■■■■■ JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 3. https://www.asset-intertech.com/resources/blog/2024/03/jtag-debug-of-windows-hyper-v-secure-kernel-with-windbg-and-exdi-part-3/ https://t.me/cKure/13594
All posts in Uncategorized
March 5, 2024 at 08:14AM
■□□□□ Windows Triaging with Powershell — Part 1: Parsing Event Logs. https://aditya-pratap9557.medium.com/windows-triaging-with-powershell-part-1-parsing-event-logs-a6748657d150 https://t.me/cKure/13593
March 5, 2024 at 08:11AM
■■■□□ Passing arguments via rundll32.exe to function exported by DLL. https://stmxcsr.com/micro/rundll-parse-args.html https://t.me/cKure/13592
March 4, 2024 at 10:37AM
■□□□□ The NSA list of memory-safe programming languages has been updated. In no particular order, the NSA suggests these memory-safe programming languages ● Go ● Rust ● C# ● Swift ● Java ● Ruby ● Python ● Delphi/Object Pascal ● Ada https://readwrite.com/the-nsa-list-of-memory-safe-programming-languages-has-been-updated/ https://t.me/cKure/13591
March 4, 2024 at 09:23AM
■■■■□ Bypass UAC – Methods – DSAS INJECT [BLOG]. https://blog.injectexp.dev/2024/03/02/bypass-uac-methods/ https://t.me/cKure/13590
March 3, 2024 at 06:53PM
■■■□□ Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems. The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. https://thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html https://t.me/cKure/13589
March 3, 2024 at 05:54PM
■■■■■ DarkWidow : a Dropper/Post Exploitation Tool targeting Windows (Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing).…
March 3, 2024 at 05:45PM
■■■■■ Practical Introduction to BLE GATT Reverse Engineering: Hacking the Domyos EL500. https://jcjc-dev.com/2023/03/19/reversing-domyos-el500-elliptical/ https://t.me/cKure/13587
March 2, 2024 at 07:58PM
■■□□□ Data-Leak: Epic Games, DJI, Shein, and Kick claimed by Mogilevich ransom gang. https://cybernews.com/news/epic-games-dji-shein-kick-claimed-by-mogilevich/ https://t.me/cKure/13586
March 2, 2024 at 04:51PM
■■■■■ Iran based Cyber-War against its adversaries avoid ongoing genocide and extermination of Muslims and Christians in Gaza and West-Bank, Palestine by the Zionist Jews of Israel and their supporters (United States When Cats Fly: Suspected Iranian Threat Actor UNC1549 Targets Israeli and Middle East Aerospace and Defense Sectors. https://www.mandiant.com/resources/blog/suspected-iranian-unc1549-targets-israel-middle-east https://t.me/cKure/13585