FakeNet tip: If your malware might be downloading and launching a PE via HTTP, rename the default file FakeNetMini.exe to FakeNet.html and FakeNet will serve an exe instead of HTML. You can then watch it execute and produce a message box. This has saved me a bunch of time.

Just published a blog with Trevor Haskell about some analysis we did together. fireeye.com/blog/threat-re…. Bookmark it and use as a reference if you need to set up a Windows domain.

capa had been open sourced just before Willi Ballenthin and Moritz presented it at #DFIRSummit! 🥳🎉 So excited to be able to show the world this amazing tool I have been working on as part of my internship at @FireEye 😍 github.com/fireeye/capa #opensource #community

after months of development, capa v2.0 is released! new features make it easier than ever to contribute rules that describe capabilities seen in malware. particular thanks to Moritz Mike Hunhoff Ana María Martínez Gómez and _re_fox for dozens of features & rules each fireeye.com/blog/threat-re…

I'm teaching Malware Analysis Fundamentals at #BHUSA on August 6–9, 2022 with Nick Harbour. Learn more. mndt.info/3o4JfFt

🚨 Check out the new #BehindTheBinary Podcast hosted by Josh Stroschein | The Cyber Yeti !🎙️ Dive into the stories of those unraveling technology's complexities. Listen to the first episode with nickharbour, a #ReverseEngineer on the Mandiant FLARE team. 🎧 open.spotify.com/show/3yWgmIuhW…

🎙️ The next episode of the #BehindTheBinary podcast is here! Victor Alvarez, the creator of #YARA, joins us to talk about his early career, what motivated him to create YARA, and the role the community has played in its development. open.spotify.com/episode/6qQsPU…

🎙️ The next episode of #BehindTheBinary is here! In this episode Ryan Chapman joins the podcast to discuss how his early fascination with software cracking ignited a passion for reverse engineering, threat hunting, and much more! 👇 open.spotify.com/episode/6xsX2s…

FLARE is releasing a tool today that I've been working on over this year that helps break down binaries into smaller functional clusters and uses Gemini to describe their relationships, behavior and the overall malware functionality. It's called XRefer and it is out for you to

A threat hunter at Palo Alto Networks, Ryan Chapman chats with Josh Stroschein | The Cyber Yeti from Google’s FLARE team on #malware evolution in the latest Behind the Binary episode. 🎧 Listen now → spoti.fi/49AajDq #ThreatHunting #Cybersecurity

My team is hiring google.com/about/careers/…

hex-rays.com/blog/ida-free-…

Level up at #DEFCON with Google and Mandiant (part of Google Cloud). ⬇️ Pick your workshop and learn more: goo.gle/469yGbn

#flareon12 is coming in hot and fast this year and will only run for 4 weeks this year instead of the usual 6. Don't miss it! flare-on.com

The next episode of Behind the Binary is here! Getting ready for FLARE-On 12? Not sure what it even is? This episode is for you! We’re joined by long-time FLARE-On host and challenge author Nick Harbour and regular challenge author Blas Kojusner to give you an inside look at this

FLARE-On 12 is about to blow up your weekends: security.googlecloudcommunity.com/news-announcem… #flareon12

Timezones are hard, FLARE-On is harder! Apologies, challengers – #flareon12 had an unintentional early start. To keep things fair for everyone, we are pausing the competition. We're evaluating the situation and will provide an update around 10 AM ET.

Unfortunately, the #flareon12 unlocked early yesterday and some players got a head start. This will not effect the final standings as deltas will be applied to the player's final solve times (if they finish) to reflect the early access they received.

security.googlecloudcommunity.com/community-blog…

security.googlecloudcommunity.com/community-blog…