Twitter | Search | |
Kafeine
Sleep is a symptom of caffeine deprivation.
1,242
Tweets
547
Following
16,732
Followers
Tweets
Kafeine retweeted
Joseph Chen 19h
New Reconnaissance Tactics Hint At Next Targets Thanks
Reply Retweet Like
Kafeine Jul 16
Replying to @nao_sec
Reply Retweet Like
Kafeine Jul 11
Geofenced (even at the DNS level - resolver in PL should do it ). Sent to VT.
Reply Retweet Like
Kafeine Jun 26
Replying to @dvk01uk
Illustrated. Conditionnal link to Sharepoint hosted zipped-js : JS Payload :
Reply Retweet Like
Kafeine Jun 21
Replying to @mesa_matt @dvk01uk
Reply Retweet Like
Kafeine Jun 14
Reply Retweet Like
Kafeine Jun 11
Replying to @dvk01uk @mesa_matt
Ursnif 3 (1st Stage Loader) id: 20017 version: 3.0.579 soft: 2 key: mThcuKKuHbW131Nj c2: https[://86.105.18[.236 uri: index.html
Reply Retweet Like
Kafeine Jun 6
Replying to @av_eip @mesa_matt
Comes from network. Illustration:
Reply Retweet Like
Kafeine Jun 6
Replying to @kafeine
Reply Retweet Like
Kafeine Jun 6
Erratum! In this tweet: the sample is not generated by a custom version of ThreadKit but most likely something (that we'll call "VenomKit") sold as "Word 1day exploit builder" for 750$ USD. 8174 added on 2018-05-24 according to author. cc/thx
Reply Retweet Like
Kafeine Jun 2
Magnitude += CVE-2018-8174 ( dropping Magniber which is now accepting Dash payment). Post updated:
Reply Retweet Like
Kafeine May 31
DanaBot - A new banking Trojan surfaces Down Under:
Reply Retweet Like
Kafeine May 28
ThreadKit += CVE-2018-8174 for 400USD (announced by Author yesterday). See this "Cobalt Group" doc: af9ed7de1d9d9d38ee12ea2d3c62ab01a79c6f4b241c02110bac8a53ea9798b5 via
Reply Retweet Like
Kafeine May 25
Here we go... RIG += CVE-2018-8174 thx and Frank Ruiz.
Reply Retweet Like
Kafeine May 19
Replying to @xme
Hello, internal name of this loader is sLoad. Appeared May 1st. Payload is the UK focused Ramnit ( fB1oN5frGqf ). Example: 2a7c7d440bed3a90ad46450b20c4390753c9fda256d0ab100f7725a6e3bda653
Reply Retweet Like
Kafeine retweeted
Anton Ivanov May 8
Root cause analysis of the latest Internet Explorer zero day – CVE-2018-8174
Reply Retweet Like
Kafeine retweeted
Brian Laskowski Apr 27
Replying to @clamav @spamhaus
Time for a part 2 to malware clean up. After analyzing the malware injections I've put together some yara rules that you can use with to help in cleaning up your site and getting off of the CBL blacklist.
Reply Retweet Like
Kafeine retweeted
Brian Laskowski Apr 19
Have a webserver effected by the recent takedown of the EITest botnet, CBL blacklistings got you down in the dumps? Here's a little writeup for our recent cleanup of the leftovers of EITest on webservers.
Reply Retweet Like
Kafeine Apr 12
Reply Retweet Like
Kafeine Apr 9
Reply Retweet Like