic, fully functional on mobile and desktop
- Custom built file explorer, faster loading
- Doesn't look like a bag of poopie

#DarkGate gained popularity among threat actors (e.g: #TA577 , #DuckTail ), our #RE analysis details the internals of the malware, how it implements technique to evade defenses: Union-API, token theft via UpdateProcThreadAttribute, APC injection. blog.sekoia.io/darkgate-inter…