We're pleased to announce the launch of our new website Access resources, documentation, and community projects to enhance your experience with the Sigma Rule Standard Special thx to Αⅼех for the hard work! Blog: medium.com/sigma-hq/intro… Explore now: sigmahq.io

It’s very common for us to see offensive tooling enable SeDebugPrivilege so that they may bypass certain OS checks. However, what does this mean? Which OS checks are skipped? I dove into this and decided to write a blog on it. Check it out! bit.ly/3trYxdg

Tried hunting for DarkGate servers ? Try using this search term on Censys. -> (Autoit3.exe) and services.service_name=`DARKGATE` Censys: 10 results #darkgate #threathunting #malware #threatintelligence #threatintel

OK, this morning I'm doing to go cruising with #Censys ############################ You all have very specific custom config ############################# "Very Secure FTP Daemon" HTML Fingerprint HTML Title: "404 That's an Error" 8.130.12.120 47.251.45.4 86.57.172.226

#Honeypots are essential tools for threat hunting, primarily used to lure #cyberattackers. They can also help warn that an intrusion attempt is happening, and improve our understanding of #threats. Learn how to set up & use an #IoT #honeypot: ow.ly/E2t050QcBti

#GoTitan #botnet samples available on VT, have a good hunt! 9f639212aa8f31b4bf45adb9a8008502 e32a5b9c58c3e40d2246b7774cb4fb33

Good news for #obfuscator/#packer researchers, the complete #VMProtect (v3.5.1) source code has just been leaked! 🔥 e41e4c6048abddeb5f3652bfb5036927f3e49b4a02b558d72839c9ebcf2c7e98 First submission: 2023-12-07 08:38:30 UTC

As P2PInfect raises #cybersecurity concerns, our Labs team identified a strain of #P2Pinfect that targets a new #IoT architecture – ARM. Read this blog to learn about recent P2PInfect worm operations & behavior, and the implications for digital #security: ow.ly/7C9E50QrH7C

#Patchwork #Spyder v3 downloader delivering #Remcos RAT Campaign reference: mp.weixin.qq.com/s?__biz=MzI2MD…

Our latest post has just gone live! In this one, we're looking at using Capstone Disassembler, Unicorn Emulation Framework, and Python to defeat encrypted stack strings within a Conti ransomware sample 0ffset.net/reverse-engine…

#CISA updated its #BRICKSTORM advisory with an additional #Yara rule to detect the Rust variant of the backdoor. Since referenced samples weren’t on VT, with Javier Rascón we hunted down for others founding out virustotal.com/gui/file/45313… Still zero detections on VT! Happy hunting 🍷