#Nighthawk C2 framework #YARA rule raw.githubusercontent.com/fboldewin/YARA… #DFIR

github.com/vitoplantamura… => „BugChecker is a SoftICE-like kernel and user mode debugger, supporting Windows versions from XP to 11, both x86 and x64)“ #SoftIce #Debugging #Oldschool

Ever tried to reverse #NIM #Malware ? More fun, less pain with the new #IDAPro plugin from my buddy Holger Unterbrink. hex-rays.com/blog/plugin-fo…

Linpmem - physical memory acquisition tool for Linux github.com/Velocidex/Linp… Good job by Viviane Zwanger. #Forensics #DFIR

Slides, code and #YARA rules from the workshop I recently teached internally covering various aspects including C and Python API usage, tips & tricks when developing rules and 5 challenges and its solutions. Thanks Wesley Shields for reviewing the slides. #DFIR github.com/fboldewin/YARA…

#ESETresearch has released DelphiHelper, a plugin for #IDAPro that aids in analyzing Delphi binaries. Check it out on ESET’s GitHub: github.com/eset/DelphiHel…. Proud to be recognized among the notable submissions of the 2024 Hex-Rays SA Plugin Contest: hex-rays.com/blog/2024-plug…

This is Lazarus They just stole $1.46 billion from Bybit And they didn’t break the code — they broke the people Here’s untold story of how they did it (and why no one is truly safe) 👇

Lazarus Group just connected the Bybit hack to the Phemex hack directly on-chain commingling funds from the intial theft address for both incidents. Overlap address: 0x33d057af74779925c4b2e720a820387cb89f8f65 Bybit hack txns on Feb 22, 2025:

Safe Wallet & Mandiant report on #Bybit hack. Good read!

github.com/microsoft/AI-R… The repo contains challenges for the labs in the course AI Red Teaming in Practice taught at BH 2024 teaching adversarial ML and Responsible AI failures, enabling a holistic approach to identifying potential issues before an AI system is deployed. 😎

These slides are the result of my learning journey on AI and RAG, a 2 weeks project in fall 2024. 4 Use cases: 1. Leaks Analysis 2. CTI Chatbot 3. PDF summarizer 4. IoC-extractor github.com/fboldewin/Empo… #CTI #AI #ThreatIntelligence

This recently published book on Securing AI Agents was a damn great read. Highly recommended! #AI #Security #Agentic