WP

WATCH: Whistleblower Rev. Robert Schenck describes how his decades-long influence campaign, aimed specifically at Supreme Court justices, successfully and intentionally exploited the high court’s lack of meaningful ethics and transparency rules.

Demonstrating CVE-2022-37958 RCE Vuln. Reachable via any Windows application protocol that authenticates. Yes, that means RDP, SMB and many more. Please patch this one, it's serious! securityintelligence.com/posts/critical…

AI art isn’t theft? Pump some Disney and Nintendo in there. See what happens.

Kimsuky organization's APT attack sample on South Korea。 name:paypal.docx MD5:7b27586c4b332c5e87784c8d3e45a523 remote template http://k22012.c1[.]biz/paypal.dotm 历史攻击韩国报道 blog.alyac.co.kr/3228 fortinet.com/blog/threat-re… @williamlong @malwrhunterteam @ShadowChasing1

It's actually two back door and a command injection

In the photo: back doors

Reminder for all the folks using YARA or regular expressions to find byte patterns in malware or other binaries - thou shalt use single line mode \0d\0a occurs way more than you would think (?s) at the start of your regex /s at the end of your YARA regex

@stvemillertime I like this analogy because it conveniently lets me rebrand my wild analysis distractibility intermixed with ADHD hyperfocus as “interval training”

@vxunderground Then go grab a free Windows VM and use 7zip to unzip it into a directory tree for easy testing on goodware twitter.com/stvemillertime…

Huh all I get now on Twitter is steady crypto bot spam. Where did infosec decide we were all gonna move to? Discord? Back to IRC?

Microsoft now offers the ability to link Azure Active Directory accounts to personal Microsoft accounts. It will be enabled by default, so Threat Actors can compromise both your business and your home life, essentially doubling the capabilities of Threat Actors. Very cool

The activities in the report include illegal & legal attempts to steer US foreign policy by exploiting vulnerabilities in American governance, including its reliance on campaign contributions, susceptibility to powerful lobbying firms and lax enforcement of disclosure laws

BREAKING: FTX had a “backdoor” built into its accounting software by SBF, which he used to move billions without triggering alerts to other staff, auditors etc - Reuters

.@redcanary if you're going to use a vx-underground meme to convey a message in your marketing advertisement, you should 200% donate to us.

Halo's Gate is (almost) dead, Long live ShellWasp! "Weaponizing Windows Syscalls": youtube.com/watch?v=ME7IGH…

Billie wants you to vote Nov 8 You should vote.

Video games are a gateway drug to hacking, reverse engineering, and malware development

On Windows, the new "raw-dylib" feature allows crates to import symbols from a DLL without making use of an import library (a .lib file). See the RFC for details: rust-lang.github.io/rfcs/2627-raw-… 9/10

@anton_chuvakin I had to search (because clearly I repeat myself) but it seems to be from my @BlackHatEvents keynote (where I was actually quoting my own tweet¹ ) 🙄 youtu.be/ExMuk_Vdyac __ ¹ twitter.com/haroonmeer/sta…