Pepper (@femmeshoto) Twitter Tweets • TwiCopy

Our final talk for today is from Kimberly and Genevieve Stark, who will be discussing a common loader called SHELLSTING, also known as Bumblebee. #BRUNCHCON

Our final talk for today is from <a href="/tiskimber/">Kimberly</a> and Genevieve Stark, who will be discussing a common loader called SHELLSTING, also known as Bumblebee. #BRUNCHCON

thumb_up_off_alt21

chat_bubble_outline1

repeat5

shareShare

SLEUTHCON

@sleuthcon

3 years ago

Genevieve shares a few common clusters around SHELLSTING, including follow-on payloads like Vidar (which was also discussed by Christopher Glyer. #BRUNCHCON

Genevieve shares a few common clusters around SHELLSTING, including follow-on payloads like Vidar (which was also discussed by <a href="/cglyer/">Christopher Glyer</a>. #BRUNCHCON

thumb_up_off_alt3

chat_bubble_outline1

repeat1

shareShare

Matthew Conway

@svcghost

3 years ago

Now Kimberly and Genevieve Stark on the SHELLSTING loader, which could be a replacement for BazarLoader

Now <a href="/tiskimber/">Kimberly</a> and Genevieve Stark on the SHELLSTING loader, which could be a replacement for BazarLoader

thumb_up_off_alt12

chat_bubble_outline1

repeat3

shareShare

Pepper

@femmeshoto

3 years ago

#parrot tip: feed your birds a "chop" - a healthy mix of grains and diced vegetables. This provides daily foraging activities as they pick around the vegetables as expertly as a toddler.

thumb_up_off_alt5

chat_bubble_outline0

repeat2

shareShare

visi stark

@invisig0th

3 years ago

What new year's party would be complete without a cocktail menu? 😁 drive.google.com/file/d/1p00En9…

thumb_up_off_alt7

chat_bubble_outline0

repeat1

shareShare

SLEUTHCON

@sleuthcon

3 years ago

Mandiant cybercrime experts Kimberly and Pepper took a good look at SHELLSTING (AKA BUMBLEBEE), which appears to have replaced the use of BAZARLOADER among ransomware crews. 5/x youtu.be/pIXl79IPkLI

thumb_up_off_alt9

chat_bubble_outline1

repeat5

shareShare

Registration and Call for Papers is now open for SLEUTHCON! From the folks who brought you CYBERWARCON, SLEUTHCON (formerly BRUNCHCON) is a cybercrime-focused conference coming May 12th to Arlington! Please RT! 1/x sleuthcon.com

thumb_up_off_alt78

chat_bubble_outline1

repeat54

shareShare

Pepper

@femmeshoto

3 years ago

Excited to report that our fincrime team now has a shark-uterie board. Because reasons.

thumb_up_off_alt29

chat_bubble_outline1

repeat0

shareShare

Pepper

@femmeshoto

3 years ago

thumb_up_off_alt30

chat_bubble_outline2

repeat0

shareShare

Pepper

@femmeshoto

3 years ago

The week after finalizing one of our team's biggest reports of the year.

thumb_up_off_alt16

chat_bubble_outline2

repeat1

shareShare

Pepper

@femmeshoto

3 years ago

Sometimes new evidence provides justification to merge threat clusters. Other times, geech 👽👾 be like...

thumb_up_off_alt6

chat_bubble_outline1

repeat0

shareShare

visi stark

@invisig0th

3 years ago

7 yrs ago John Rodgers and i founded The Vertex Project with a DARPA mission to empower intelligence analysts. In the last 2 years, we have 4X'd our # of customers. Every single one is high-impact. Thanks for the amazing support and feedback! Keep it coming, we're just getting started!

thumb_up_off_alt77

chat_bubble_outline6

repeat8

shareShare

Joe

@jinx_soda

3 years ago

"Mandiant has observed wide exploitation of a zero-day vulnerability in the MOVEit Transfer secure managed file transfer software for subsequent data theft." UNC4857 observed actively deploying the LEMURLOOT webshell post-exploitation. mandiant.com/resources/blog…

thumb_up_off_alt74

chat_bubble_outline1

repeat45

shareShare