Merry Christmas / Happy Chanukah to all my friends! From myself & Vitali Kremez visiting in Miami! 🎄

✅When I was writing the last RE course lesson, I credited and thought a lot remembering Jay Rosenberg's excellent presentation from confidenceconf on 'Utilizing YARA to Find Evolving Malware'
🙂I highly recommend watching it for YARA code reuse zen -> youtube.com/watch?v=XMZ-c2…

2019-11-14: Let's Learn: [Last 12th Session of RE Course] ' #YARA Hunting for Code Reuse: “(Bit)|(Doppel)Paymer” #Ransomware & “ #Dridex ” Kinship Family' |
Writing YARA Code Reuse Rules that Last |
🔦Dridex API Hashing -> #BitPaymer & #DoppelPaymer & Loader
sentinelone.com/blog/yara-hunt…

Android Spy that signs you for SMS premium subscription (€6,71 per week) found in 24 apps on Google Play with 472,000+ installs

-campaign started in June 2019
-targets 37 countries
-can steal victim SMS, contact list + perform AdFraud
Found by smtnk
medium.com/csis-techblog/…

2019-09-02: 🎖️ #HackingTeam Soldier Windows Implant #Malware Fork
Disguised as 'ado64/Intel Corporation'🤔
🔦HackingTeam Leak -> SoliderWin project [LANG 40] -> Italy 🇮🇹
'[Crisis]: Network activity inhibited'
Ref: twitter.com/oguzpamuk/stat…

I'm publishing some 🔥 research today, a major design flaw in Windows that's existed for almost *two decades*. I wrote a blog post on the story of the discovery all the way through to exploitation.
googleprojectzero.blogspot.com/2019/08/down-r…

Proud of Mohsan & Dani Goland for killing it!!!!

Wow, wasn't expecting a crazy line for Mohsan's and my talk..

For everyone that couldn't get in, I'll share the slides later tonight.
Cloud Village
#DEFCON27

Virusbay blog is finally up!
We begin with decryption of #Whiterose ransomware / by void m4p(): blog.virusbay.io/2019/08/05/how…
and additional 2 parts blog / by 0verfl0w, who’s also one of our Divers, about #Turla KLSL0T!
Enjoy!

VOGUE Germany interviewed me for their Business issue! Achievement unlocked. 🤩

I absolutely hate the picture they chose but who cares I’M IN VOGUE BITCHEES ✨✨

Well, Vitali Kremez & Ido Naor attribute this ransomware to me because they don’t think else anyone would include “Gucci gang” in the ransom note. Caught me! 😂😂😂
#attributionthroughraplyrics

#NoMoreActorName

This story, trending at #number1 Forbes and ForbesEurope, has been updated with further information from Vitali Kremez, one of the researchers who reversed engineered #trickbot . I'm still awaiting a statement from Microsoft.

#Windows10 #infosec #UPDATE

forbes.com/sites/daveywin…

The abrupt termination of TrueCrypt in 2014 always fascinated me. The vague, lame explanation and the push toward closed-source alternatives just didn't make sense.
Then, in DigitalRevolution's leak, one of the projects - 'Наставник' is safely suggesting the use of TrueCrypt 7.1a

The Andariel group seems to be active again. They seem to have stolen Korean security company certificates.

boannews.com/media/view.asp… (Korean)

✨Big Announcement✨

After almost one year of building, preparing, and operating successfully but quietly, I am proud to finally tell you that I am ...

Launching my new company!

I promised a training page with weird design attempts so here it is: training.azeria-labs.com

Area 51 Special Edition. 👽

Come watch Mohsan and I battle in the clouds 😎
Cloud Village DEF CON