Emanuele De Lucia (@manu_de_lucia) Twitter Tweets • TwiCopy

Emanuele De Lucia

@manu_de_lucia

+ Follow

#DFIR #CTI #REM #APT

ID: 977272715500498951

linkhttps://www.emanueledelucia.net/ calendar_today23-03-2018 19:55:46

611 Tweet

2,2K Takipçi

229 Takip Edilen

Carola Frediani

@carolafrediani

2 years ago

👇👇👇

thumb_up_off_alt58

chat_bubble_outline0

repeat11

shareShare

Looks like #Amadey #AmadeyLoader added exclusion for #CIS Countries in 4.30 on both the panel and loader. Maybe there really is someone who believes that their creations are usually used for good and feels the need to include countermeasures md5:1596ee7e65daddbde81639b512266192

thumb_up_off_alt0

chat_bubble_outline0

repeat0

shareShare

Emanuele De Lucia

@manu_de_lucia

2 years ago

few #powershell lines to deobfuscate #batch files obfuscated via #skyemie obfuscator #malware #italy #malspam emanueledelucia.net/unveiling-obfu…

thumb_up_off_alt0

chat_bubble_outline2

repeat0

shareShare

Emanuele De Lucia

@manu_de_lucia

2 years ago

#AzzaSec #Ransomware analysis and technical insights: emanueledelucia.net/unveiling-azza…

thumb_up_off_alt0

chat_bubble_outline0

repeat0

shareShare

Emanuele De Lucia

@manu_de_lucia

a year ago

Latest #malware samples linked to #nitrogen campaigns appear to share code similarities with the recently discovered ransomware #lukalocker. Nitrogen previously delivered #ALPHV / #BlackCat. Potential proprietary development of BlackCat's former affiliates.

thumb_up_off_alt8

chat_bubble_outline5

repeat2

shareShare

Emanuele De Lucia

@manu_de_lucia

a year ago

If they keep doing it, it means it's working. Be careful of #virgilio #italy #phishing #credentialtheft... zip -> pdf -> URL -> #fake login

thumb_up_off_alt0

chat_bubble_outline0

repeat0

shareShare

Emanuele De Lucia

@manu_de_lucia

a year ago

I tried to have a look inside the #wiper #malware previously reported (by Kevin and Costin) below 👇 My personal speculations lead me to think of #TA402 but very uncertainly. emanueledelucia.net/hey-eset-wait-…

thumb_up_off_alt7

chat_bubble_outline1

repeat2

shareShare

Emanuele De Lucia

@manu_de_lucia

a year ago

#Agcom #PiracyShield #Google. Si parla molto di #whitelist ma cosa sono davvero e quanto è complicato applicarle ad un sistema complesso ? Da dove si parte solitamente per evitare blocchi accidentali ? Ho approfondito l'argomento nel mio blog personale: emanueledelucia.net/whitelist-di-s…

thumb_up_off_alt1

chat_bubble_outline0

repeat0

shareShare

Emanuele De Lucia

@manu_de_lucia

a year ago

#Fortinet #FortiGate #Belsen #Dataleak impatto, in percentuale, per settori su #Italia - Da notare che dalla presunta vulnerabilità sfruttata (CVE-2022–40684) al rilascio di questo archivio sono passati anni. Da quanto tempo i cattivi avevano questi dati ?

thumb_up_off_alt7

chat_bubble_outline0

repeat2

shareShare

BleepingComputer

@bleepincomputer

9 months ago

VanHelsing ransomware builder leaked on hacking forum - Lawrence Abrams bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

thumb_up_off_alt107

chat_bubble_outline0

repeat38

shareShare

francescofaenzi

@francescofaenzi

9 months ago

What can go wrong? VanHelsing ransomware builder leaked on hacking forum + Curated prompts for Jules, an async coding agent from Google Labs (or Codex, or Devin, choose yours). github.com/google-labs-co… x.com/Manu_De_Lucia/… #TrustEverybodyButCutTheCards

thumb_up_off_alt2

chat_bubble_outline0

repeat1

shareShare