Recent searches

No recent searches

Search options

Only available when logged in.
digitalcourage.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Diese Instanz wird betrieben von Digitalcourage e.V. für die Allgemeinheit. Damit wir das nachhaltig tun können, erheben wir einen jährlichen Vorausbeitrag von 1€/Monat per SEPA-Lastschrifteinzug.

Administered by:

Server stats:

830
active users

digitalcourage.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.4

#obfuscated

0 posts0 participants0 posts today
Wulfy<p>Here is a cool, novel advanced <a href="https://infosec.exchange/tags/algorithm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>algorithm</span></a> for tracking <a href="https://infosec.exchange/tags/stealth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>stealth</span></a> and can be used for <a href="https://infosec.exchange/tags/asteroid" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>asteroid</span></a> tracking, <a href="https://infosec.exchange/tags/spacejunk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>spacejunk</span></a> etc </p><p>Also. These mosaiced screen video, you can read the <a href="https://infosec.exchange/tags/obfuscated" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>obfuscated</span></a> text.<br><a href="https://infosec.exchange/tags/opsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opsec</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> implications </p><p>"pixel voxel motion projection"</p><p><a href="https://m.youtube.com/watch?v=zFiubdrJqqI" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">m.youtube.com/watch?v=zFiubdrJ</span><span class="invisible">qqI</span></a></p><p><a href="https://infosec.exchange/tags/algo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>algo</span></a> <a href="https://infosec.exchange/tags/compsci" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>compsci</span></a></p>
ANY.RUN<p>🚨 New <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phishing</span></a> campaign uses <a href="https://infosec.exchange/tags/DBatLoader" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DBatLoader</span></a> to drop <a href="https://infosec.exchange/tags/Remcos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Remcos</span></a> RAT.<br>The infection relies on <a href="https://infosec.exchange/tags/UAC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UAC</span></a> bypass with mock directories, obfuscated .cmd scripts, Windows <a href="https://infosec.exchange/tags/LOLBAS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LOLBAS</span></a> techniques, and advanced persistence techniques. At the time of analysis, the samples had not yet been submitted to <a href="https://infosec.exchange/tags/VirusTotal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VirusTotal</span></a> ⚠️</p><p>🔗 Execution chain:<br><a href="https://infosec.exchange/tags/Phish" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Phish</span></a> ➡️ Archive ➡️ DBatLoader ➡️ CMD ➡️ SndVol.exe (Remcos injected) </p><p>👨‍💻 <a href="https://infosec.exchange/tags/ANYRUN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANYRUN</span></a> allows analysts to quickly uncover stealth techniques like LOLBAS abuse, injection, and UAC bypass, all within a single interactive analysis session. See analysis: <a href="https://app.any.run/tasks/c57ca499-51f5-4c50-a91f-70bc5a60b98d/?utm_source=mastodon&amp;utm_medium=post&amp;utm_campaign=dbatloader&amp;utm_term=150525&amp;utm_content=linktoservice" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">app.any.run/tasks/c57ca499-51f</span><span class="invisible">5-4c50-a91f-70bc5a60b98d/?utm_source=mastodon&amp;utm_medium=post&amp;utm_campaign=dbatloader&amp;utm_term=150525&amp;utm_content=linktoservice</span></a></p><p>🛠️ Key techniques:<br>🔹 <a href="https://infosec.exchange/tags/Obfuscated" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Obfuscated</span></a> with <a href="https://infosec.exchange/tags/BatCloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BatCloak</span></a> .cmd files are used to download and run <a href="https://infosec.exchange/tags/payload" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>payload</span></a>.<br>🔹 Remcos injects into trusted system processes (SndVol.exe, colorcpl.exe). <br>🔹 Scheduled tasks trigger a Cmwdnsyn.url file, which launches a .pif dropper to maintain persistence. <br>🔹 Esentutl.exe is abused via LOLBAS to copy cmd.exe into the alpha.pif file. <br>🔹 UAC bypass is achieved with fake directories like “C:\Windows “ (note the trailing space), exploiting how Windows handles folder names. </p><p>⚠️ This threat uses multiple layers of stealth and abuse of built-in Windows tools. Behavioral detection and attention to unusual file paths or another activity are crucial to catching it early. <a href="https://infosec.exchange/tags/ANYRUN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANYRUN</span></a> Sandbox provides the visibility needed to spot these techniques in real time 🚀</p>
Pyrzout :vm:<p>Software Hacks Unlock Cheap Spectrometer <a href="https://hackaday.com/2025/03/31/software-hacks-unlock-cheap-spectrometer/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/03/31/softwa</span><span class="invisible">re-hacks-unlock-cheap-spectrometer/</span></a> <a href="https://social.skynetcloud.site/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseengineering</span></a> <a href="https://social.skynetcloud.site/tags/SoftwareHacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareHacks</span></a> <a href="https://social.skynetcloud.site/tags/spectrometer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>spectrometer</span></a> <a href="https://social.skynetcloud.site/tags/obfuscated" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>obfuscated</span></a> <a href="https://social.skynetcloud.site/tags/ToolHacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ToolHacks</span></a></p>
IT News<p>Software Hacks Unlock Cheap Spectrometer - A spectrometer is one of those tools that many of us would love to have, but just ... - <a href="https://hackaday.com/2025/03/31/software-hacks-unlock-cheap-spectrometer/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/03/31/softwa</span><span class="invisible">re-hacks-unlock-cheap-spectrometer/</span></a> <a href="https://schleuss.online/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseengineering</span></a> <a href="https://schleuss.online/tags/softwarehacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>softwarehacks</span></a> <a href="https://schleuss.online/tags/spectrometer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>spectrometer</span></a> <a href="https://schleuss.online/tags/obfuscated" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>obfuscated</span></a> <a href="https://schleuss.online/tags/toolhacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>toolhacks</span></a></p>
TrendingLive feeds
About