Fake job interviews are a growing attack vector One example here is InvisibleFerret, a malware from North Korea, that targets tech professionals See detailed analysis of its code and collect IOCs to avoid infection by Mauro Eldritch 🏴‍☠️ any.run/cybersecurity-… ANY.RUN

FExcited to share that ANY.RUN now supports Android OS inside its interactive sandbox! You can analyze APK behavior in real time, right in the cloud. 🔥 Available for ALL plans (yes, even free!). 📷 Let’s check it out together! app.any.run/?utm_source=x_…

We’re excited to announce the launch of malops.io , a platform built by analysts, for analysts and it’s completely free. You can join and enjoin with our frist challenge about RokRat Loader.

#clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)

Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged

Just published a new blog post on how Microsoft’s “Mouse Without Borders” can be abused for data exfiltration & lateral movement. Features KAPE Target, C# scripts, and a BOF as a poc: 0xsultan.github.io/dfir/Exfiltrat…

PureLogs is live. A new challenge created by me. good luck

As-salamu Alaykum I wrote 3 #yara rules about #RedLine stealer , #ArrowRAT, and #MilleniumRat. RedLine:github.com/muha2xmad/yara… ArrowRAT:github.com/muha2xmad/yara… MilleniumRat:github.com/muha2xmad/yara…

👀 OpenSource Malware an open database for tracking malicious open-source packages from npm, PyPI, GitHub repos! Great source of intel feed for supply-chain attacks! 👇 opensourcemalware.com

Good morning! ☀️ #GootLoader woke up and chose violence (again) Grab your coffee, this one's JUICY 💣 huntress.com/blog/gootloade…

🔴 Live stream alert! Join Mauro Eldritch to dissect FunkLocker; AI-powered #FunkSec ransomware behind 120+ attacks across North America and Asia. 🕒 Time: Nov 12, 3:00 PM UTC 🔔 Set a reminder: youtube.com/live/PiWOtiYs2… ANY.RUN

🔴 LIVE from inside #Lazarus APT's IT workers scheme. For weeks, BCA LTD & NorthScan kept #hackers believing they controlled a US dev's laptop. In reality, it was our sandbox recording everything. See full story and videos ⬇️ any.run/cybersecurity-…