Twitter | Search | |
Search Refresh
Ross Morley 17 Apr 16
Reply Retweet Like
CERT Polska 30 Jan 17
Detailed analysis of , one of the most obfuscated .s around
Reply Retweet Like
Bank Security Apr 5
Reply Retweet Like
that_malware_guy Oct 19
hosted on IP > 47.52.246.153
Reply Retweet Like
d00rt 23 Apr 18
A simple script for making easier the analysis of using IDA Pro
Reply Retweet Like
Hybrid Analysis 26 May 17
[Attention] Here is (banker trojan) using unused windows KBs as the payload name:
Reply Retweet Like
Marcelo Rivero 5 Apr 17
with 2-for-1 malware delivery: + - Now seems to add a new player to the combo: 3-for-1 + +
Reply Retweet Like
CERT Polska Jun 1
Sometimes a simple dropper becomes more powerful than the others. Here is our analysis of dropping since 2016 (currently and ).
Reply Retweet Like
_Veronica_ 2 Dec 16
Not the same IP addresses. Clever tricks by .
Reply Retweet Like
Trend Micro ANZ Apr 18
Using our managed detection and response monitoring we uncovered an malware that distributes and can lead to ransomware. Learn more here:
Reply Retweet Like
Johannes Bader Apr 29
I just published a blog post on a new word-list-based domain generation algorithm of the Nymaim malware: . The algorithm has already been included in the DGArchive . .
Reply Retweet Like
coldshell Jan 18
I've released on GitHub an old PoC to deobfuscate samples. PoC: (cc: )
Reply Retweet Like
Cyber Moist Ointment 15 Mar 16
Seeing these "targeted" today. Are these being sent to the company names in the attachment?
Reply Retweet Like
Racco42 Dec 9
@ hxxps://globalbooking.tk/page408.php
Reply Retweet Like
Brad Nov 8
2018-11-08 - Three recent infections from pushing (or Gozi/ISFB) - saw as the follow-up malware (saw on 2018-11-05 - Email example, 3 files of infection traffic, and associated at
Reply Retweet Like
Brad 29 Aug 16
Reply Retweet Like
Limor Kessem, CISO 14 Apr 16
- A Double Headed Beast Stealing Millions from US Banks: |
Reply Retweet Like
Racco42 Feb 17
Malspam "<something> faktura nr NNN/02/SNDEnk/2019 NNN" hxxps://streetfood2you.com/show208.php UA: Windows geolocked to PL?, will probably drop
Reply Retweet Like
\_(ʘ_ʘ)_/ Nov 28
Replying to @Mesiagh
Yep, i saw some of them.. pw:1234
Reply Retweet Like
Artsiom Holub Jul 26
Reply Retweet Like