After a few months of tracking, here is my analysis of the late 2021 #Aggah / #GorgonGroup campaign. Part 1 related to the infection chain and the campaign overview: Part 2 focusing the #AgentTesla v3 technical malware analysis:

RT @alexjplaskett: ✍️ Advanced Fuzzing With LibAFL by @domenuk

RT @kupsul: In case you weren't at #nohat2024 but still wanna nerd over RPC, authentication and what's in between, we summarized everything…

RT @thezdi: We've updated our blog on abusing file deletes to escalate privileges. We've also released PoC to demonstrate this. The exploit…

RT @Clooope1: Got my first CVE (CVE-2024-41908) during my Master's project on fuzzing. The affected product, Siemens NX, has an out-of-boun…

RT @ret2systems: A few months back we submitted two exploit chains to the first ever Pwn2Own Automotive competition. We just released a b…

RT @h0mbre_: Wrote a blogpost summarizing all of the features we've added to Lucid in the last few months: Snapshots, Code Coverage Feedbac…

RT @allthingsida: Do you know what that means? You can now play with all 3 IDA GPTs without being a paid customer: -

RT @mrexodia: Link to the paper for those interested:

RT @HexRaysSA: Take the time to read our new #PluginFocus article. In this blog post, Arnaud Gatignol (@_anyfun) and Julien Staszewski (@_0…

RT @0vercl0k: There is now a programmatic way for you to record slices of execution with TTD in your own application 🔥 Check out the LiveR…

RT @quarkslab: Is remote code execution in UEFI firmware possible? Yes it is. Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK…

RT @mrexodia: Great series of blog posts by @justuspolzin that makes Mixed Boolean-Arithmetic obfuscation very accessible:

RT @aflplusplus: The recording of our #37c3 talk "Fuzz Everything, Everywhere, All at Once - Advanced QEMU-based fuzzing" can be found here…

RT @aflplusplus: If you want to play with the injection vulnerability detection feature shown at #37c3: for AFL++ read instrumentation/READ…

RT @alexjplaskett: A very digestible presentation about fuzzing with LibAFL and QEMU. Slides: Code: https://t.…

RT @jordan9001: I turned a workshop on fuzzing with LibAFL into a blog post for you all, check it out:

RT @thalium_team: Following up on his #SSTIC talk earlier in June, Valentino found a critical RCE affecting the Steam client. Read more abo…

RT @HexRaysSA: We’ve got some cool stuff today! A #PluginFocus article by Baptiste Verstraeten from the @thalium_team. He introduces #Symle…

RT @tmpout: Check it out, it's tmp.0ut Volume 3!

RT @thalium_team: Rooting Wi-Fi routers! Julien and Marin investigated Xiaomi routers and identified a few vulnerabilities along the way,…