lc4m
@luc4m
(っ◔◡◔)っ @[email protected]
ID:468672899
19-01-2012 19:53:06
6,9K Tweets
4,2K Followers
930 Following
#ransomware found in a zip file that i have no idea where i got it.
see samples:
57ed772081790cd3c0993b754c9241660c640d52a3d2be86fc6e9981c7b577f1
8bb509402f8f41b53d83b77979a9f09085b8766021ee1918b1b8e86efc126cc4
2594c63e40c0f752386b7a066f1aa86a36568d40cffc7ab67a268f5e7b706167
Did you hear that?
Akamai researcher Ben Barnea has discovered two vulnerabilities within Windows.
Leveraging the infamous custom reminder sound feature, these can be chained together to achieve full 0-click RCE against Outlook.
Full write-up:
akamai.com/blog/security-…
Mentioned sample by JAMESWT and found by Artilllerie ☣ is #Zegost #malware #spyware as fake AnyDesk
✅Searches for sec-apps while performing system reconnaisance
✅High modular
✅Remote Command Execution
✅Keylogging
🔥c2 8.218.159.17
#CyberSecurity
x.com/Artilllerie/st…
I don't care what the haters say; I managed to create some good detections and hunts for the activity reported by BlackBerry Cybersecurity. See the Sigma detection rule below. This is just one of many:
My upcoming CTI workshop: 'Keep Your Enemies Closer: How to Profile and Track Threat Actors' at #BSidesLondon2023 is live! pretalx.com/bsides-london-…
lc4m Brad Michael Koczwara Soufiane The DFIR Report abuse.ch Igal Lytzki🇮🇱 CERT-Bund Overlapping hostnames/machineIDs is a curious one for infrastructure analysts. I believe these types of overlaps are mostly due to some reseller that rents from multiple VPS providers.
Here’s some other hostnames to help with any future investigations: gist.github.com/BushidoUK/00cd…
New research out! Investigation on #LockBit affiliate infrastructure led to the discovery of a >100 server for exfiltration.. and wider criminal connections.
cc Brad Michael Koczwara Soufiane The DFIR Report abuse.ch Igal Lytzki🇮🇱 CERT-Bund
medium.com/@lcam/lighting…