Brbbot: Full Malware Analysis & Reverse Engineering 7amthereaper.github.io/posts/brbbot-f…

🔎New #ABE #bypass spotted ITW #VoidStealer is the first #infostealer to weaponize a debugger-based technique that extracts the v20_master_key straight from browser memory, requiring neither privilege escalation nor code injection, making it significantly stealthier than existing methods – a truly elegant (and scary) technique. Full technical analysis ↓ gendigital.com/blog/insights/…R IoC: f783fde5cf7930e4b3054393efadd3675b505cbef8e9d7ae58aa35b435adeea4 #infostealer #threatresearch #Chrome #malware #abe_bypass

Manual DLL debugging takes time. My "first view" approach: 1. DLL → EXE 2. TinyTracer to capture API behavior Quickly reason about malicious actions before deep analysis. #dll_to_exe #TinyTracer #BareTail

In the renewable energy sector, an attack targeted at least 30 wind and solar farms in Poland. The attack resulted in a loss of communication between the facilities and distribution system operators (DSOs), but it did not affect ongo‑ing electricity generation. #IOCs #APT #Wiper or Incident Report 2025 github.com/blackorbird/AP… #Sandworm DynoWiper update: Technical analysis and attribution welivesecurity.com/en/eset-resear… dragos 2025 poland attack report github.com/blackorbird/AP…

mb new #wiper #malware (#ironzero #doublezero) sample likely used (or attempted to be delivered) against #Ukrainian entities/infrastructures. MD5 c74355fbaea7c49b7ceecb420edfe75c (VT). It appears to invoke NtFsControlFile with 0x980C8, to mark bytes as unallocated. #APT

youtube.com/watch?v=PmqvBe…

I was looking at a recent #RaccoonV2 sample that uses API hammering to delay execution and complicate the analysis. tria.ge/230107-vytztah… I wrote a quick script to cleanup the decompiled code. github.com/N1ght-W0lf/Mal… (1/3)

Windows API arsenal by @0x6970 for reversers blog.fautl.com/api-list.html