“Used to be”

The alien spaceship computer in Moonfall (2022) had Kaspersky installed lmao.

It’s worth mentioning that at this time in my career, I had no women to turn to for support. I was the only woman in my classes, on my team at work, and was not very active in greater communities. All of my mentors, teammates, colleagues, etc were men, and it was the good ones…

In case someone needs it: I made a shellcode to PE converter for win32 and 64

usage:
shellcode_to_pe.py win32 C:\shellcode_file

github.com/struppigel/hed…

MITRE ATT&CK is astrology for security nerds.

👀

hacking is illegal and for nerds

A must read! 🔥🔥🔥

GMER - the art of exposing Windows rootkits in kernel mode : artemonsecurity.blogspot.com/2024/04/gmer-a… credits Artem I. Baranov

EDRSandBlast : a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections : github.com/wavestone-cdt/…

I just discovered Artem I. Baranov blog and OMG?! If you're into windows kernel/internals it's an AMAZING goldmine 😯🤯

artemonsecurity.blogspot.com

'Our malware bypasses ALL EDRs! It is undetectable and silent'

The undetectable and silent malware:

THIS

Now when you google the 'MpVmp32Entry' function you don't have only 1 hit but TWO! 🥳

I'm happy to announce that I recently started a new position at HarfangLab !

You can find here my very first post about Raspberry Robin and its clever anti-Defender emulator🥳

Thanks to the cool contribution from Canadian Centre for Cyber Security (cyber.gc.ca/en) #HollowsHunter can be used as ETW listener. It unlocks a new potential for much more powerful detection. Stay tuned for the upcoming release... (github.com/hasherezade/ho…)

Avast discovered an in-the-wild admin-to-kernel exploit for a previously unknown zero-day vulnerability in the appid.sys AppLocker driver being leveraged by Lazarus. decoded.avast.io/janvojtesek/la…

New blogpost and small tool release: Wrote a naive anti-rootkit driver that detects mapped drivers, and talk about some bypasses for those detections in part I of my new (anti-)-anti-rootkit series.

More research on rootkit evasion coming soon : )

eversinc33.com/posts/anti-ant…

🚀 Exciting news! 🔥🤟😎
Due to high demand and requests, I've slashed the price of my online malware analysis course by 50%!
Perfect for those facing financial challenges and aspiring to enter the cybersecurity world.
Enroll now for lifetime access: training.trainsec.net/malware-analys……