.Kaspersky discovered a new malicious malware campaign targeting govt entities worldwide. Dubbed #DuneQuixote , the malware employs snippets from Spanish poems to maintain stealth and persistence, with the ultimate aim of cyber espionage.

Learn more 👇 bit.ly/3wdD3m1

🚨 GitHub and GitLab comments are being abused to push malware via Microsoft repo URLs.

Let's dive in:

George Hotz says that everyone should learn C and Assembly.

Pairing it with this Cheatsheet, Malicious document analysis.. and we're good to go.

fareedfauzi.github.io/2024/04/20/Mal…

Developing a maldoc is one of the best ways to understand how maldoc works. Make it easier for malware analyst analyze maldoc.

fareedfauzi.github.io/2022/11/20/Off…

My first blogpost and Analysis on a new #Ransomware called 'Donex'. Feel free to check it out🤘

dissect.ing/posts/donex/

Check out the recording of our second Red Team tool analysis stream where we continued looking at Havoc and Sliver C2 frameworks youtu.be/iaR66XEurOc?fe…

Not sure if this account has enough visibility, but my current employer is looking for 2 more red team members to join us (cc:azrultech ).

Also looking for
+ Threat Intel/Hunting
+ Forensics

DM me your resume/CV
Please share to someone who you might think would be interested

Paul Chin's courses on malware reverse engineering on Udemy are low-key a good tutorial for beginner.

udemy.com/user/paulchin/

🚨WithSecures discovers a novel Russian APT backdoor🚨

Mohammad Kazem, one of our W/Intelligence researchers, links the backdoor to the Sandworm group, a notorious Russian nation-state actor.

🔗labs.withsecure.com/publications/k…

#Malware #Kapeka #Research

sandworm now APT44
services.google.com/fh/files/misc/…

People ask why I haven't spoken at conferences in the last four years. In fact, my decision was made in 2022 for several reasons:

1. Due to the nature of my work (Windows/Hypervisors/Browsers exploitation), I cannot comment or present anything (and it isn't recommended).

2. The

On March 25, the FBI released an indictment of APT31 hackers. We read it carefully to find new intel, and managed to connect a few dots (including about the RAWDOOR malware family).

Full article and IOCs: harfanglab.io/en/insidethela…

Playlist of #JSAC2024 presentations in English now available here. Stay tuned for #JSAC2025 ! ^MT
youtube.com/playlist?list=…

Been slowly adding small programs that help me when teaching malware analysis - most programs in c/c++

👓 github.com/jstrosch/learn…

Example, a program that implements the PEB-walking technique to resolve imports.

github.com/jstrosch/learn…

👇

register for a free workshop on malware analysis and development with me and Uriel Kosayev !
us06web.zoom.us/webinar/regist…

Fresh from Binarly REsearch team: We’ve completed an in-depth analysis of the #XZbackdoor , from initialization to the main hook enabling remote access.

Dive into our validated breakdown of techniques and backdoor functionalities, complete with proofs.
github.com/binarly-io/bin…

New from @binarly:

The process of infecting XZUtils with backdoor code is well documented. This research is on the backdoor itself and provide in-depth analysis from both static and dynamic perspectives

github.com/binarly-io/bin…

xz backdoor analysis by Kaspersky

securelist.com/xz-backdoor-st…

Looks like someone dropped a Linux kernel 0day
github.com/YuriiCrimson/E…