#amsi — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #amsi, aggregated by home.social.
-
A mathematics event like no other, and even better, it's taking place DownUnder 20-24th July! Students, early, mid, and senior career researchers are all welcome!
What can the histories of mathematics from all societies worldwide tell us about mathematics we may need to tackle 21st century global problems? Your contribution will be welcomed and valued. Register before 5th June to secure your place, as numbers are limited due to venue constraints, at
https://maths.anu.edu.au/news-events/events/global-mathematics-histories-and-futures
This workshop is a first for Australian mathematics, and aligns with similar international initiatives, with an exciting program of Keynote and Guest Lectures, moderated roundtable discussion/ brainstorming sessions, contributed talks and posters. We aim to bring together cross-cultural, historical, and frontier mathematical knowledge.
The organisers thank the generosity of our sponsors #ANU-MSI #AustMS #AMSI #SMRI .
#mathematics -
A mathematics event like no other, and even better, it's taking place DownUnder 20-24th July! Students, early, mid, and senior career researchers are all welcome!
What can the histories of mathematics from all societies worldwide tell us about mathematics we may need to tackle 21st century global problems? Your contribution will be welcomed and valued. Register before 5th June to secure your place, as numbers are limited due to venue constraints, at
https://maths.anu.edu.au/news-events/events/global-mathematics-histories-and-futures
This workshop is a first for Australian mathematics, and aligns with similar international initiatives, with an exciting program of Keynote and Guest Lectures, moderated roundtable discussion/ brainstorming sessions, contributed talks and posters. We aim to bring together cross-cultural, historical, and frontier mathematical knowledge.
The organisers thank the generosity of our sponsors #ANU-MSI #AustMS #AMSI #SMRI .
#mathematics -
A mathematics event like no other, and even better, it's taking place DownUnder 20-24th July! Students, early, mid, and senior career researchers are all welcome!
What can the histories of mathematics from all societies worldwide tell us about mathematics we may need to tackle 21st century global problems? Your contribution will be welcomed and valued. Register before 5th June to secure your place, as numbers are limited due to venue constraints, at
https://maths.anu.edu.au/news-events/events/global-mathematics-histories-and-futures
This workshop is a first for Australian mathematics, and aligns with similar international initiatives, with an exciting program of Keynote and Guest Lectures, moderated roundtable discussion/ brainstorming sessions, contributed talks and posters. We aim to bring together cross-cultural, historical, and frontier mathematical knowledge.
The organisers thank the generosity of our sponsors #ANU-MSI #AustMS #AMSI #SMRI .
#mathematics -
A mathematics event like no other, and even better, it's taking place DownUnder 20-24th July! Students, early, mid, and senior career researchers are all welcome!
What can the histories of mathematics from all societies worldwide tell us about mathematics we may need to tackle 21st century global problems? Your contribution will be welcomed and valued. Register before 5th June to secure your place, as numbers are limited due to venue constraints, at
https://maths.anu.edu.au/news-events/events/global-mathematics-histories-and-futures
This workshop is a first for Australian mathematics, and aligns with similar international initiatives, with an exciting program of Keynote and Guest Lectures, moderated roundtable discussion/ brainstorming sessions, contributed talks and posters. We aim to bring together cross-cultural, historical, and frontier mathematical knowledge.
The organisers thank the generosity of our sponsors #ANU-MSI #AustMS #AMSI #SMRI .
#mathematics -
A mathematics event like no other, and even better, it's taking place DownUnder 20-24th July! Students, early, mid, and senior career researchers are all welcome!
What can the histories of mathematics from all societies worldwide tell us about mathematics we may need to tackle 21st century global problems? Your contribution will be welcomed and valued. Register before 5th June to secure your place, as numbers are limited due to venue constraints, at
https://maths.anu.edu.au/news-events/events/global-mathematics-histories-and-futures
This workshop is a first for Australian mathematics, and aligns with similar international initiatives, with an exciting program of Keynote and Guest Lectures, moderated roundtable discussion/ brainstorming sessions, contributed talks and posters. We aim to bring together cross-cultural, historical, and frontier mathematical knowledge.
The organisers thank the generosity of our sponsors #ANU-MSI #AustMS #AMSI #SMRI .
#mathematics -
Эволюция загрузки вредоносных файлов или как хакеры перешли из файловой системы в оперативную память
Стандартная обфускация больше не спасает от систем защиты. Сегодня битва за скрытность идет на уровне системных вызовов и манипуляций с библиотеками в реальном времени. В этой статье мы проследим динамику развития обходов: от классического патчинга AMSI до современных методов уклонения от EDR.
https://habr.com/ru/companies/hex_team/articles/995320/
#amsi #amsi_bypass #EDR #пентест #обход_защиты #вредоносное_по #Загрузка_в_память
-
https://www.europesays.com/it/215530/ Sanremo Giovani, chi si esibisce martedì 18 novembre: da Nicolò Filippucci ad Angelica Bove – Il Messaggero #amsi #AngelicaBove #DiscoClubParadiso #Entertainment #Intrattenimento #IT #Italia #Italy #LeaGavino #NicolòFilippucci #Sanremo #SanremoGiovani #Soap
-
🦠 Malware Analysis
===================🦠 Malware Analysis
Executive summary: A recently observed campaign leverages malicious
Windows shortcut files (.LNK) distributed via Discord to deliver a
multi‑functional Remote Access Trojan (RAT). The LNK triggers a hidden
PowerShell that extracts a ZIP (Moq.zip) containing a malicious DLL
and executes it through the legitimate binary odbcconf.exe, a
Living‑off‑the‑Land Binary (LOLBin), to evade detection.Technical details:
• The shortcut named Cyber security.lnk opens an embedded decoy PDF
Cyber security.pdf while running a PowerShell payload in hidden mode
(via a headless conhost.exe).
• The PowerShell creates a working path (Temp and a Nuget folder under
Public), extracts an embedded PDF and the ZIP archive, then drops
Moq.zip and a malicious DLL.
• Execution is handed to odbcconf.exe to load the DLL, enabling
process execution without spawning visible consoles.
• The RAT collects system/antivirus information, attempts AMSI
bypasses, and patches EtwEventWrite to impair Windows Event Tracing
(ETW).🔹 Attack Chain Analysis
1. Initial Access (LNK): User opens Cyber security.lnk from Discord —
triggers hidden PowerShell (MITRE: T1204.002).
2. Download/Stage: PowerShell extracts embedded PDF and Moq.zip into
Temp/Public\Nuget.
3. Execution via LOLBin: odbcconf.exe is used to load the dropped DLL
(MITRE: T1218 — System Binary Proxy Execution).
4. Persistence/Control: Malicious DLL implements RAT behaviors,
including remote commands and reconnaissance.
5. Defense Evasion: AMSI bypass and EtwEventWrite patching (Impair
Defenses) reduce telemetry and impede detection.Detection guidance:
• Monitor process trees where odbcconf.exe is launched from atypical
parents (PowerShell/conhost).
• Alert on hidden PowerShell instances extracting embedded files and
writing PDFs from LNK streams.
• Watch for API patching attempts around EtwEventWrite and AMSI
initialization failures.Mitigation:
• Restrict execution of unsigned Office/shortcut attachments from
untrusted channels.
• Apply application control to prevent odbcconf.exe from loading untrusted DLLs.
• Enable telemetry and harden AMSI where possible; monitor ETW integrity.References/Notes: Preliminary detections were reported from Israel;
campaign observed distribution via Discord and use of decoy PDFs. #LNK
#RAT #AMSI #ETW #LOLBins -
I just discovered an interesting #AMSI bypass which uses a massive amount of overlapping Unicode characters. Apparently if you append a few hundred before and after a known malicious command (such as an AMSI bypass, or "Invoke-Mimikatz"), AMSI either crashes or ignores the #PowerShell code in between the odd code blobs.
The best part is that the code doesn't even need to be obfuscated! Tested this on Windows 10/11 and Server installs with success.
Link to a gist with the bypass in the comments
-
📽️ Prof. Hugh Possingham's public lecture on how mathematics can inform policy - or not 🐠🐟 is now available on our YouTube channel
🍿 Watch now: http://youtu.be/W7LBc8eZ3Yg
#AMSI #conservation #policy #Australia #mathematics #AMSIWinterSchool #HugePossum
-
#AMSI Winter School at QUT, #Brisbane has finished! What an excellent 2 weeks that was. I learned about #fisheries #modelling, model sloppiness, and reinforcement learning, and I got to share evolutionary game theory with a bunch of enthusiastic students.
(The photo I took on the way back to the hotel)
-
Prof Hugh Possingham is giving the public lecture this evening about #mathematics and if it makes a difference to #conservation #policy
-
Today we’re diving into coding #ReinforcementLearning for our fisheries examples.
-
Liam Timms from #UniversityOfQueensland presented his winning #AMSI talk about optimising #conservation for #elephant #poaching
-
Day 2 #fisheries #modelling at #AMSI #mathematics winter school with Dr Nokuthaba Sibanda, and it’s getting real.
-
Winter school on environmental and ecological mathematics in Brisbane.
Travel #grants are available, applications close June 11. Open to all, with women, First Nations and Regional, Rural and Remote students strongly encouraged to apply
https://ws.amsi.org.au/travel-grants/#1569475075505-37e6c7b4-a301
#winterschool #amsi #mathematics #ecology #environment #brisbane #australia
-
#Microsoft pushed a new detection capability for #AMSI/Defender. Image on the left shows how executing a stored variable with IEX used to bypass AMSI and the right shows how it's now detected. IEX now appears to have a new Fully Qualified Error ID.
#Powershell #infosec #Empire🐦🔗: https://twitter.com/BCSecurity1/status/1244004404874878976