Gam4er

36 posts

Gam4er

@Gam4enko

ИБ, ИТ и котики

Moscow, Russia Beigetreten Eylül 2017

179 Folgt27 Follower

Gam4er@Gam4enko·11 Ağu

@_RastaMouse @TwoSevenOneT It seems like that

GIF

English

Gam4er@Gam4enko·11 Ağu

However, terminating the process isn't always convenient, especially if it's a critical system process that you don't want to disrupt. In the case of CLR code injection, a better approach is to load the malicious code into a new AppDomain and then unload that domain once it's done—leaving no lingering artifacts. This is how it's implemented in my code: github.com/gam4er/SneakyR… Process still running, but all artifacts disappeared

English

Rasta Mouse@_RastaMouse·9 Ağu

I wonder how many CS user have never thought about this - when you use explicit injection with an rDLL, what happens to it once it's finished? Nothing. It sits in memory until the process is closed.

English

162

17.5K

Gam4er retweetet

kl_secservices@kl_secservices·13 Eyl

Analyst report for IR cases from 2020 is available github.com/klsecservices/… #DFIR #incidentresponse #threathunting

English

Gam4er@Gam4enko·1 Mar

@ANDREW1ALBERTT He is wonderful, but IMHO, with this lovely color it is much better to be a British cat, than a puppy. Call him Barsik (popular cat name in Russia)

English

Gam4er@Gam4enko·27 Eki

@MalwareJake Don't worry, they just want to eat them

English

Jake Williams@MalwareJake·25 Eki

Why TF would scientists do this in 2020? They've been frozen for tens of thousands of years. Waiting until 2021 wasn't going to change anything...

English

285

Gam4er retweetet

kl_secservices@kl_secservices·6 Ağu

All incident response cases from 2019 in our yearly analyst report. Adversaries initial vectors, tools, #MITRE techniques and more. github.com/klsecservices/…

English

Gam4er retweetet

kl_secservices@kl_secservices·18 Haz

Manufacturing (CNC) security presented by @574rz on @SecurityWeek’s Singapore ICS Cyber Security Conference. Now watch your #CNC spindles and #industry40 closely! Slides are finally available. Whitepaper to be published soon. #icssecurity #otsecurity github.com/klsecservices/…

English

Gam4er@Gam4enko·28 May

@divernix Когда мне Гугл предлагает подобную дичь, то я рефлексирую: а не свернул ли я где-то не туда?

Русский

Nikita Rudenko@divernix·28 May

По-моему Google все:

Русский

Gam4er@Gam4enko·9 May

@divernix Еретик

Русский

Nikita Rudenko@divernix·15 Nis

Однако после суток самоизоляции с Win 10, заявляю – на фоне снижения качества железа и софта от Apple, переход на ThinkPad неизбежен.

Русский

Gam4er@Gam4enko·4 May

@jarnomn @gentilkiwi Mr Benjamin try to emphasize, that AV vendors sometimes can not detect/prevent the prosess of ectraction credentials, isn't it? Detecting just files are boring ;)

English

🥝🏳️‍🌈 Benjamin Delpy@gentilkiwi·3 May

Of course, not really Microsoft related

🥝🏳️‍🌈 Benjamin Delpy@gentilkiwi

#mimikatz (custom) on a fresh Windows 10 up to date

English

Gam4er retweetet

kl_secservices@kl_secservices·21 Şub

More on DCS security in our power plant automation research github.com/klsecservices/… from #36c3 talk media.ccc.de/v/36c3-10689-o…. Now with DIY assessment, wordlists and awesome visuals. tldr; learn to do basic assessment by yourself, ask uncomfortable questions, update your DCS

English

Gam4er@Gam4enko·30 Oca

@vysecurity Yep. Great tool

English

Vincent Yiu@vysecurity·30 Oca

Do people even use CACTUSTORCH? Wondering if it's worth releasing a new version, maybe not.

English

Gam4er retweetet

kl_secservices@kl_secservices·28 Ara

A guide on power plant automation and its security issues on #36c3 conference. Slides and tools from our talk github.com/klsecservices/… kudos to @repdet @_moradek_ @Alender911 @epotseluevskaya @zero_wf @574rz

English

Gam4er retweetet

kl_secservices@kl_secservices·3 Ara

Analysts’ predictions on growing corporate threats for 2020 #cloud #insiders github.com/klsecservices/…

English

Gam4er retweetet

kl_secservices@kl_secservices·14 Kas

Stories and lessons from Incident Response practice by Pavel Kargapoltsev on #ZeroNights 2019. Thanks for all the questions from audience and organisers for great event! Get the slides github.com/klsecservices/… ATT&CK inside! #DFIR #blueteam

English

Gam4er@Gam4enko·24 Eki

@alukatsky Алексей, а что тогда делать, чтобы новые технологии применялись? Похоже (и к лучшему) тактика "напугать заказчика" не работает ;)

Русский

Alexey Lukatsky@alukatsky·23 Eki

Обратите внимание на то, какие технологии защиты чаще всего используют компании по всему миру. Эти и другие цифры в новом исследовании Cisco - cisco.com/c/en/us/produc… (скоро и на русском языке)

Русский

Gam4er@Gam4enko·21 Eki

@divernix Да лааааадно. Есть пруфы?

Русский

Nikita Rudenko@divernix·20 Eki

В бортовом журнале Аэрофлота за октябрь-ноябрь рекламируют TOR Browser. Хм-м-м..

Русский

Gam4er retweetet

kl_secservices@kl_secservices·16 Eki

Most used #MITRE ATT&CK techniques and more operational security stats in our #threathunting report github.com/klsecservices/…

English

Gam4er@Gam4enko·29 Tem

@LasVegasLocally Seems like a part of the Boring Company advertising campaign: 1) Run a lot of nasty insects to LV 2) Give couple flamethrower to good guys 3) Make a good fire show 4) Increase capitalization of the Boring Company five times как тебе такое @elonmusk ?

GIF

English

Las Vegas Locally 🌴@LasVegasLocally·26 Tem

This is... interesting 😨

Paradise, NV 🇺🇸 English

462

2.5K

6.5K

Gam4er@Gam4enko·20 Oca

@malwrhunterteam Pizdec (пиздец) that word is quite popular at all of exUSSR republics. Just because almost everything that happens in these areas is "пиздец" :) Other is quite similar like Georgian... youtu.be/DuZsfaJ46QI