Jump to content

Search the Community

Showing results for tags 'malware'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

  1. Hackers taking advantage of the video conferencing apps like Zoom to infect systems with malicious routines. Security researchers from Trend Micro observed two malware samples that pose as Zoom installers but when decoded it contains malware. The malicious fake installer not distributed through official distribution channels. Fake Zoom Installers With the two malware samples, one found installing a backdoor that allows attackers to gain access remotely, another one is the Devil Shadow botnet in devices. The malicious installer resembles closer to the official ve
  2. Never-before-seen PipeMon hit one developer's build system, another's game servers. One of the world’s most prolific hacking groups recently infected several Massively Multiplayer Online game makers, a feat that made it possible for the attackers to push malware-tainted apps to one target’s users and to steal in-game currencies of a second victim’s players. Researchers from Slovakian security company ESET have tied the attacks to Winnti, a group that has been active since at least 2009 and is believed to have carried out hundreds of mostly advanced attacks.
  3. Cautand un rat pentru android am dat peste lista asta care contine 38 de programare de acest fel, numele si functionalitatile pe care le ofera si avand in vedere ca nu este pe forum sau sunt putine informatii m-am gandit ca poate ar fi folositoare cuiva. Las si linkul de pe github in caz de update-uri:https://github.com/wishihab/Android-RATList + 888 rat 1.1.1 care-mi pare cam cel mai capabil DroidJack Camera, Microphone, Location Storage SMS, CALL, Contact Whatsapp Reader Browser History App Mana
  4. DeepLocker, a novel class of highly targeted and evasive attacks powered by artificial intelligence (AI). DeepLocker was developed as a proof of concept by IBM Research in order to understand how several AI and malware techniques already being seen in the wild could be combined to create a highly evasive new breed of malware, which conceals its malicious intent until it reached a specific victim. It achieves this by using a Deep Neural Network (DNN) AI-model to hide its attack payload in benign carrier applications, while the payload will only be unlocked if—and only if —the intended targ
  5. Synopsis: Process Dump is a Windows reverse-engineering command-line tool to dump malware memory components back to disk for analysis. Often malware files are packed and obfuscated before they are executed in order to avoid AV scanners, however when these files are executed they will often unpack or inject a clean version of the malware code in memory. A common task for malware researchers when analyzing malware is to dump this unpacked code back from memory to disk for scanning with AV products or for analysis with static analysis tools such as IDA. Source: http://split-code.
  6. Researchers have discovered new variants of Spectre and Meltdown. The software mitigations for Spectre and Meltdown seem to block these variants, although the eventual CPU fixes will have to be expanded to account for these new attacks. via Bruce Schneier gasesc interesant si articolul The Future of Computing Depends on Making It Reversible, It’s time to embrace reversible computing, which could offer dramatic improvements in energy efficiency de Michael P. Frank , cit si un dialog postat de cititori: "I don't understand why they don't just make a separate processor f
  7. Symantec Hackers utilizing the Triton malware have managed to close down industrial operations in the Middle East, researchers have warned. On Thursday, cybersecurity researchers from FireEye's Mandiant revealed that threat actors deployed malware capable of manipulating emergency shutdown systems at a critical infrastructure firm in the Middle East. The new form of malware, dubbed Triton, is one of only a handful of malware families known to have been developed for the purpose of attacking industrial processes and core infrastructure we all rely upon for supplies
  8. We found a new cryptocurrency-mining bot spreading through Facebook Messenger, which we first observed in South Korea. We named this Digmine based on the moniker (비트코인 채굴기 bot) it was referred to in a report of recent related incidents in South Korea. We’ve also seen Digmine spreading in other regions such as Vietnam, Azerbaijan, Ukraine, Vietnam, Philippines, Thailand, and Venezuela. It’s not far-off for Digmine to reach other countries given the way it propagates. Facebook Messenger works across different platforms, but Digmine only affects Facebook Messenger’s desktop/web browse
  9. A team of security researchers has discovered a new malware evasion technique that could help malware authors defeat most of the modern antivirus solutions and forensic tools. Dubbed Process Doppelgänging, the new fileless code injection technique takes advantage of a built-in Windows function and an undocumented implementation of Windows process loader. Ensilo security researchers Tal Liberman and Eugene Kogan, who discovered the Process Doppelgänging attack, presented their findings today at Black Hat 2017 Security conference held in London. Process Doppelgänging Works on A
  10. You should be extra careful when opening files in MS Office. When the world is still dealing with the threat of 'unpatched' Microsoft Office's built-in DDE feature, researchers have uncovered a serious issue with another Office component that could allow attackers to remotely install malware on targeted computers. The vulnerability is a memory-corruption issue that resides in all versions of Microsoft Office released in the past 17 years, including Microsoft Office 365, and works against all versions of Windows operating system, including the latest Microsoft Windows 10 Creators Update
  11. Synopsis: Noriben is a Python-based script that works in conjunction with SysInternals Procmon to automatically collect, analyze, and report on run-time indicators of malware. In a nutshell, it allows you to run your malware, hit a keypress, and get a simple text report of the sample's activities. Link: https://github.com/Rurik/noriben
  12. Disassembler and Runtime Analysis (or how IDA Pro has some difficulties when displaying correctly the assembly of the patched run-time whilst using a Graph view) Link: http://blog.talosintelligence.com/2017/10/disassembler-and-runtime-analysis.html
  13. https://riscybusiness.wordpress.com/2017/10/07/hiding-your-process-from-sysinternals/
  14. It seems sophisticated hackers have changed the way they conduct targeted cyber operations—instead of investing in zero-days and developing their malware; some hacking groups have now started using ready-made malware just like script kiddies. Possibly, this could be a smart move for state-sponsored hackers to avoid being attributed easily. Security researchers from multiple security firms, including Arbor Networks and FireEye, independently discovered a series of malware campaigns primarily targeting aerospace, defence contractors and manufacturing sectors in various countries, including
  15. Check Point’s mobile threat research team identified a new variant of an Android malware that sends fraudulent premium SMS messages and charges users’ accounts for fake services without their knowledge. According to Google Play data, the malware infected at least 50 apps and was downloaded between 1 million and 4.2 million times before the affected apps were removed. The new strain of malware is dubbed “ExpensiveWall,” after one of the apps it uses to infect devices, “Lovely Wallpaper.” ExpensiveWall is a new variant of a malware found earlier this year on Google Play. The entire malware
  16. 'Bashware' is a clever new type of malware that major antivirus programs can't detect. Microsoft surprised the technology world last year when it announced that users will be able to run native Linux applications in Windows 10 without virtualization. While this feature is meant to help developers, researchers believe it could be abused by attackers to hide malware from security products. Researchers from security firm Check Point Software Technologies developed a technique that uses Bash, the Linux command-line interface—or shell—that's now available in Windows, to make known
  17. Hey Crackers!!! I discovered an IoT based device on 84.241.* which I think it's some kind of smart camera, If you have any malware or exploit to attack corresponding host please don't hesitate to share with me. If there's a better discovery technique please let me know. Share your experience of the same IoT based platforms. Your LOVE H3$!z
  18. Acest challenge contine malware real. Rulati doar in masini virtuale(virtualbox, vmware, etc) izolate, fara access la retea. p.s. Programele de tip sandbox nu prezinta siguranta - testat Download: h t t p : / / g e . t t / 7 T V l L m i 2 Parola: dezarhivez un malware Challenge realizat in colaborare cu @Gecko Au rezolvat challenge-ul: @sclipici
  19. Salut, Vand coduri de activare pentru 2 dintre cele mai cunoscute produse de securitate, suita: mobile protection + antivirus pc 10$ paypal sau doar antivirus 5$. Cine este interesat ma poate contacta prin pm.
  20. OPERATIUNEA OLYMPIC GAMES Programatorii de la Agenția Națională de Securitate și armata israeliană au creat o serie de virusi pentru a ataca computerele care controlează centrul de îmbogățire nucleară a Iranului la Natanz. Atacurile au fost repetate in mai mulți ani, și de fiecare dată programele au fost imbunatatite , pentru a le face dificil de detectat. Una dintre variante a scăpat din Natanz și a devenit publica. Un articol din New York Times aparut in iunie 2012 a prezentat in detaliu actiunile de atac cibernetic 2006 – odata cu reinceperea programului de imbogatire a ura
  21. Security researchers from Trend micro recently discovered a new JavaScript-based malware that infects your mobile devices and also attacks your home router by altering its DNS (Domain Name System) settings. This new threat was named as JS_JITON and was first noticed in end of December 2015, continuing to infect devices up until this day, hitting its peak in February 2016, with over 1,500 infections per day. Researchers say that the malware spreads it’s infection chain in a very simple way. Attackers place their code in some websites and wait for users to visit
  22. Windows Malware Analysis Essentials Master the fundamentals of malware analysis for the Windows platform and enhance your anti-malware skill set Author: Victor Marak Read: https://www.scribd.com/doc/283049338/Windows-Malware-Analysis-Essentials Download: https://www.sendspace.com/file/rbwzjv
  23. ome non typical malware which doesn't have any attention from "security experts" and other internet clowns. Maybe because of this it is not well detected on VT. The key features of it, making it non typical: 1) This malware lives in registry value. 2) Non typical dropper self-deletion method, nothing zero day though. 3) Malware startup location protection in a backdoor Sirefef way. 4) It downloads, installs and uses Windows KB968930 (MS PowerShell). More details below 1) This malware stored under key HKCU\Software\Microsoft\Windows\CurrentVersion\Run and it autostart location is invisible to r
  24. The Windows API for Hackers and Reverse Engineers The Windows API is one of the “must know” areas for most reverse engineers and exploit writers. It’s an area than the more I use the APIs the more that I find myself looking up speific APIs and wishing that I would have known what I know now about these sometimes vague and/or mysterious functions. Why should someone who’s in the INFOSEC community care about these APIs? Well to put it shortly, they can make your life considerably easier. If you do incident response, are just getting starting writing exploits, or anything related, then you’ve lik
×
×
  • Create New...