So, I did this stream against my better judgment. I had fun and there were some great questions. As expected, I received quite a few DM's from haters. I won't name and shame as I really couldn't care; rather, I wanted to share the following as an optimistic message in regard to

The eighth article (62 pages) of Malware Analysis Series (MAS) is available on: exploitreversing.com/2024/08/07/mal… I am actively writing the following articles: 01. ER_03 (Hyper-V) 02. ER_04 (MacOS/iOS) My focus is on writing articles in the Exploiting Reversing series (ERs), which is a

🔥Here's a quick note on how I extracted and analyzed an 👹unknown Python #stealer embedded in a #PyInstaller executable. kienmanowar.wordpress.com/2024/08/10/qui…

x.com/i/article/1823…

We’ve got some excellent IDA Pro online trainings in September! 🎓 Intermediate: Sept 10-12 🎓 Advanced Programming for IDA: Sept 18-19 🎓 Advanced Malware Techniques: Sept 24 🎓 Advanced Decompiler Techniques: Sept 25-26 Register now🔗 eu1.hubs.ly/H0bK3Vd0 #LearnIDA #idapro

So far, I have written 706 pages to help the security community. My goal will be writing new articles of the Exploiting Reversing Series (ERS), which is focused on security research. However, I am planning to write one or two additional articles of my previous series MAS (Malware

I am happy to share a new resource I recently created called The Ransomware Tool Matrix: 🔗 blog.bushidotoken.net/2024/08/the-ra… #CTI #ThreatHunting #ThreatIntel #Ransomware

Russia-based cyber hacktivists claim to have compromised Zoom. Let's review the data. tl;dr not compromised, but kind of depressing to review Size (uncompressed): 1.49MB Total files: 5 Unusually small size of a 'compromise' from a Fortune 1000 company, right? What's in this

New macOS malware. :) DPRK. Spent some time reversing the dropper written in Swift/SwiftUI. Here’s the deep dive: kandji.io/blog/todoswift…

The time has come, and with it your reading material for the week. Phrack #71 is officially released ONLINE! Let us know what you think! phrack.org/issues/71/1.ht…

Wow, my PR for improving the anti-anti-debugging feature has been merged! Thanks, fG! github.com/gdbinit/lldbin… #macOS #MalwareAnalysis #DFIR

Controlling System Integrity Protection using csrutil: a reference eclecticlight.co/2024/08/21/con… via Howard Oakley, Eclectic Light Co

Good, succinct and well organized article written by Olivia Gallucci. Worth reading: #toctou #racecondition #informationsecurity #programming #exploitation

"OpenSSH Backdoors" -- a few thoughts on supply-chain attacks against OpenSSH, and what we can learn from both historical and modern events. blog.isosceles.com/openssh-backdo…

Excellent work by Angelboy Angelboy. Definitely a recommended reading:

Approach to mainframe penetration testing on IBM z/OS securelist.com/zos-mainframe-…

herrcore Thanks for sharing, will watch your VOD later. Here is my quick note: kienmanowar.wordpress.com/2024/08/10/qui…

Just in case you need to list of the top protected processes on a live Windows system using WinDbg: #windbg #windows #microsoft #internals

In light of the issue page for CVE-2024-5274 being made public. Me and 1377 High-yield Nukes have decided to make our exploit public. It's a bit different than the issue page POC. github.com/mistymntncop/C…