CEO at
@securityjoes
| Malware Eater & Incident Agnostic | ex-Ploit Writer | CVE-2017-147** CVSS v3 9.8 | Book Writer | Black Belt | Father | Here to play
(1) Open a new directory
(2) Type “cmd” in URI
(3) Execute the following command in the opened command-line window:
$> netsh wlan export profile folder=. key=clear
Checkout how many clear-text Wi-Fi passwords are stored on your machine.
10x
@B_H101
@miakhalifa
What about this?
Is this resistance?
Woman being kidnapped along with her two baby boys (small baby bleeding from his head). They will sleep in Gaza today. Next to your loved freedom fighters who killed 200 of ours in 1 day. Most are civilians - elderly, children, parents. In
Hi
#infosec
,
I noticed a group of my followers support HAMAS and their acts, commenting with smiles and laughter about babies being murdered in-front of their mothers. (Please bare with me)
Started blocking them, but how many are there in our global community?
I’M CALLING 🔈
WhatsApp message: “Ido we have a ransomware incident! How soon can you come?!”
Me: <swiping up the message to ignore notification> “Smile everybody! 😁”
Life is short. Don’t let work set the pace.
Imagine you were born in 1900.
When you're 14, World War I begins and ends when you're 18 with 22 million dead.
Soon after a global pandemic, the Spanish Flu, appears, killing 50 million people. And you're alive and 20 years old.
*Malware Analysis question*
You bumped into this code:
xor ecx, ecx
mov edx, 0xabcdefff
add edx, 0x12345678
mov eax, [edx]
add eax, ecx
In the context of malware, what are you suspecting that it’s responsible for?
Talking to SysAdmin during IR:
Me: Found patient zero
Him: Huh cool, which one was it?
Me: <username>
Him: There, I deleted everything related to that user.
Nooo…🤦🏻♂️🤦🏻♂️🤦🏻♂️🤦🏻♂️
One of my CEO friends was asking me a serious question:
“Should I hire
#infosec
experts based on the amount of Tw followers they have?”
I honestly don’t have an answer.
Do you?
Yesterday, 10AM, first step into the mettress. 45min endurance, 10hrs of techniques in Karate, Krav Maga, Judo, JiuJitsu, BJJ and more and more. An endless day!!
Then, at 9:30PM, grand finale - 25 straight full-contact fights.
Achievement Unlocked.
#BlackBelt
1 in a million 😯
#Mimikatz
command detected based on strings in CMD, but this is actually a legitimate MS
#Defender
Base64 payload.
For some *COOL* reason the Base64 actually reads “sekurlsa” 🤩
Fun {Incident Response} with
@dark0pcodes
You like the first one, so here’s another *malware analysis RE question*
You’ve stumbled on this code snippet:
mov ecx, 0x12345678
mov edx, 0x87654321
mov eax, [edi]
add eax, ecx
rol eax, 0x7
xor eax, edx
push eax
call some_function
Can you identify the hidden pattern?
Behind every Tw profile is a person. Having 100K followers or only 20, it doesn’t change the fact that we’re alone at the end of the day. Be nice, be responsive, loosen up a little. Military distance won’t make you more attractive. The security industry is small. Stay human.
If you ain’t using AI, you’re missing out.
Lots of your work’s heavy lifting can be done faster when using AI, almost regardless of what your occupation is.
Use it!
Origin: Linkedin
Meet Eliana Bergman, a top-notch pentest we with over 6y experience & military background.
But Eliana is not only herself. She’s also a German model named Zoe.
Anybody said HAMAS? I couldn’t hear well. What?
גוגל הוציאו ממש עכשיו עדכון חירום לדפדפן שלהם עד גרסה 99. זה אומר שתוקפים מנצלים חולשה בדפדפן ממש בזמן שאנחנו קוראים. עדכנתם כבר? יופי.
לא? תעצרו, תעדכנו ותחזרו.
That’s insane.
Posting about a CTO of global startup who was MURDERED by
#HAMAS_is_ISIS
.
Look at the reaction of Fares Walid to another person’s death,
#infosec
.
“I am sure he’s going to hell as you [emojis]”.
There are many like him.
@Hacker0x01
stays silent.
@k8em0
Good night Israel 🇮🇱
Our children will sleep on the floor in safe rooms today. We’ll calm them down as they try to comprehend what is happening.
Lock your doors. Trust no one.
A woman contacted me today after her son was a victim to sexstortion. I was (surprisingly) able to take down the user & block dozens of videos he/they uploaded to XVideos.
FYI - The attacker actually contacted the victim over WhatsApp and recorded audio threat!
TV recorded it👇🏼
@hacker_
Not trying to be offensive, but are you trying to pitch IDOR to non-technical people?
Anyone can hack, Yeah, maybe. Not from your 3 tweets about it, IMHO. It requires skills and understanding, technical experience and nights of hard work.
Give those who do it some credit.
לא הרבה ידוע על החולשה המדוברת חוץ מהעובדה שהחולשה נקראת Type Confusion V8 והיא מדברת על בעיה במנוע הJavaScript. מסיבות ברורות, גוגל לא חושפים את פרטים הטכניים, אבל בדיקה מעמיקה לתוך הpatch אולי תניב יותר מידע.
A child born in 1985 thinks his grandparents have no idea how difficult life is, but they have survived several wars and catastrophes.
Today we have all the comforts in a new world, amid a new pandemic. But we complain because we need to wear masks.
We complain because we must stay confined to our homes where we have food, electricity, running water, wifi, even Netflix! None of that existed back in the day. But humanity survived those circumstances and never lost their joy of living.
I RATHER SPEAK UP,
I won’t take part in
#infosec
events where HAMAS supporters attend, take part, speak, teach, own, sponsor or get paid for.
You should do the same!
If by mistake I will, I’d confront any HAMAS supporter during those events. That’s a promise.
🛑 SHARE THE TRUTH 🛑 Suhaib Abu Amr, a 22-year-old Palestinian from East Jerusalem who worked as a bus driver at a party in Ra'im - was brutally executed by
#Hamas_is_ISIS
terrorists, even though they understood beyond any doubt that he was a Palestinian 🇵🇸❗️
Due to the
After 6 months of preparations and 4 fights, I won. As a referee and as a fighter, I enjoyed every second of the Israel Survival
#Jiujitsu
state championship. 1st place, TV interview and lots of honor. 👊🏼🥋
When you're 39, World War II begins and ends when you're 45 years old with a 60 million dead. In the Holocaust, 6 million Jews die.
When you're 52, the Korean War begins.
When you're 64, the Vietnam War begins and ends when you're 75.
I see a thread coming...
So this is hilarious. I already have the Israeli CERT on
@virusbay_io
and I just got an email from the Iranian CERT, asking to join. Grab your popcorn people, I just sent them an invite.
Really excited to announce that
@0verfl0w_
is our No.12 ninja!
He will be joining
@SecurityJoes
to fight side by side against nation-sponsored beasts & other creations lurking the wires.
You haven’t got a response from
@virusbay_io
about an invite code?
No, you’re not rejected, not pretty enough, not part of the wrong race/culture/origin or all the rest of your guesses) it’s just my wife is abroad on vacation and I’m responsible for 3 little monsters. 🙈🙊🙉
Here’s a hack for you:
WhatsApp does not allow DELETE FOR EVERYONE whenever you want. Once time passes - doomed. Right? Wrong.
Rewind your phone’s time and try again. WhatsApp calc it based on your mobile’s clock ⏰ 😎
Try it. I heard it works. 😉
I have to be honest. Promoting my own company is so much better. Started fresh and the excitement is off the roof.
New title: Making Things Tick at
@SecurityJoes
. 🍻
#DFIR
#ThreatIntel
& other recepies
When you're 29, you survive the global economic crisis that started with the collapse of the New York Stock Exchange, causing inflation, unemployment, and famine.
When you're 33 years old, the nazis come to power.
1/5 Been writing a book for the past 3 months. After 140p I have to say it’s almost done. The book is based on a life of a simple person (yours truly) and his journey to investigating prolific malware groups in an ever growing war of attacker vs. defenders.
Meet Youssef.
Youssef is a CTO of respected company in Egypt.
Youssef is a good person.
Youssef doesn’t know the difference between HAMAS & Palestine.
Youssef is angry because he doesn’t know how to read English.
Youssef doesn’t like Israel.
Help Youssef understand that
In the upcoming days, right before
@virusbay_io
’s new version (Yes, API!) these {not so} little tubes will travel to 18 countries -> 29 destinations.
#Kickstarter
supporters 🤘🏽🎉 Thank you!
1/2 My daughter's kindergarten is using an app to track kids activity, upload pics and contact the teacher. All in all, its really nice. But I was still curious so I streamed the app traffic via
@Burp_Suite
and after 5 minutes I could enter any kindergarten
An Israeli website nagish[.]co[.]il was compromised and one of its subdomains (embedded in dozens of websites (including gov and media) became temporary water holes for Israeli residents. We are still investigating, but its important to share the sample and protect your users.
A new
#Facebook
#Messenger
malware is running around. Victims are getting messages coming from their friends as "video_xxxxx.bz" where 'x's are \d
Sample available on
@virusbay_io
:
Also added screenshot from our
@kaspersky
ThreatIntelPortal.
אני באמת בשוק!!
אני בשוק שאיזה ילד מלזי בזבז לי 5דק בלעבור על 139 תמונות משנת 2012 שכוללים חשבונות ארנונה ותשלום קנסות ובין השאר כמה תעודות זהות… 19MB של בדיחה.
חג שמח
@BenMittelman
@amitaiz
@talshahaf
@barzik
Last year, an unknown actor distributed phishing via
@wallamail
, that infected Israeli victims with a crafted
@ScreenConnect
implant. Same actor now returns to a 2nd round via Fb:
An APK wrapped with
#RevCode
WebMonitor (recently covered by
@briankrebs
-)
@idokius
6:30 בבוקר כשהתעוררתי מהאזעקה ופתאום ערוצי טלגרם של החמאס פרסמו תמונות וסרטוני ״אקשן״ על מוצב של חיילים שנרצחו תוך דקות והכל שם - ויזואלי. כאילו זה טאליבן באפגניסטן. וזה פה - בדרום - יש שם פסטיבל, נזכרתי, 3500 איש יש שם! נחנקתי.
מאז אני בטלפון כל היום. ליטרלי כל היום.
Simple question:
If you were holding the rifle, would you be able to shoot?
Face to face. No combat, no intelligence, not from an airplane or tank. Not from distance or from a car drive by and shooting at a mob running for their lives.
In a room. Silently. Hearing nothing but
Reading through
@virusbay_io
emails is such a breeze. I’m looking at this incoming one:
“Hi VirusBay,
I’m ——-, a malware & exploit researcher from XXXXX asking for an invite code.
Regards,
——- ——
Sales Engineer at XXXXX
🤷🏻♂️
Have you ever seen full contact
#kyokushin
fight between a man and his daughter before?
Here you go. My baby. 1hr techniques & endurance test and 5 straight fights.
After, coach asked if she wants to do another one... with dad.
Underneath a face full of tears we heard:”Yes”.
A date was set for my Black Belt test. No, it’s not in Yara or reversing - the actual martial arts black belt. After 10 years of long dedication, I was finally chosen by my Master (Dan 9, Red belt) to go through the horror of a 10 hours test.
What does it includes?
הבת שלי בכתה היום.
הייתה אזעקה בהוד השרון בזמן בית הספר.
היא רצה למקלט, אבל אני נשארתי בחוץ.
בימים אלה אנחנו שומרים בבית הספר.
מתנדבים חמושים.
היא רצה החוצה בבכי ולא נרגעה עד שחיבקה אותי חזק.
אני כל הזמן אומר לה ״לא יכול לקרות לי כלום״, אבל כולנו יודעים שזה לא נכון.
אין
Me thinking: “Now that I no longer with Kaspersky I lost my VT unlimited... How the hell can I get fresh samples...?”
My inner me: “Oh yeah... Now I remember... I created a social network for malware analysis. Phew...”
Go
@virusbay_io
🤙🏻
Yes,
@virusbay_io
requires you to tell me who you are. All three letter agencies, state-sponsored APT actors and newbies with fake emails, you too. Are we done now?
I don’t usually go into illustrating APT actors, but when I do it’s probably bcz I really want to listen to my
@kaspersky
colleagues and my ADHD tries to win me over.