Today, I'm releasing Imaginary C2: a malware network behavior analysis tool to:.🅰 Capture HTTP requests towards selectively chosen domains/IPs.🅱️ Easily replay captured C&C responses/served payloads.▶️ Demo use case: simulate TrickBot servers.->

RT @EndWokeness: The New York Times, one week apart:

RT @mncoppola: New blog post "Google: Stop Burning Counterterrorism Operations". My reflection on an incident where Project Zero and TAG kn….

RT @aejleslie: Ransomware is a national security and public health crisis. “…the National Health Service confirms more than 1,100 operatio….

RT @SBousseaden: Elastic Security Labs has discovered a new method for initial access and evasion in the wild, termed #GrimResource, which….

RT @chvancooten: Doesn't take much to trigger a Crowdstrike exec apparently. If only they had 100% coverage against getting criticized on t….

RT @DAlperovitch: Putin on his endgame: . “They [the West] say that they want to achieve the strategic defeat of Russia on the battlefield.….

RT @ServidaAndrea: ICYMI - this is a very serious issue. Whatever the good intentions might be, undermining end-to-end encryption is always….

RT @chompie1337: microsoft: Exploit Code Unporoven. me: i literally gave you a compiled PoC and also exploit code. m$: No exploit code is a….

RT @arekfurt: The PRC exploited 14,000 Fortigate devices before the vulnerability in question here was even announced. Just let that sink….

RT @cyber_advising: CVE-2024-4577: PHP 8.1.* before 8.1.29, 8.2.* 8.2.20, 8.3.* 8.3.8, when using Apache and PHP-CGI on Windows. allow a ma….

RT @SkyNews: The NHS has launched an urgent appeal for O blood-type donors following a cyber attack that has affected some of the largest h….

RT @JohnHultquist: Mandiant's blog on the Snowflake breaches. The bottomline is that the infostealer problem is coming to a head and defens….

RT @IntNostalgia: Who remembers the Zone Alarm? 🥹

RT @Kostastsale: Check out this awesome report by Sophos on Chinese APT threat actors. There is much to learn from this technical breakdown….

RT @bmmaloney97: So it begins.

RT @artem_i_baranov: Curious what Windows Internals tricks rootkits have leveraged throughout their history to achieve the necessary goals….

RT @awakecoding: The full OCR text with the temporarily visible password is available in the %LocalAppData%\CoreAIPlatform.00\UKP\{<UUID>}\….

RT @NathanMcNulty: @cyb3rops @peteralexbizjak @UK_Daniel_Card Interestingly, Microsoft and others have been trying to fix this for years wh….

RT @therealshodan: “Largest ever operation”.4 arrests (not convicted yet). To put into perspective I have 2 arrests. Guarantee you none of….

RT @snyff: