Where will you be tonight?! 🧐 Don't. Miss. Out! 🥳 🎉 Preview the hype: soundcloud.com/jordanaofficial

after months of development, capa v2.0 is released! new features make it easier than ever to contribute rules that describe capabilities seen in malware. particular thanks to Moritz Mike Hunhoff Ana María Martínez Gómez and _re_fox for dozens of features & rules each fireeye.com/blog/threat-re…

The FLARE Team & Mandiant (part of Google Cloud) now have Summer 2022 #internships open! The FLARE Team is specifically looking for the following roles: 🔸Malware Reverse Engineer: jobs.smartrecruiters.com/FireEyeInc1/74… 🔸Research Engineer: jobs.smartrecruiters.com/FireEyeInc1/74… 🔸Vulnerability Engineer: jobs.smartrecruiters.com/FireEyeInc1/74…

Malware using CLFS logs to hide a payload? Check out this analysis by myself and Malchanic on some tricky malware we named PRIVATELOG and a related utility/installer called STASHLOG. fireeye.com/blog/threat-re…

Do you hear that?... It's almost here!! Get ready to: - 🍴Eat - 😴Sleep - 👾Reverse - ♾Repeat 👾🥳👾 #FLAREOn8 👾🥳👾

#flareon8 Pre-registration is live for all you speed-runners out there: 2021.flare-on.com

For #APT #PlugX lovers ;-) github.com/rivitna/APT/tr…

FLOSS v2.0 just dropped!! This release is packed full of updates and deobfuscates even more strings! mandiant.com/resources/flos…

Gameel Ali 🤘 [2/2] you got last native loader which will be hosting .NET to be able to load "redline" code which is written in .NET. If you want to process the unpacking of these sh*t loading .NET payload really quickly use DNSpy. Load the original native sample, set module breakpoint - bam

ςεяβεяμs - мαℓωαяε яεsεαяςнεя For people learning malware evasion techniques, the #UnprotectProject can often provide you the answer 😊 #infosec #malware cf: Jean-Pierre LESUEUR unprotect.it/technique/ntse…

🚨 Today we're excited to release Ghidrathon, a Ghidra extension that adds modern Python 3 scripting (including Python 3.10) to Ghidra! Blog 👉 mandiant.com/resources/blog… GitHub 👉 github.com/mandiant/Ghidr…

#flareon9 is happening. Let your family know you'll miss them. mandiant.com/resources/anno…

Get pumped!

Remember to sleep! #flareon9

What better way to finish off the year than a fresh release of FLARE VM?! 🥳 This release focuses on empowering community contributions and automation. Get it while its hot 🔥🔥🔥mandiant.com/resources/blog…

🚨 capa v5 release is out! Great improvements with big additions for .NET binary analysis. Did you know that capa displays the method token + instruction offset for each .NET match? You can use this info to find the matched location in dnSpy helping focus your analysis!

capa explorer integrates capa’s automated capabilities detection seamlessly with IDA Pro. The plugin aims to focus your reverse engineering efforts, especially when analyzing malware. Check it out and let us know what you think!

The #flareon10 countdown is now live at flare-on.com. Clear your weekend plans for Sept. 30th.