🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Hey Unpackers! You might have been wondering, why the radio silence these past months… Well we have been busy 🏃‍♂️🏃‍♂️🏃‍♂️ Look for some nice new features very soon 👀 (maybe try uploading an x64 sample or two?)

Finished my presentation at Black Hat NJ's Arsenal! Had an absolutrle blast presenting! DotDumper is now live, find it here: github.com/advanced-threa…

"Password expiration requirements do more harm than good, because these requirements make users select predictable passwords" Thank you Microsoft. NIST agrees. Everyone who attacks password auth agrees. Can we get compliance to update their requirements. docs.microsoft.com/en-us/microsof…

🚨 Today we're excited to release Ghidrathon, a Ghidra extension that adds modern Python 3 scripting (including Python 3.10) to Ghidra! Blog 👉 mandiant.com/resources/blog… GitHub 👉 github.com/mandiant/Ghidr…

Trellix Advanced Research Center: Exploiting the World With a 15-Year-Old Vulnerability #CVE-2007-4559 blog: trellix.com/en-us/about/ne… #exploit #dfir

New name, same dedication to insightful and actionable real-time intelligence. go.trellix.com/3QZvJ1F @TrellixLabs

Make sure to give this local vuln scanner script a try 😉! github.com/advanced-threa… You don’t want to wake up to an “/opt” write up due to a path transversal 🤙 trellix.com/en-us/about/ne…

ICYMI, threat actors on multiple underground forums are sharing around a copy of a cracked version of Brute Ratel (aka BRC4), brace for attacks. #threatintel #redteam #BRC4 #BruteRatel #cti

The authors of #BumbleBee released a new version of their bot, which includes a new command: “plg” (plug-in?). For now, it has the same functionality as command “dij” (download, inject). We suspect that this malware family is being modularized like #TrickBot. #ESETresearch 1/5

Hey :) An interesting iPhone feature helps you to monitor domains, IPs, data, etc, accessed by installed apps. Settings > Privacy & Security > App Privacy Report. Quite useful to understand what is happening on a network side when an app is used.

Visit us at ONE Conference Booth no.16 of the Innovation Expo. Downstairs. Look for the Thinkst Canary #ONE2022

In the latest threat report, Trellix Advanced Research Center analyzes trends in: 💰 Ransomware 🌎 Nation-State attacks 🧠 Vulnerability Intelligence 📧 Email Security And more! Dive into the full details here: bit.ly/3IkkL4N

After many hours of work over several weeks, the 2022 year-in-review report is out. I hope everyone in the community finds it useful and use it to battle the most commonly used TAs TTPs as we observed them. All data we publish are from real intrusions by real attackers! Enjoy 👇

82% of CEO fraud emails in Q4 2022 were sent using free email services, so don’t fall for a (literal) cheap trick. Instead, read Trellix Advanced Research Center’s The Threat Report: February 2023 and learn how threat actors are utilizing the service — and more. bit.ly/3IkkL4N

Looking for a QakBot Deep-dive? Look no further and check out Trellix Advanced Research Center 's latest blog. trellix.com/en-us/about/ne…

Golang? Ransomware? Comparing versions? Ghidra? My most recent blog for Trellix Advanced Research Center covering the evolution of the Kuiper ransomware has it all: trellix.com/about/newsroom… 🧵1/2