Today Donald J. Trump signed a Presidential Memorandum revoking any active security clearance held by Chris Krebs and his associates.
This includes SentinelOne in totality.
More information: https://www.whitehouse.gov/fact-sheets/2025/04/fact-sheet-president-donald-j-trump-addresses-risks-from-chris-krebs-and-government-censorship/
This includes SentinelOne in totality.
More information: https://www.whitehouse.gov/fact-sheets/2025/04/fact-sheet-president-donald-j-trump-addresses-risks-from-chris-krebs-and-government-censorship/
The White House
Fact Sheet: President Donald J. Trump Addresses Risks from Chris Krebs and Government Censorship
RESTORING TRUST IN GOVERNMENT: Today, President Donald J. Trump signed a Presidential Memorandum revoking any active security clearance held by Chris
π46π€―13π9π₯5π₯°3β€1π€1π’1π―1
out.txt
30 KB
Massive update to Malware Defense collection
Chat, we are cookin'. Thanks to Malpedia for letting us get the files. They're the best.
Chat, we are cookin'. Thanks to Malpedia for letting us get the files. They're the best.
π₯45β€5π4π2π’1
This media is not supported in your browser
VIEW IN TELEGRAM
me trying to have a rational conversation about computers with someone on twitter
π69π€£27β€βπ₯1π±1π’1π1
Someone contacted us and said they 0day'd their school, infected every machine with a custom RAT, and displayed a MessageBox to everyone in the school at the same time. After that, the school hired him to be in charge of cybersecurity
What the fuck are you talking about
What the fuck are you talking about
π€£355β€βπ₯17β€9π€9π€―8π6π6π4π€2π’1
"Nothing is certain except computer viruses and cat pictures" β Benjamin Franklin
π72π€£29π―7π€6π€2π’1
This media is not supported in your browser
VIEW IN TELEGRAM
Windows 10 support ends October 14th, 2025. It is the calling of the Linux nerds.
π151π€£48π₯°18π€10β€9π―7π4π’2
The National Police Agency (NPA) of Japan recent documentation of state-sponsored Threat Actors from China is interesting.
A group they believe to be a subset of APT10, abuses WSB (Windows Sandbox) by creating a .wsb configuration file and using it to spin up an instance of the Windows Sandbox.
This is interesting because Windows Defender cannot access the Windows Sandbox (image 1).
The payload enables folder sharing, network access, clipboard access, microphone access, and video access.
tl;dr abusing the sandbox, sandbox as a c2
A group they believe to be a subset of APT10, abuses WSB (Windows Sandbox) by creating a .wsb configuration file and using it to spin up an instance of the Windows Sandbox.
This is interesting because Windows Defender cannot access the Windows Sandbox (image 1).
The payload enables folder sharing, network access, clipboard access, microphone access, and video access.
tl;dr abusing the sandbox, sandbox as a c2
π81β€βπ₯24π±19π₯15π€―7π€7π€6β€5π1π’1
Congratulations to APT "Stately Taurus".
Throughout 2021 and 2022 Palo Alto was tracking their activity because they left debug symbols in their DLLs.
They've since learned to remove the debug symbols. Good job, buddy. It took a few years, but you're getting better!
Throughout 2021 and 2022 Palo Alto was tracking their activity because they left debug symbols in their DLLs.
They've since learned to remove the debug symbols. Good job, buddy. It took a few years, but you're getting better!
π72π€£21π₯°6π6π5β€1π₯1π’1
vx-underground
Congratulations to APT "Stately Taurus". Throughout 2021 and 2022 Palo Alto was tracking their activity because they left debug symbols in their DLLs. They've since learned to remove the debug symbols. Good job, buddy. It took a few years, but you're gettingβ¦
Still not as oopsie-doopsie as when the Indian military left the PDB data present which displayed the developers first name and last name, but making the path "hack" is pretty oopsie too.
π59π4π€£3π’1
This media is not supported in your browser
VIEW IN TELEGRAM
A visual representation of cybersecurity
π102π±2π’1π―1
Due to insanely high-demand, we will be working on a kitty cat picture repack. The repack will have non-cat images removed. We will also increase the number of kitty cat pictures present.
Special thanks to DiffeKey for fixing the entire thing.
Special thanks to DiffeKey for fixing the entire thing.
π₯°84π€8π7π’1
vx-underground
Due to insanely high-demand, we will be working on a kitty cat picture repack. The repack will have non-cat images removed. We will also increase the number of kitty cat pictures present. Special thanks to DiffeKey for fixing the entire thing.
Oh, and based on seeds and stuff, a guesstimate is over 1 petabyte of cat pictures have been distributed. Cat pictures are x100 more popular than anything we've ever shared or produced
π₯°115π€£32β€15π€―5π1π’1
Media is too big
VIEW IN TELEGRAM
April 9th, EUROPOL did a press release regarding the arrest of affiliates using IcedID, SystemBC, PikaBot, Smokeloader, and Bumblebee.
EUROPOL memes the malware authors databases for not being 'GDPR compliant' and (in some capacity) reaching out to and identifying affiliates via Telegram.
Furthermore, EUROPOL put out a warning for customers of 'Superstar' and state they're actively doing arrests, home searches, issuing arrest warrants, doing 'knock-n-talks'.
5 unnamed individuals have been apprehended and are being 'interrogated' (quite literally the words used by EUROPOL, the connotation sounds like they're sending people to Guantanamo Bay).
They also released another mini-anime episode
Β―\_(γ)_/Β―
EUROPOL memes the malware authors databases for not being 'GDPR compliant' and (in some capacity) reaching out to and identifying affiliates via Telegram.
Furthermore, EUROPOL put out a warning for customers of 'Superstar' and state they're actively doing arrests, home searches, issuing arrest warrants, doing 'knock-n-talks'.
5 unnamed individuals have been apprehended and are being 'interrogated' (quite literally the words used by EUROPOL, the connotation sounds like they're sending people to Guantanamo Bay).
They also released another mini-anime episode
Β―\_(γ)_/Β―
π₯70π16π€6π3β€2π€2π’1