Twitter | Search | |
InstaCyber
Reveals APTs with one easy application! | Artificial amateurs, aren't at all amazing // Analytically, I assault, animate things
2,249
Tweets
233
Following
1,125
Followers
Tweets
InstaCyber Apr 18
Replying to @juanandres_gs
Hello darkness my old friend..
Reply Retweet Like
InstaCyber Apr 18
This whole thread is meaningless if 2.0 pronounced it “GOOSE-ifer” :P They weren’t the most observant bunch to start with after all.. (Btw +1 for Goochi-fer)
Reply Retweet Like
InstaCyber Apr 18
I’ll ❤️ this post but only because twitter has no UI toggle for “technically correct I guess, but also just to make you feel better”
Reply Retweet Like
InstaCyber Apr 17
Replying to @thegrugq
The key is: if they ask three times, you HAVE to answer. Maybe Austin Powers was a training requirement?
Reply Retweet Like
InstaCyber Apr 15
Replying to @juanandres_gs
Or multiple development teams in multiple organisations in multiple countries supporting multiple operator teams running multiple operations... I'm a big fan of clustering but it feels a little intangible as a term. I guess it's Clusters All The Way Down :)
Reply Retweet Like
InstaCyber Apr 15
This is an interesting piece of research on later samples of and : Not sure I agree on the coining of the term "Supra Threat Actor" though; it appears to be just describing a malware framework.
Reply Retweet Like
InstaCyber Mar 12
Replying to @timberners_lee
However, I choose to stay positive and thank for his amazing contribution. Despite all the malware, social manipulation, and community hostility I see online daily in my job, I'm still here trying to chip away at the bad actors - I hope you are all joining in too
Reply Retweet Like
InstaCyber Mar 12
Replying to @instacyber
On the flip side, people were worrying about the same thing in 1995:
Reply Retweet Like
InstaCyber Mar 12
In an open letter¹ written on the anniversary of , said "it’s understandable that many people feel afraid and unsure if the web is really a force for good". Sad to say my optimism of 25 years ago is also somewhat tainted :( __ ¹
Reply Retweet Like
InstaCyber Mar 11
Deobfuscating PowerShell can be a bit of a pain. The best option is to build automated frameworks to do so, but first you should understand how obfuscation works. This article is a great walkthrough.
Reply Retweet Like
InstaCyber Mar 7
Real power user tip for : The icon file to apply to your .bat link file is stored in the support folder of the distribution. NOW you can reverse engineer malware like a PRO
Reply Retweet Like
InstaCyber Mar 6
I never though I'd still be fielding customer intel questions regarding Jenxcus malware in 2019, but here we are ¯\_(ツ)_/¯
Reply Retweet Like
InstaCyber Mar 6
All I'm saying is, if NSA don't in-line infect copies of that are downloaded by /certain/ state-aligned adversaries, they are missing a trick. We know several of them love a bargain, will use any old software, and have no idea how to verify/compile source ;)
Reply Retweet Like
InstaCyber Mar 6
Replying to @malwaremagpie
1 year? Weaksauce ;)
Reply Retweet Like
InstaCyber Mar 4
Replying to @DrunkBinary
Looks like an FP.
Reply Retweet Like
InstaCyber retweeted
Huntress Labs Mar 3
Researcher uncovers 300+ backdoored programs & a ring of malicious github accounts/repos used to establish false credibility. Each provided a persistent : - Scheduled tasks on Windows - Launch agents on macOS - Autostart & systemd on Linux
Reply Retweet Like
InstaCyber retweeted
Melissa Mar 3
NEW BLOG POST: Extracting files from ACE files in regards to CVE-2018-20250 using by
Reply Retweet Like
InstaCyber retweeted
Chris Dietrich Feb 28
Possibly fraudulent websites mimicking , a charity event to raise money for Venezuela. h/t to my student
Reply Retweet Like
InstaCyber Feb 26
Replying to @stvemillertime
Of course, this rule only works for attackers that, by definition, give > 1 fuck ;)
Reply Retweet Like
InstaCyber Feb 25
Replying to @RidT
Ah, got you :) My sense is that for large scale attacks they would take a pragmatic view and start categorising as a single incident; metrics for those incidents are going to be hard to quantify vs those reported directly.
Reply Retweet Like