Advertisement · 728 × 90

Posts by Kyle Eaton

Post image

This was my take as well, but have you seen some tools “correct” the error?

1 month ago 0 1 0 0

You’re listed by name in the “big league” section

1 month ago 2 0 1 0

“It was not a phase”

2 months ago 2 0 0 0

im tired dude

2 months ago 2 0 0 0

remember when we got a weeks worth of news coverage when Obama called Kanye a jackass?

2 months ago 3 0 2 0

Dude, Stephen King loves the word “pallid.”

3 months ago 1 0 0 0

Thank you! I haven’t looked into writing yara x modules yet, but was thinking about a strelka scanner. Def going to see about yara x now though that’s a great idea

5 months ago 1 0 1 0
Advertisement

PDFs have been a constant struggle and I’ve found that this helps. Might be a little biased tho

5 months ago 4 2 1 0

I’ll be presenting at #GrrCON this year about some weird pdf detection ideas I’ve been messing with. Swing by and tell me your file format

6 months ago 3 1 0 0

People love people who use ms paint.

10 months ago 0 0 1 0
It’s a strong bug.

It’s a strong bug.

We don’t need AI for shitty art

10 months ago 4 1 0 0
Preview
a man in an apron is cooking in a kitchen with a sign on the wall that says no smoking ALT: a man in an apron is cooking in a kitchen with a sign on the wall that says no smoking

Cooking up signatures

1 year ago 2 0 0 0

Idk about y’all but I don’t plan on giving RU ops a free pass into our customer networks just because some ding dong says they aren’t a threat

If anything I might just wanna burn them with more prejudice out of spite for both regimes

1 year ago 36 9 3 3
Preview
GitHub - target/halogen: Automatically create YARA rules from malicious documents. Automatically create YARA rules from malicious documents. - GitHub - target/halogen: Automatically create YARA rules from malicious documents.

QR codes can be tricky just because the benign and malicious ones can be very similar. But you can use something like halogen to help generate the yara rules for testing it out. github.com/target/halogen

1 year ago 3 0 1 0

Check this episode out to hear about image lures and how we can detect them

1 year ago 4 1 2 0

www.virustotal.com/gui/file/f2a...

Also expecting to see indiandefenceforces[.]link soon

1 year ago 0 0 0 0
Advertisement

Haven’t seen PDFs for this yet but a new domain popped: defenceindia[.]link

1 year ago 0 0 0 0

departmentofdefence[.]link 🧐

1 year ago 0 0 1 1
Preview
threatresearch/yara/zip_file.yara at master · EmergingThreats/threatresearch I wanted to call this repo "Nuclear Football Codes". I was outvoted.. - EmergingThreats/threatresearch

Yara rule to match concatenated zip files. I like this one (biased) because of how we are able to avoid matching nested zip files.

More info: x.com/threatinsigh...

#yara github.com/EmergingThre...

1 year ago 14 7 2 1