Verifying myself: I am botlabsdev on Keybase.io. IHwuz4seAZ8yC1MeuCySRCFVRYexDIT_F06W / keybase.io/botlabsdev/sig…

Today we published “404 — File still found”, where we can confirm #SideWinder attribution and established even more relations between samples. medium.com/@DCSO_CyTec/40…

Historical IP to ASN Mapper. The script is slow and more a PoC. I just put it here if someone else needs it. #threathunting #ASN gist.github.com/botlabsDev/60b…

Thanks again BruCON for this awesome conference. I really enjoyed every single talk ❤️ #BruCon #BruCON0x0E 🍻

MSSQL, meet Maggie! In our latest blog post, we analyze 'Maggie', a novel backdoor for MSSQL servers, implemented as an Extended Stored Procedure and only controlled using SQL queries. medium.com/@DCSO_CyTec/89…

Part 2: Tracking down Maggie DCSO Deutsche Cyber-Sicherheitsorganisation's Incident Response Team (DIRT) provides insights on how to detect the novel MSSQL malware “Maggie” in your environment. #DFIR #threat_hunting #sigma #yara #mssql medium.com/@DCSO_CyTec/tr…

Back to full talks with Axel Wauer botlabsDev who presents HZ Rat Goes China: Following The Tail Of An Unknown Backdoor #CTI-Summit

Gooooood morning Berlin! Ready for FIRST.org #CTI #firstcti #threatintel

We took a quick look at a new stealer utilizing polyglot files. Check it out. #CyTec #ShortAndMalicious #StrelaStealer ➡️ medium.com/@DCSO_CyTec/sh…

Check out our new blog post! This time we analyse and follow HZ Rat. A previously undocumented malware delivered through malicious documents and self extracting archives. We tracked the campaign and identified a lot of C2 servers. medium.com/@DCSO_CyTec/50… #HZRat #DCSO #CyTec

Ok. Let's call it a day. The "new future" wants me to take a break.

Working with Johann Aydinbas on our next #ShortAndMalicious post was a lot of fun as always 😁 Check it out below! #PikaBot #iPikaBot #DCSO #CyTec

#CLT2023 Thanks for listening 😊 See you next year Chemnitzer Linux-Tage

I converted the new threat actor naming taxonomy from Microsoft (Microsoft Threat Intelligence) to json in case someone else needs the data in a machine readable format. gist.github.com/botlabsDev/e23… #threatintel #research #apt

The recent #XZBackdoor caused a lot of agitation in the Open Source Community. Today we publish a #ComprehensiveOverview what happened and how to check your system for affection. Read more at medium.com/@DCSO_CyTec/fb… #DCSO #DRIF #Cyber

Ready for the day. PIVOTcon #pivotcon24

#ProgressUpdate The project now uses a staging system🥳. This prevents me from debugging in production and can be considered an invest into stability! The cat likes it! #ioc_one #cti

Awesome team! Can recommend to check it out!