Remember kids:

In December 2023, we received a report of a false positive detection on an executable signed by a valid Microsoft Hardware Publisher Certificate. However, the file looked suspicious:

🚨 I've put together my first #cheat #sheet around #maldocs , you can download a PDF version from 👇

✅ thecyberyeti.com/quick-referenc…

Covers the tools, common commands, and other information you need to know when analyzing malicious documents, such as Word, OneNote and PDF.

Windows 11 has a simple and useful sandbox feature, great for creating disposable virtual machines, where you can run and analyze binaries for vulnerability research and malware analysis. Apparently, it's still a little-known feature.

#windows #sandbox

We dug into the mystery of 'Jia Tan,' the polite, conscientious volunteer coder who inserted a surprisingly sophisticated backdoor into XZ Utils—and is most likely the persona of a state-sponsored hacking group based in an Eastern European time zone. wired.com/story/jia-tan-…

Life is short, so stop worrying about dumb shit and do whatever the fuck makes you happy.

I regularly upload content to #youtube around malware anlaysis, reverse engineering and threat hunting. Consider checking out my channel - subscribes are always appreciated! 🙏

✅ youtube.com/channel/UCI8zw…

A security backdoor was recently discovered in liblzma 5.6.0 and 5.6.1. #Wireshark 's Windows and macOS installers ship with liblzma, but not with those versions.

Binarly has released a free scanner to detect signs of the #XZbackdoor implantation xz.fail

Here is my #Friday #giveaways !

Like, retweet and share with your network... I'll randomly choose on Monday 4/1 two winners to get the full 'C5W Certified Malware Analysis' course and certification for FREE... You should not miss this! #DFIR #Malware

academy.cyber5w.com/courses/C5W-Ce…

For people asking me for guidelines for vulnerability research and exploit development, I think an initial and general path forward, based on my journey so far, could be summarized as below:

1. Choose one or more topics that you really like.
2. Obtain and read all available…

GIVEAWAY ALERT!
we are giving away our latest course 'Win32 Shellcoding' for 5 people who like and retweet this tweet.
winners will be picked on wednesday this week.

udemy.com/course/win32-s…

#infosec #malware #shellcoding #redteam

Check out the recorded Off By One Security stream with Duncan Ogilvie 🍍 !! The slides and files used for debugging are available in the video description. Thanks again for joining as a guest, Duncan!

youtube.com/watch?v=AKcADa…

Threat actors actively leverage COM object hijacking for persistence and privilege escalation. We identified the most commonly abused COM objects and CLSIDs to help you stay safe by Joseliyo:
blog.virustotal.com/2024/03/com-ob…

Check out the recording of our Beginner Malware Analysis Stream from this past Saturday, where we completely reverse engineered a malware variant from start to finish, including unpacking and static analysis. youtube.com/watch?v=2kQmx2…

Malcore will be releasing two free courses. One will be a programming course to teach people Python. The second will be a basic RE course. They will be available soon, we might even add more never know!

You can find them at courses.malcore.io

Join us this Friday at 11AM PT with Kuba Gretzky as he shares with us his latest work on Evilginx and MFA bypasses!

We will be giving away THREE free seats to Kuba's 'Evilginx Mastery' course! For those who don't win, we'll provide a 20% discount code!

youtube.com/watch?v=bomHX1…

🔥 #BinaryNinja 4.0 is now out, this includes a new FREE edition :) Definitely worth checking out, especially if you aren't a current user 👇

binary.ninja/2024/02/28/4.0…

Other updates: projects, UI overhaul, support for Windows kernel debugging, and a new Types view, to name a few

New #PEsieve / #HollowsHunter (v0.3.9): github.com/hasherezade/pe… & github.com/hasherezade/ho… - now you can search for your own signatures in memory. Details: github.com/hasherezade/pe…. Check it out!

Join me tomorrow (Friday) at 11AM PT on the Off By One Security stream with Anuj Soni for a session on reversing malware with Ghidra!

youtube.com/watch?v=cv95dd…