#crypter — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #crypter, aggregated by home.social.
-
Pourquoi il faut chiffrer (et pas crypter) ses disques durs, nouvel épisode. Parce que vous n'êtes à l'abri d'un geek peu scrupuleux qui pourrait profiter de votre abandon de matériel... L'exemple en article (sans #IA) et en image.
https://blog.genma.fr/?Pourquoi-il-faut-chiffrer-ses-disques-durs-nouvel-episode #Chiffrer #Crypter #Luks #Bitlocker
-
A Full Analysis of the Pure #malware_removal Family: Unique and Growing Threat
The folks at ANY.RUN have posted an analysis of the PURE of the #crypter and multifunctional #stealer malware. While advertised as educational software, Malware Bazaar's database has too many listings to support this claim. Check out https://bazaar.abuse.ch/browse.php?search=tag%3ApureCrypter
PURE is purchased via a website and telegram bots often involving Bitcoin. PureCrypter's behavior flow is typical of loader or staged loader malware. They also examine PureLogs and PureMiner. All family members exhibit malicious code behaviors.
Kudos to the ANY.RUN folks for presenting a deeply technical analysis in an excellent narrative.
-
"🔐 GuLoader's New Identity: The Protector 🎭"
GuLoader is now being sold under the name "The Protector" on the same platform as Remcos. It's advertised as a crypter that makes its payload fully undetectable by antiviruses (FUD). 🕵️♂️🔒
🔗 Source: Check Point Research
🏷️ Tags: #GuLoader #TheProtector #FUD #Crypter #CyberSecurity
-
"🔐 GuLoader's New Identity: The Protector 🎭"
GuLoader is now being sold under the name "The Protector" on the same platform as Remcos. It's advertised as a crypter that makes its payload fully undetectable by antiviruses (FUD). 🕵️♂️🔒
🔗 Source: Check Point Research
🏷️ Tags: #GuLoader #TheProtector #FUD #Crypter #CyberSecurity
-
"🔐 GuLoader's New Identity: The Protector 🎭"
GuLoader is now being sold under the name "The Protector" on the same platform as Remcos. It's advertised as a crypter that makes its payload fully undetectable by antiviruses (FUD). 🕵️♂️🔒
🔗 Source: Check Point Research
🏷️ Tags: #GuLoader #TheProtector #FUD #Crypter #CyberSecurity
-
"🔐 GuLoader's New Identity: The Protector 🎭"
GuLoader is now being sold under the name "The Protector" on the same platform as Remcos. It's advertised as a crypter that makes its payload fully undetectable by antiviruses (FUD). 🕵️♂️🔒
🔗 Source: Check Point Research
🏷️ Tags: #GuLoader #TheProtector #FUD #Crypter #CyberSecurity
-
"🔐 GuLoader's New Identity: The Protector 🎭"
GuLoader is now being sold under the name "The Protector" on the same platform as Remcos. It's advertised as a crypter that makes its payload fully undetectable by antiviruses (FUD). 🕵️♂️🔒
🔗 Source: Check Point Research
🏷️ Tags: #GuLoader #TheProtector #FUD #Crypter #CyberSecurity
-
@textoo
En fait "digital" en franglais moche est aussi énervant que #crypter car ce mot n'existe pas en anglais non plus et techniquement il est impossible de crypter.
Sinon ça signifierait mettre dans une crypte ?En francais on dit #chiffrer ou #encrypter si on aime les jolis anglicismes.
Décrypter existe a la limite : le fait de réussir à comprendre un message caché sans en avoir la clé.
Crypter voudrait dire : cacher un message sans connaître la clé qui permet de le brouiller.
Non-sens
-
Last week's reporting gave a great insight into the level of innovation going on in the cyber crime ecosystem - C2 over MQTT, cryters delivering payloads over SQL connections, and UEFI bootkits that bypass Window's Secure Boot! We've pulled it all together, just for you:
https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-3fd
The BlackLotus #Bootkit has been upgraded to exploit a vulnerability in Microsoft's Secure Boot Mechanism, allowing it to persist on fully patched Windows 11 systems. This is enabled in no small part by the failure to update the UEFI revocation list, which allowed the bootkit author to simply load and exploit the vulnerable UEFI components on target systems.
Australia's cyber security laws were "bloody useless" in helping mitigate the Optus and Medibank breaches of 2022, according to the government's Home Affairs Minister. A new "national cyber office", reforms to Critical Infrastructure security laws, and a new Cyber Security Act are all on the table for discussion.
zScaler analysts have picked up on the Snip3 crypter, a Crypter-as-a-Sevice offering which uses multiple obfuscated stages; an AMSI Bypass, and SQL queries to circumvent security controls.
Sysdig share insights from a sophisticated #AWS-centric campaign; ESET have uncovered a new backdoor used by China's Mustang Panda (#APT27) which implements C2 over MQTT, and Team Cymru have again picked apart #IcedID's infrastructure to identify key TTPs.
Some interesting supply chain vulnerabilities this week, with bugs found in the ZK web app framework and Trusted Platform Module (TPM) having the potential to affect an untold number of applications and devices.
#Redteam members will get a kick out of DroppedConnection - a PoC that mimics Cisco AnyConnect VPN to siphon credentials and serve up malware to unwitting victims.
The #blueteam can look forward to some tips for GCP DFIR, bypassing malware geo-fencing, and tracking cyber criminal infrastructure.
Catch all this and much more in this week's newsletter:
https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-3fd
#infosec #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #hacking #security #technology #hacker #vulnerability #vulnerabilities #malware #ransomware #dfir #soc #threatintel #threatintelligence #DarkWeb #criticalinfrastructure #breach #privacy #Australia #crypter
-
Last week's reporting gave a great insight into the level of innovation going on in the cyber crime ecosystem - C2 over MQTT, cryters delivering payloads over SQL connections, and UEFI bootkits that bypass Window's Secure Boot! We've pulled it all together, just for you:
https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-3fd
The BlackLotus #Bootkit has been upgraded to exploit a vulnerability in Microsoft's Secure Boot Mechanism, allowing it to persist on fully patched Windows 11 systems. This is enabled in no small part by the failure to update the UEFI revocation list, which allowed the bootkit author to simply load and exploit the vulnerable UEFI components on target systems.
Australia's cyber security laws were "bloody useless" in helping mitigate the Optus and Medibank breaches of 2022, according to the government's Home Affairs Minister. A new "national cyber office", reforms to Critical Infrastructure security laws, and a new Cyber Security Act are all on the table for discussion.
zScaler analysts have picked up on the Snip3 crypter, a Crypter-as-a-Sevice offering which uses multiple obfuscated stages; an AMSI Bypass, and SQL queries to circumvent security controls.
Sysdig share insights from a sophisticated #AWS-centric campaign; ESET have uncovered a new backdoor used by China's Mustang Panda (#APT27) which implements C2 over MQTT, and Team Cymru have again picked apart #IcedID's infrastructure to identify key TTPs.
Some interesting supply chain vulnerabilities this week, with bugs found in the ZK web app framework and Trusted Platform Module (TPM) having the potential to affect an untold number of applications and devices.
#Redteam members will get a kick out of DroppedConnection - a PoC that mimics Cisco AnyConnect VPN to siphon credentials and serve up malware to unwitting victims.
The #blueteam can look forward to some tips for GCP DFIR, bypassing malware geo-fencing, and tracking cyber criminal infrastructure.
Catch all this and much more in this week's newsletter:
https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-3fd
#infosec #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #hacking #security #technology #hacker #vulnerability #vulnerabilities #malware #ransomware #dfir #soc #threatintel #threatintelligence #DarkWeb #criticalinfrastructure #breach #privacy #Australia #crypter
-
Last week's reporting gave a great insight into the level of innovation going on in the cyber crime ecosystem - C2 over MQTT, cryters delivering payloads over SQL connections, and UEFI bootkits that bypass Window's Secure Boot! We've pulled it all together, just for you:
https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-3fd
The BlackLotus #Bootkit has been upgraded to exploit a vulnerability in Microsoft's Secure Boot Mechanism, allowing it to persist on fully patched Windows 11 systems. This is enabled in no small part by the failure to update the UEFI revocation list, which allowed the bootkit author to simply load and exploit the vulnerable UEFI components on target systems.
Australia's cyber security laws were "bloody useless" in helping mitigate the Optus and Medibank breaches of 2022, according to the government's Home Affairs Minister. A new "national cyber office", reforms to Critical Infrastructure security laws, and a new Cyber Security Act are all on the table for discussion.
zScaler analysts have picked up on the Snip3 crypter, a Crypter-as-a-Sevice offering which uses multiple obfuscated stages; an AMSI Bypass, and SQL queries to circumvent security controls.
Sysdig share insights from a sophisticated #AWS-centric campaign; ESET have uncovered a new backdoor used by China's Mustang Panda (#APT27) which implements C2 over MQTT, and Team Cymru have again picked apart #IcedID's infrastructure to identify key TTPs.
Some interesting supply chain vulnerabilities this week, with bugs found in the ZK web app framework and Trusted Platform Module (TPM) having the potential to affect an untold number of applications and devices.
#Redteam members will get a kick out of DroppedConnection - a PoC that mimics Cisco AnyConnect VPN to siphon credentials and serve up malware to unwitting victims.
The #blueteam can look forward to some tips for GCP DFIR, bypassing malware geo-fencing, and tracking cyber criminal infrastructure.
Catch all this and much more in this week's newsletter:
https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-3fd
#infosec #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #hacking #security #technology #hacker #vulnerability #vulnerabilities #malware #ransomware #dfir #soc #threatintel #threatintelligence #DarkWeb #criticalinfrastructure #breach #privacy #Australia #crypter
-
Last week's reporting gave a great insight into the level of innovation going on in the cyber crime ecosystem - C2 over MQTT, cryters delivering payloads over SQL connections, and UEFI bootkits that bypass Window's Secure Boot! We've pulled it all together, just for you:
https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-3fd
The BlackLotus #Bootkit has been upgraded to exploit a vulnerability in Microsoft's Secure Boot Mechanism, allowing it to persist on fully patched Windows 11 systems. This is enabled in no small part by the failure to update the UEFI revocation list, which allowed the bootkit author to simply load and exploit the vulnerable UEFI components on target systems.
Australia's cyber security laws were "bloody useless" in helping mitigate the Optus and Medibank breaches of 2022, according to the government's Home Affairs Minister. A new "national cyber office", reforms to Critical Infrastructure security laws, and a new Cyber Security Act are all on the table for discussion.
zScaler analysts have picked up on the Snip3 crypter, a Crypter-as-a-Sevice offering which uses multiple obfuscated stages; an AMSI Bypass, and SQL queries to circumvent security controls.
Sysdig share insights from a sophisticated #AWS-centric campaign; ESET have uncovered a new backdoor used by China's Mustang Panda (#APT27) which implements C2 over MQTT, and Team Cymru have again picked apart #IcedID's infrastructure to identify key TTPs.
Some interesting supply chain vulnerabilities this week, with bugs found in the ZK web app framework and Trusted Platform Module (TPM) having the potential to affect an untold number of applications and devices.
#Redteam members will get a kick out of DroppedConnection - a PoC that mimics Cisco AnyConnect VPN to siphon credentials and serve up malware to unwitting victims.
The #blueteam can look forward to some tips for GCP DFIR, bypassing malware geo-fencing, and tracking cyber criminal infrastructure.
Catch all this and much more in this week's newsletter:
https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-3fd
#infosec #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #hacking #security #technology #hacker #vulnerability #vulnerabilities #malware #ransomware #dfir #soc #threatintel #threatintelligence #DarkWeb #criticalinfrastructure #breach #privacy #Australia #crypter
-
Last week's reporting gave a great insight into the level of innovation going on in the cyber crime ecosystem - C2 over MQTT, cryters delivering payloads over SQL connections, and UEFI bootkits that bypass Window's Secure Boot! We've pulled it all together, just for you:
https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-3fd
The BlackLotus #Bootkit has been upgraded to exploit a vulnerability in Microsoft's Secure Boot Mechanism, allowing it to persist on fully patched Windows 11 systems. This is enabled in no small part by the failure to update the UEFI revocation list, which allowed the bootkit author to simply load and exploit the vulnerable UEFI components on target systems.
Australia's cyber security laws were "bloody useless" in helping mitigate the Optus and Medibank breaches of 2022, according to the government's Home Affairs Minister. A new "national cyber office", reforms to Critical Infrastructure security laws, and a new Cyber Security Act are all on the table for discussion.
zScaler analysts have picked up on the Snip3 crypter, a Crypter-as-a-Sevice offering which uses multiple obfuscated stages; an AMSI Bypass, and SQL queries to circumvent security controls.
Sysdig share insights from a sophisticated #AWS-centric campaign; ESET have uncovered a new backdoor used by China's Mustang Panda (#APT27) which implements C2 over MQTT, and Team Cymru have again picked apart #IcedID's infrastructure to identify key TTPs.
Some interesting supply chain vulnerabilities this week, with bugs found in the ZK web app framework and Trusted Platform Module (TPM) having the potential to affect an untold number of applications and devices.
#Redteam members will get a kick out of DroppedConnection - a PoC that mimics Cisco AnyConnect VPN to siphon credentials and serve up malware to unwitting victims.
The #blueteam can look forward to some tips for GCP DFIR, bypassing malware geo-fencing, and tracking cyber criminal infrastructure.
Catch all this and much more in this week's newsletter:
https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-3fd
#infosec #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #hacking #security #technology #hacker #vulnerability #vulnerabilities #malware #ransomware #dfir #soc #threatintel #threatintelligence #DarkWeb #criticalinfrastructure #breach #privacy #Australia #crypter
-
Cinq siècles après, la lettre cryptée de Charles Quint enfin déchiffrée.
Le déchiffrement d’une lettre écrite en 1547 par Charles Quint à son ambassadeur en France, apporte un nouvel éclairage des relations entre le royaume dirigé alors par François Ier, et le Saint Empire Romain Germanique.
Une suite de symboles « inintelligibles » qui s’éclaire cinq siècles plus tard..#crypter https://lsdm.live/modules/news/article.php?storyid=3373
