🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Dropped a new tool for malware researchers. It is used to continuously ingest, analyze, and alert on samples given a set of yara rules. Out of the box it works with abuse.ch MalwareBazaar recent uploads but it's modular so you can add more sources github.com/montysecurity/…

🦔 📹 New Video: Binary Refinery deobfuscation of a LummaStealer loader (PowerShell, JScript) youtube.com/watch?v=kHU_sP… #MalwareAnalysisForHedgehogs #PowerShell #JScript

Mildly irritating things seen by malware nerds: - Person saying {thing} evades EDR and/or AV, but they've never performed against an enterprise environment with an active Blue Team (they don't know what they're talking about). Yes, your payload avoided basic analysis, but stop

CISA found a backdoor in a patient monitor. Direct link to PDF: cisa.gov/sites/default/…

🔒CryptoTester v1.7.2.0 for #Ransomware Analysis 🔍 New algorithms, XChaCha20 split into Draft02/03, enhancements to RSA Calculator, new derive/hash algorithms, Keystream Finder tool, and bugfixes. github.com/Demonslay335/C…

Interpreting antivirus detection names. This article is still relevant, it has been rewritten/copied by some using AI, without giving credit. So I am gonna post it again. gdatasoftware.com/blog/2019/08/3…

Kidflix, one of the largest paedophile platforms in the world, has been shut down in an international operation against child sexual exploitation. ⏹️ Europol has supported authorities from 38 countries worldwide in shutting down the platform. More: europol.europa.eu/media-press/ne…

Podcast with Josh Stroschein | The Cyber Yeti and Jordan Wiens about: binary ninja, CTFs, AI, the future of cyber security open.spotify.com/episode/6tMYu7…

Unboxing Anubis: Exploring the Stealthy Tactics of FIN7's Latest Backdoor gdatasoftware.com/blog/2025/03/3…

How to use knowledge about .NET structures and streams for writing better .NET Yara signatures. E.g. IL code patterns, method signature definitions, GUIDs, compressed length. #100DaysOfYara #GDATATechblog G DATA Global #GDATA gdatasoftware.com/blog/2025/04/3…

After #flareon11 challenge 7, I got inspired to build tooling for #dotnet Native AOT reverse engineering. As such, I built a #Ghidra Analyzer that can automatically recover most .NET types, methods and frozen objects (e.g., strings). Blog:👉blog.washi.dev/posts/recoveri…

Excellent post on quick and dirty Lumma control flow deobfuscation using ghidralib and Python cert.pl/en/posts/2025/…

🦔 📹New Video: Analysis of Virut - Part I ➡️ self-modifying code ➡️ Ghidra markup decryption stub ➡️ API resolving ➡️ unpacking #MalwareAnalysisForHedgehogs youtube.com/watch?v=250Bxe…

"How I found Malware in a BeamNG Mod" An excellent article about hunting malware on a system with a suspected infection and analysis of a WebAssembly shellcode loader. lemonyte.com/blog/beamng-ma…