Matthew Peterson

It's Tor, not TOR. Pass it on.

Malware threats can use different approaches for well-known operations, such as deleting a file: 1. CreateFile( ) + SetFileInformationByHandle( ) + CloseHandle( ) 2. CreateFile( ), specifying FILE_FLAG_DELETE_ON_CLOSE + CloseHandle( ) 3. DeleteFile( ) -- of course #malware

Malwoverview 4.3 is alive! I've included support for Malware Bazaar and ThreatFox (@abuse_ch): github.com/alexandreborge… It also offers information from VT, HA, Malpedia, Polyswarm, URLHaus, Alien Vault, ThreatCrowd, Malshare and Valhalla. #threathunting #malware #cyberthreats

Happy Friday #infosec community. Take some time to recharge. We all need it.

If you like hearing about new Linux tools for malware analysis, follow @REMnux even if you're not using this toolkit.

(good reading) A41APT case ~ Analysis of the Stealth APT Campaign Threatening Japan jsac.jpcert.or.jp/archive/2021/p… #apt41 #cyberthreat #malware #cybersecurity

OWASP ASST (Automated Software Security Toolkit) - A Novel Open Source Web Security Scanner - ... bit.ly/3uLMjbD #CyberSecurity #InfoSec #TousSecNum #CyberTools

Well folks, I finally decided to create a Twitter account. Let the shit posting begin! #infosec

Two years ago, during a very important conference, I remembered on a common technique used by malware using native code to load .NET runtime and execute malicious managed code. Surprisingly, the same technique has been still used frequently. #malware #dotnet #programming