Introduction This diary provides indicators from a Lumma Stealer infection that was followed by Sectop RAT (ArechClient2). I searched for cracked versions of popular copyright-protected software, and I downloaded the initial malware after...
BitCoin Wallet Addresses From the Breached Forums Cybercrime-Friendly Forum Community - A Compilation
Date inconnueDear blog readers,The following is a compilation from BitCoin wallet addresses from the Breached Forums cybercrime-friendly forum community.Here's the compilation:"BTC (SegWit)","bc1qt92z6vsrnf87ndutvrw8fdm7t5dwrlnucz7j4m","Post...
Is Aquila (Dmitry) from WASM Forum Community the Author of the Carberp Banking Malware?
Date inconnueDear blog readers,I recently did something very interesting and I decided to share my results and findings.What I did was the following. While doing a technical collection round for malicious software I came across to Carberp's source where I...
Human Trust of AI Agents
Date inconnueInteresting research: “Humans expect rationality and cooperation from LLM opponents in strategic games.” Abstract: As Large Language Models (LLMs) integrate into our social and economic interactions, we need to deepen our understanding of how...
ISC Stormcast For Thursday, April 16th, 2026 https://isc.sans.edu/podcastdetail/9894, (Thu, Apr 16th)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
[This is a Guest Diary by Alec Jaffe, an ISC intern as part of the SANS.edu Bachelor's Degree in Applied Cybersecurity (BACS) program [1]. Security cameras are great at monitoring physical doors, but terrible at locking their own digital ones....
Introduction Obfuscation is security through obscurity; its purpose is to transform a piece of code into a much more complex representation, whilst preserving the original semantics of the code. A compiler's job is to transform source code into...
Defense in Depth, Medieval Style
Date inconnueThis article on the walls of Constantinople is fascinating. The system comprised four defensive lines arranged in formidable layers: The brick-lined ditch, divided by bulkheads and often flooded, 1520 meters wide and up to 7 meters deep. A low...
ISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892, (Wed, Apr 15th)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Scanning for AI Models, (Tue, Apr 14th)
Date inconnueStarting March 10, 2026, my DShield sensor started getting probe for various AI models such as claude, openclaw, huggingface, etc. Reviewing the data already reported by other DShield sensors to ISC, the DShield database shows reporting of these...
Microsoft Patch Tuesday April 2026., (Tue, Apr 14th)
Date inconnueThis month's Microsoft Patch Tuesday looks like a record one, but let's look at it a bit closer to understand what is happening The update patches a total of 243 vulnerabilities. However, 78 of them are Chromium issues affecting Microsoft Edge....
Upcoming Speaking Engagements
Date inconnueThis is a current list of where and when I am scheduled to speak: I’m speaking at DemocracyXChange 2026 in Toronto, Ontario, Canada, on April 18, 2026. I’m speaking at the SANS AI Cybersecurity Summit 2026 in Arlington, Virginia, USA, at 9:40 AM...
How Hackers Are Thinking About AI
Date inconnueInteresting paper: “What hackers talk about when they talk about AI: Early-stage diffusion of a cybercrime innovation.” Abstract: The rapid expansion of artificial intelligence (AI) is raising concerns about its potential to transform cybercrime....
ISC Stormcast For Tuesday, April 14th, 2026 https://isc.sans.edu/podcastdetail/9890, (Tue, Apr 14th)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
BSIM explained once and for all!
Date inconnueIntroduction During our work on SightHouse, we evaluated several binary similarity engines to find one that met our needs. After thorough evaluation, we chose Ghidra's Behavioral Similarity (BSIM) feature. One key difference of BSIM compared to...
On Anthropic’s Mythos Preview and Project Glasswing
Date inconnueThe cybersecurity industry is obsessing over Anthropic’s new model, Claude Mythos Preview, and its effects on cybersecurity. Anthropic said that it is not releasing it to the general public because of its cyberattack capabilities, and has...
Scans for EncystPHP Webshell, (Mon, Apr 13th)
Date inconnueLast week, I wrote about attackers scanning for various webshells, hoping to find some that do not require authentication or others that use well-known credentials. But some attackers are paying attention and are deploying webshells with more...
AI Chatbots and Trust
Date inconnueAll the leading AI chatbots are sycophantic, and that’s a problem: Participants rated sycophantic AI responses as more trustworthy than balanced ones. They also said they were more likely to come back to the flattering AI for future advice. And...
ISC Stormcast For Monday, April 13th, 2026 https://isc.sans.edu/podcastdetail/9888, (Mon, Apr 13th)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Happy Easter
Date inconnueDear blog readers,Happy Easter.I wanted to let everyone know about my most recent project which I did on my own and where I intend to spend most of my time working on.It's called Cyberbuzz.org and it's basically a long dream come true where I aim...
Aucun article de sécurité disponible