Discover and read the best of Twitter Threads about #Malware

Most recents (22)

The numbers of the #Wuhan #Coronavirus infected, recovered & died, have been updated this morning.

They are admitting an overnight increase of 15,000 new cases in 24 hrs!

It's been edging up consistently at a much lower rate.
See graphic:
gisanddata.maps.arcgis.com/apps/opsdashbo…
#Epizootic
2) The reported militarization of #Wuhan's #P4Lab has raised new questions about the origin of the #Covid19Virus & the apparent cover-up that has occurred since it was 1st made public.
#AwarenessIsPreparedness
#SurviveAll
#ZeroHedge
zerohedge.com/geopolitical/s…
3) #Japan reports their 1st #Wuhan death.

Then they let out that there are 44 sick on cruise liner offshore...

🤔They're doing the same thing off the #NewJersey coast. They've got a cruise ship, w/people infected w/the virus, docked or moored offshore . They brought 4 sick ....
Read 12 tweets
Stoked to share these free resources to expand your #infosec and technical skill set.

Each is a career path in its own right, the rabbit hole goes down as far as you follow.

Check these out and make 2020 count! 🎊

#30DaysOfThreads #BlackTechTwitter
#latinxintech
Begin your road into #pentesting with this staple book and free VM to practice hacking into 💻

Metasploit The Penetration Testers Guide : archive.org/details/Metasp… via @internetarchive

offensive-security.com/metasploit-unl…
A requirement for all in #dfir is being able to read and understand network traffic. It’s how our systems communicate!

Practical packet analysis: using Wireshark to solve real-world network problems : Sanders, Chris

archive.org/details/Practi…
Read 9 tweets
That was my week in #CyberSecurity that was.

#ICYMI here's a #weekend review of my #infosec output for the past week. (1/9)

Tuesday December 10

#Windows10 #Malware #warning

forbes.com/sites/daveywin…
That was my week in #CyberSecurity that was.

#ICYMI here's a #weekend review of my #infosec output for the past week. (2/9)

Tuesday December 10

#Xmas #toys #stranger #danger #threat

forbes.com/sites/daveywin…
That was my week in #CyberSecurity that was.

#ICYMI here's a #weekend review of my #infosec output for the past week. (3/9)

Tuesday December 10

#NHS #HealthcareIT #Opinion

digitalhealth.net/2019/12/differ…
Read 9 tweets
Solo nel corso di quest'ultima settimana ho dovuto ripulire 3 PC di amici e parenti infettati da #malware di vario tipo: in tutti e tre i casi l'infezione ha avuto origine da una e-mail di #phishing con un file .ZIP allegato, che a sua volta conteneva un trojan.

(thread)
Questo che si sta per chiudere è stato un anno dove il #phishing ha mietuto molte vittime illustri in Italia e in UE, chiaro segnale che sia gli enti pubblici che le aziende private non hanno ancora messo a punto strategie difensive adeguate. /2

privacy.it/2019/10/26/ran…
In cosa consistono queste strategie? Volendo riassumere, in un connubio virtuoso tra difese perimetrali (Firewall, IDS, validazione e-mail tramite SPF, etc.), procedure aziendali adeguate e soprattutto corsi di formazione per i dipendenti volti allo sviluppo di best practices. /3
Read 28 tweets
Around 2000 @GovernmentGeo websites got #hacked earlier this month, but the reports suggested it was a website defacement attack. That may not be the only case, the hacker may have attempted an image-based #malware attack. Follow the thread bit.ly/2KzRKF9
On Oct 28, a @GovernmentGeo website infrastructure gets hacked. The attack was the country's largest cyber-attack (likely) and targeting multiple sectors, from the website of the president, courts, civil society organizations, and others. bit.ly/2raMwJ0
Motive? Not clear yet. But all the websites had Saakashvili’s image with a caption - “I’LL BE BACK” superimposed over a Georgian flag. This made the attack seem a website defacement attack.
Read 10 tweets
In Republican Devin Nunes opening statement, he chose to peddle the insane conspiracy theory that Ukraine helped Hillary lose the election to later then have the ability to smear Trump after he won and pin it on Russia (Say What??) #ImpeachmentHearings #ImpeachmentDay
Rep. Devin Nunes also attacked @AlexandraChalup and (as Democratic stooges) witnesses Amb. Bill Taylor and State Dept's George Kent highly respected professionals who have served numerous presidents of BOTH parties with distinction. #ImpeachmentHearings #ImpeachmentDay
I will remind everyone that while Devin Nunes was the Chairman of the Intelligence Committee of the United States in 2017 we & others alerted him 2 the fact that one of his past campaign websites was breached and infected with Russian SEO spam #ImpeachmentHearings #ImpeachmentDay
Read 15 tweets
After #cyberattack while NPCIL officials have admitted to their administrative system being breached by malware, actual damage assessment is yet to be determined. Meanwhile #cybersecurity community is concerned whether India's #thorium secrets got stolen. greatgameindia.com/did-kudankulam…
@issuemakerslab #cybersecurity experts based out of #SouthKorea who have been monitoring suspicious activity in Indian #cyberspace, have claimed that ‘the possible reason behind the #cyberattack was to obtain information about #thorium based nuclear power. greatgameindia.com/did-kudankulam…
On the morning of October 29, 2019, @GreatGameIndia was the first to report #cyberattack at #KKNPP). #NPCIL after initially claiming it to be ‘false information’ did actually admit next day that their system was indeed breached by the #malware. greatgameindia.com/kudankulam-nuc…
Read 4 tweets
#கூடங்குளம் அணுமின் நிலையம் வடகொரியாவைச் சேர்ந்த 'லாசரசு' எனும் குழுவால் கொந்தப்பட்டுள்ளது ("ஹேக்" செய்யப்பட்டுள்ளது)

இந்த கணினி வைரசின் பெயர் டிடிராக் (#DTRACK)

இது ஏற்கனவே ATMDtrack எனும்‌ பெயரில் இந்தியத் தாமிகளில் (ATM Machines) கண்டறியப்பட்டுள்ளது. மேலும் படிக்கவும்... /1
இதை முதலில் @RungRage செப்டம்பர் 7ஆம் தேதி கண்டறிந்து, அன்றைக்கே அரசிடம் தெரிவித்துள்ளார். நாட்டின் பாதுகாப்பு கருதி பொதுவெளியில் இவ்வாறு மட்டும் பதிவிட்டார்.

ஆனால், பிற நாட்டிலிருந்து @a_tweeter_user & #SecureList தளத்தைச்‌ சேர்ந்த @Mao_Ware என்பவரும் அதை நேற்று பகிர்ந்தனர் /2
#DTRACK வைரசு #கூடங்குளம் அணுக்கரு‌ மின்நிலையக் கணினியில் இருந்து பின்வரும் தகவல்களை அதனை‌ உருவாக்கியவருக்கு அனுப்பியுள்ளது தெரியவந்துள்ளது:

> net use \\\\10.38.1.35\\C$ su.controller5kk /user:KKNPP\\administrator

இதில் #KKNPP என்பது #Koodankulam Neuclear Power Plant 😧

/3
Read 17 tweets
Die #IT-Umgebung des indischen #AKW's Kudankulam wurde nicht nur gehackt, sondern als Command and Control Server benutzt.

Hoffentlich war die #OT nicht auch öffentlich am Netz!

#KRITIS Sektor #Energie #nuclear #nuclearsafety #Resilienz #Cyber #Security

Zur Unterscheidung:

IT sind Informationstechnische Systeme (#PC #Laptop #Windows #Office, #Buchhaltung...)

OT sind Operative Systeme (#ICS #SCADA #SPS #HMI #PLC #Steuertechnik...)
Angemessener Stand der Technik #SdT wie in #KRITIS gefordert wurde offenbar im #AKW nicht eingehalten.

Strikte #Trennung zwischen #OT-Steuersystemen und #IT ist eine wesentliche #Sicherheitsmaßnahme!

Weitere #Maßnahmen und #Forderungen finder Ihr hier.

ag.kritis.info/politische-for…
Read 5 tweets
🌳Victory🌳

Impeachment Inquiry Is Legal, Judge Rules, Giving DEMs a Victory

Judge orders the DOJ to hand over secret GJ evidence from the Mueller inv’n to the HJC by 10/30.

The committee's need for disclosure of the materials "is greater than the need for continued secrecy.”
🌳Victory2🌳

THE GOP IS GETTING DESPERATE . . .

The silence is stunning.

No senator is saying:

📌Openly that Trump’s conduct is not impeachable.

📌The witnesses lack credibility.

📌It is perfectly appropriate for the president to use his powers to aid his campaign effort
🌳Victory3🌳

Cummings remembered as 'fierce champion' & as a “fierce champion of truth, justice & kindness”

“Like the prophet, our Elijah could call down fire from heaven.

But he also prayed & worked for healing.

He weathered storms & earthquakes but never lost his faith.”
Read 56 tweets
Let's go step-by-step and do some basic live process forensics for #Linux. Today's contestant is a bindshell backdoor waiting for a connection on Ubuntu. We saw something odd when we ran:

netstat -nalp

#DFIR #threathunting #forensics
netstat -nalp shows a process named "x7" PID with a listening port that we don't recognize. #DFIR
First thing we'll do is list out /proc/<PID> to see what is going on. Our PID is 5805:

ls -al /proc/5805

The current working directory is /tmp. The binary was in /tmp, but was deleted. A lot of exploits work out of /tmp and /dev/shm on Linux. This is a major red flag. #DFIR
Read 13 tweets
#BREAKING: Trump asked the President of Ukraine to investigate @Crowdstrike, a now publicly traded company $CRWD that 1st determined state-sponsored Russian hackers hacked the DNC. There is no server in Ukraine .. but that's beside the point #infosec
Here's our thread on @crowdstrike from 07-24-19 documenting the continued propaganda efforts coming from the Kremlin 2 smear & muddy the waters on something that has been fact 4 a number of yrs & confirmed in the Mueller report #infosec #osint #Hamilton68
This is a good breakdown of the Ukraine call with Zelensky and spells out numerous problematic sections #UkraineTranscript
Read 8 tweets
💣Treason💣

Trump Lawyers claim that any criminal inv’n of Trump is unconstitutional.🙄

Chief of the Major Economic Crimes Bureau is involved in the Mazars Subpoena, not Vance

WB Complaint Is Said to Involve Multiple Acts by Trump —Not just a phone call or single convo.
💣Treason2💣

The WBC goes beyond a commitment that Trump was said to have made to world leader(s), one such instance involves Ukraine.

Giuliani traveled to Ukraine to pressure that gov’t outside of formal diplo channels to effectively help the Trump reelection effort
💣Treason3💣

By investigating Hunter Biden about his time on the board of Burisma, a Ukrainian gas company.

8/28/19 Trump holds up Ukraine military aid meant to confront Russia

9/5/19: Trump tries to strong arm Ukraine to meddle in the 2020 election.
Read 61 tweets
⚠️ MALWARE VIA PEC ⚠️

Falso messaggio PEC che simula la trasmissione di una fattura elettronica proveniente da un reale indirizzo certificato @Arubait pec.it con allegato malevolo. Massima attenzione!
#malware #PEC #fatturaelettronica

Dettagli ⤵️ 1/
- Il mittente è un reale indirizzo pec.it: il messaggio arriva senza anomalie e la firma risulta valida;
- l’oggetto e il testo riprendono (quasi) esattamente quelli delle PEC del SDI;
- in allegato viene trasmesso un file .zip contenente un .pdf e un .vbs;
2/
- è presente la dicitura “mail priva di virus - avast.com” con tanto di logo caricato come contenuto remoto dal sito Avast legittimo.
Il messaggio PEC è molto simile a quello con cui vengono effettivamente trasmesse le fatture, salvo alcuni dettagli (v. foto).
3/
Read 8 tweets
THREAD: French company has created lots of fake domains pretending to be some very popular free software and is using these sites to distribute bundled adware and malware. /1 #malware #spoof #adware #opensource
Company name and information. /2
All domains lead to this ip: 185[.]46[.]229[.]39. First activity seen on March 30th. /3 #IoC #malware
Read 8 tweets
1) 1st #TwitterBot du jour. I have 2wonder if they can read the #INSTABLOCK [ ! ]
2) For those of U that may wonder why I go on about the #TwitterBots, here's one of the pieces of the story of this accounts time & the Bot assaults.
This is what they look like. This is a #BotFarm. Take $100k worth of iPhones, add more tech & a tech orchestrator (coder) & start
3) fake accounts on each one. Add various programs as time passes & release into the #TwitterSphere.
Soon after starting this account, DM's began coming thru that had a #Youtube link. Most often there was nothing else. I won't show the link as text as it could be opened & that's
Read 13 tweets
So I've been researching stalkerware for a while now, and I always had a feeling that a lot of the companies were linked in sort of clusters. Figured I'd go ahead and show one of those clusters now, and this guy "John Nguyen", though I'm pretty sure that is his actual name.
John runs "hellospy", "mobiispy", "maxxspy", "247spy", "1topspy", "spytic" & other companies that sell targeted #malware for surveillance of partners known as "stalkerware". He is not very good at covering his tracks. How bad? He has a youtube channel. youtube.com/channel/UCdxoX…
As well as his youtube channel he had quite the presence on Google+ promoting his various products .
Read 10 tweets
IDA's remote debugger is my go-to for debugging malware so that I never have to restore my VM and lose. If you're interested in trying it, I've attached some instructions on how to set it up to debug a DLL. (1/4) #malware #reverseengineering
1. Copy the remote debugger for your platform from the "dbgsrv" directory in your IDA installation directory to the debugging target and execute. -h will show you other options for configuring a password, port number etc. (2/4)
2. On the machine running IDA, select "Remote Windows Debugger" from the debugger dropdown.
3. Select Debugger -> Process Options from the menu, and fill in the parameters. Below I've included a sample configuration.
4. Select OK, and start the debugger like normal. (3/4)
Read 4 tweets
Just found an unlisted Pastebin shared by @James_inthe_box listing 124 #lokibot URLs. Pastebin.com/SyeXWqQE #osint
If you want to learn more about LokiBot, check out this write up. threatfabric.com/blogs/lokibot_… #malware
If you want to learn more about my method of finding unlisted Pastebin pages, read here. jakecreps.com/2018/10/10/osi… #osint
Read 3 tweets
I’m analysing #KevDroid samples the new #Android #malware discovered several days ago by #ESTSecurity
blog.alyac.co.kr/1587
The samples are available on @koodous_project and @virusbay_io
28c69801929f0472cef346880a295cdf4956023cd3d72a1b6e72238f5b033aca
679d6ad1dd6d1078300e24cf5dbd17efea1141b0a619ff08b6cc8ff94cfbb27e
990d278761f87274a427b348f09475f5da4f924aa80023bf8d2320d981fb3209
Read 13 tweets
ICYMI: Test Your #VPN's Anti #Phishing Protection .@planetscape .@ALT_uscis .@COPicard2017 .@IndivisibleNet #InfoSec
When #Ransomware 1st Appeared, .@FoolishIT Issued #CryptoPrevent - Is Free, Now Updated. Recommended! foolishit.com/cryptoprevent-… #InfoSec
Read 13 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!