malware   13414

« earlier     later »

Four months after its debut, sneaky Mac malware went undetected by AV providers | Ars Technica
Does Apple give malware definitions to AV providers? New analysis suggests no.
apple  malware  undetected 
4 weeks ago by gdw
SharpPack: The Insider Threat Toolkit – MDSec
Most of our favourite tools in the red team arsenal are developed in DotNet or PowerShell and there exists numerous ways to execute these from memory when operating from your implant such as CobaltStrike’s powerpick and execute-assembly methods. In our use case, we were operating without an implant but still wanted to reap the benefits of GhostPack, Internal Monologue et al and therefore we had to get a little more creative with our tradecraft. As previously noted, we were operating in an environment with tight application whitelisting so recompiling and obfuscating our chosen tools was just not an option. We did however observe two notable opportunities to get code execution as the environment made heavy use of VBScript (thanks Tanium :)) and locally created Office Macro enabled documents.
dotnet  malware  pentest  vbscript 
4 weeks ago by whip_lash
Malware vector: become an admin on dormant, widely-used open source projects / Boing Boing
"a scary social-engineering vector for malware: A malicious person volunteers to help maintain the project, makes some small, positive contributions, gets commit access to the project, and releases a malicious patch, infecting millions of users and apps."
fail  security  malware  opensource  corydoctorow  boingboing 
4 weeks ago by WBedutech
Shadowserver Foundation
Established in 2004, The Shadowserver Foundation gathers intelligence on the darker side of the internet. We are comprised of volunteer security professionals from around the world. Our mission is to understand and help put a stop to high stakes cybercrime in the information age.
malware  reference  security  bot  internet 
4 weeks ago by chrismyth

« earlier    later »

related tags

$25k  -  2018  510  a  abatis  adblock  ads  advances  advertising  ai  amnesty  an  analysis  andrewtsonchev  android  antivirus-cheatsheet  antivirus  apple  application  apps  atlanta  attacker  attribution  autocad  badmen  badtech  battery  be  bing  bitcoin  blackout  boingboing  bot  browser  bruceschneier  businessinsider  c#  c2  cheatsheet  chrome  citizenlab  competition  computers  corydoctorow  crime  crypton  cybercom  cybersecurity  cyberx  darktraceindustrial  data  dataset  decoder  desalination  diagnostics  disk-wiping  docker  domain  dot-net  dotnet  draining  dyndns  edtech  event-stream  exploit  extortion  factories  fail  failboat  fallout  fireeye  firm  fixes  flatmap-stream  flintcapital  fly  foss  fraud  free  frida  funds  gang  gatwickairport  github  google  government  hack  hacked  hackers  hacking  hacks  hex  holloway  hookads  hosts  how-to  humor  info-assurance  infosec  infrastructure  inject  injection  installing  internet  into  ip  iphone  iran  ironpython  is  israel  it  javascript  jimedwards  keeps  kirkville  kit  lamepyre  launched  launches  linux  list  log  lojack  losses  mac  macos  magento  maintenance  malicious  malvertising  mauritania  mediashift  mexico  microsoft  mobilephone  netsafe  new  nhs  nilgiller  northkorea  npm  nsogroup  nz  obfuscation  on  online  openid  opensource  opgg  otf  paypal  pcworld  pegasus  pentest  pentesting  phishing  pornography  postexploitation  powered  powershell  prediction  privacy  prize  protection  proxy  ransomware  rat  re-emerges  reference  renewal  repository  research  reverseengineering  reversing  risks  russia  sample  samples  sandbox  sandiego  saudiarabia  scam  screenshots  script  secblog  security  seedworm  sends  seo  sergeygribov  service  shamoon  sicherheit  siemens  sierraleone  site  sndbox  socialengineering  spam  spy  spyhunter  sql  steal  steganography  stego  step7  stores  stuxnet  support  surveillance  technique  technology  the  third  to  tools  tootme  tracking  tricks  trojan  tutorial  tweak  twitter  two  ubuntu  ukraine  undetected  up  usa  used  user  variant  variants  vbscript  via  virus  virustotal  visualization  vm  wannacry  warns  water  web  will  windows  with  wordpress  write-up  zeroday 

Copy this bookmark: