Check out a really fun way to honeypot applications :) intezer.com/blog/malware-a…

I know this is a dark moment in the real world, but I’d like to take a moment to sincerely thank and praise all of the threat intel research teams, independent researchers, journalists and onlookers that are sharing their insights and time. I’m honored and grateful to all of you.

Show some love to Threat Intelligence ESET Research Silas Cutler (p1nk) Stairwell Tom Hegel Brian Bartholomew Red Canary, a Zscaler company Cybersecurity and Infrastructure Security Agency Chris Bing Kim Zetter Joakim Kennedy Eric Geller and so many many more! This is when the threat intel industry is at its best.

GrimPlant and GraphSteel used in attacks against #Ukraine are part of a bigger #golang #malware framework. #TA471, #SaintBear, #UNC2589 #Lorec53 intezer.com/blog/research/…

Our recent publication - Elephant framework is being delivered in a targeted spear-phishing campaign using spoofed Ukrainian gov email. attributed to UAC-0056 (TA471, SaintBear) by CERT-UA. Full article with IOCs - intezer.com/blog/research/… Joakim Kennedy Nicole 🐘🐘

The Elephant Implant (GrimPlant) has been extended to include more "RAT" functionality. Upload/Download files, execute programs, fetch from URLs, create and list folders. 425e69953feda05c25bb5c922f23ac6e #TA471, #SaintBear, #UNC2589 #Lorec53 cert.gov.ua/article/39882 🔥🔥

Good morning San Francisco! All those at #BSidesSF please join talks from Nicole && Avigayil Mechtinger with myself! It will be a good time! 1:30pm today && 1:30pm tomorrow.

Attending FIRST22 next week? I'll be hosting an advanced #golang reverse engineering workshop on Monday. first.org/conference/202…

#YTStealer is a new #malware that targets YouTubers ▪️ Objective = steal authentication cookies from YouTube content creators ▪️ Likely sold as a service on the Dark Web ▪️ Part of greater trend of threat actors selling access to YouTube accounts intezer.com/blog/research/…

New undetected Linux #malware: OrBit 💫 OrBit uses unique methods to hijack the execution flow, evade detection, gain persistence, provide remote access capabilities and information stealing intezer.com/blog/incident-… #Linux

-Do you work for a SOC? -Does your security team rely on MDR services? OR -Did you recently register for a free Intezer account? If the answer is yes to one of those questions, we'd love to interview you! $50 Amazon gift card as thanks and no sales pitch, promise! DM us 🙏

Part 2 of Malware Reverse Engineering for Beginners is finally out! In this blog, Nicole dives into packed samples, what packed malware is, why packers are used, and how to unpack samples with hands-on examples: hubs.li/Q01CNMb_0 #reverseengineering

people often talk about the malware that they find on virustotal. But seldom to they share the love letter executables 💔💔💔💔💔💔💔💔💔 Let's share one from Brazil 🇧🇷 [1/7] 🧵

🚨 The FBI has made a significant breakthrough, dismantling the infrastructure of a huge botnet proxy network and securing a guilty plea from the mastermind responsible. Intezer's research here assisted: intezer.com/blog/research/… #malware #incidentresponse #soc #cybersecurity

Our researchers have uncovered an APT we dubbed "WildCard." Originating from the #SysJoker lineage, the novel RustDown malware showcases sophisticated methodologies and is linked to Operation ElectricPowder, signaling a targeted offensive against Israel's critical infrastructures