Another observation for the #anydesk case: If you compare the productname that is set for the executable you get the following two graphs: Malware on the left, actual AnyDesk files on the right. Malware used the string "anydesk" in only a few occassions.

Based on x.com/cyb3rops/statu… I created 2 rules to cover more malware using the #anydesk certificate. Florian's rules detect 396 of 421 malware, 0 FPs for 560 legitimate AnyDesk files. My rules add coverage for 24 of the 25 undetected files, 0 FPs: github.com/mmorgens/yara/…

All certification tests of AV-TEST in 2024 will be run under the AMTSO standard! Read more about my perspective about cyber security testing in the interview between me and AMTSO

Most comprehensive thread regarding the #lockbit takedown. If you have missed the show, read this thread.

We collected all publicly reported cyber security incidents in Europa 2023 and put it into a report. Check it out! #threatintel #cybersecurity

Scary stuff. Just checked our database at AV-TEST for the latest WdBoot.sys drivers we know. Looks like the faulty driver (check the filesize!) was introduced Feb 6th 2024, v4.18.24010.7. Drivers before that look fine.

The AV-TEST Security Summit is underway and we are on the lookout for interesting IT security topics! #cybersecruity #informationsecurity #cybercrime

Opened the AV-TEST Security Summit 2024 earlier today and just finished my talk about YARA. Spoiler: You still need EPP/EDR 😁 #100daysofyara #cybersecurity #endpointprotection

What a fantastic day! Exciting talks in the morning during our AV-TEST Security Summit and then the most amazing AV-TEST Awards ever. Thank you for making this day a success and for being part of 20 years of AV-TEST!

Doing a bit of vulnerability research and found this gem ... that is a good way to protect secrets such as API keys 😀

Excellent summary. I always think back to that SOC manager who I asked what they look for in sandbox reports: "The overall score. We just want to know whether it is malware or not!" It's the sad truth 😐😐😐

Finished the first 5 challenges of #flareon11 and feeling already tired :D

The current #flareon11 scoreboard stats while I despair over challenge 7. 2462 people managed to complete the 1st challenge. The 2nd challenge already left 1500 people behind. Ch 5 was the next big test, stopping 400 ppl for now. And now Ch 7 is the next roadblock.

OMG, Ch7 was cruel and Ch8 was all new stuff for me, but at least faster to solve ... Seeing the flag was extremely rewarding for both though! Only 2 more to go now #flareon11

And done, achieved my goal for this year: Top 100! Lost so much time on 9, I was on the right way, but took a wrong turn and went deep down the rabbit hole. 10 was a nice final challenge! Special mentions for 5 and 7. Learned a lot and had lots of fun! #flareon11

2 weeks ago I posted the first statistics for #flareon11 Went from 2462 participants who solved Ch1 to 3652 and from 3 finishers to 64! Challenge 2 is still the first tough test for many, only 43% of Ch1 solvers managed to do it. Followed by 5, 7 and of course the special ch9.

Thanks for the trophy Mandiant (part of Google Cloud) #flareon11

I don't retweet much but this is big. One of the best RE tools on Windows got even better.