originally taken from her: https://s3-eu-west-1.amazonaws.com/khub-media/wp-content/uploads/sites/43/2018/03/09133534/The-Slingshot-APT_report_ENG_final.pdf The-Slingshot-APT_report_ENG_final Ring0 loader This loader is compressed in module_id 0xBF000001. Actually, there might be more than one, so in case the first loader fails, there may be a second[…]
post originally taken from here: https://securelist.com/unraveling-the-lamberts-toolkit/77990/ Yesterday, our colleagues from Symantec published their analysis of Longhorn, an advanced threat actor that can be easily compared with Regin, ProjectSauron, Equation or Duqu2 in terms of its complexity.[…]
What is WannaCry ? Wanna Cry, also known as WannaCrypt, WannaCryptor, and WannaDecryptor, is a type of ransomware. Ransomware is a malicious software that will seal your device (PC, tablet or mobile), infect your files[…]
Hacker GeoHot is known for jumping around various hacking scenes. He first started off working with iOS releasing numerous Jailbreaks, then transitioned into hacking the PlayStation and now it looks like he is getting into[…]
taken from : http://newosxbook.com/src.jl?tree=listings&file=inject.c this is an amazing injction Open Source for OSX #include <dlfcn.h> #include <stdio.h> #include <unistd.h> #include <sys/types.h> #include <mach/mach.h> #include <mach/error.h> #include <errno.h> #include <stdlib.h> #include <sys/sysctl.h> #include <dlfcn.h> #include <sys/mman.h>[…]
Well I wanted to post another article about memory forensics with my favorite open source tool right now…. Volatility. Can’t say enough great things about the documentation (very well written and expansive) and the community[…]
Enlarge 171 Snatching the login credentials of a locked computer just got easier and faster, thanks to a technique that requires only $50 worth of hardware and takes less than 30 seconds to carry out.[…]
Overview Presidential elections, like many other major events and seasonal occurrences, are prime time for spammers and cyber attackers to incorporate timely and relevant lures into their operations. As we approach November in an especially sensational[…]
I usually start this column with “so and so needed something done to their PC,” but if I were to include the names of all the people who have written me about how unhappy they[…]
Simple guest to host VM escape for Parallels Desktop First post in this blog that written in english, please be patient with my awful language skills. This is a little story about exploiting guest to[…]