Are you a cool hacker? ✨Look at you; of course you are! 😏Present your most recent findings, or come talk to us about your expertise at NorthSec 2024! The call for papers is now online ✨😽 nsec.io/cfp/

Es-tu un cool hacker professionnel? ✨Bien sûr que oui! 😏Viens donc nous jaser de tes recherches les plus récentes ou de ton expertise à notre édition de NorthSec 2024! Le call for papers est maintenant en ligne ✨😽 nsec.io/cfp/

To read a detailed analysis of the techniques used to infest packages uploaded to PyPI and about the backdoor, head over to welivesecurity.com/en/eset-resear…. 6/6

Startup idea: WAF for VPN appliances forums.ivanti.com/s/article/CVE-…

#ESETResearch is releasing Nimfilt, an #IDAPro plugin to help reverse engineering #Nim malware – a language increasingly used by both the red-teaming community, and malware developers. Nimfilt demystifies Nim's custom mangling scheme. github.com/eset/nimfilt @[email protected] 1/3

#Breaking #ESETresearch releases a paper about Ebury, among the most advanced server-side Linux malware, which was deployed to 400,000 servers over the course of 15 years, primarily for financial gain. Marc-Etienne M.Léveillé welivesecurity.com/en/eset-resear… 1/8

This week we @ESETResearch published a very dense report on one of the most complex Linux server-side threat, Ebury. We uncovered some of the tactics used to monetize this huge botnet, and try to explain how this threat is able to stay under the radar.

Today at 1pm EST I will be presenting NorthSec some of our findings on Ebury, a server-side Linux botnet that compromised 400k servers in the last 15 years for financial gain. See you there or online! #nsec24

To use the Montreal subway, you tap a paper ticket against the turnstile and it opens. But how does it work? And how can the ticket be so cheap that it's disposable? I opened up the tiny NFC chip inside to find out more... 1/15

Looks like Apple’s dyld team implemented my suggested fix as-is 🙌 I’m guessing the change might not be backported to avoid breaking anything that might depend on the previous behaviour.

We are looking for a strategic threat intel analyst to join ESET Research. Interested in cyber-espionage and geopolitics? Apply! ca.linkedin.com/jobs/view/anal…

A few days ago, Pidgin Instant Messenger Pidgin Instant Messenger published a notification about a malicious plugin (ScreenShareOTR) found in a third-party plugin list. #ESETResearch investigated these plugins and confirmed that they indeed contain malicious code, which downloads and executes

It seems a malicious Pidgin plugin isn’t the only way the perpetrators are spreading malware. Cradle, an instant messaging app promising “anti-forensic” software, sports the same backdoor as ScreenShareOTR, and has been available for download since September 2023. 1/7

Hackers rejoice! We are releasing the Phrack 71 PDF for you today! Don't forget this year is Phrack's 40th anniversary release! Send in your contribution and be part of this historical issue! The CFP is still open, you can find it and the PDF link at phrack.org