Research topic of the day: Choosing a #hashfunction for 2030 and beyond - https://kerkour.com/fast-secure-hash-function-sha256-sha512-sha3-blake3
TLDR: #blake3 is cool & let's hope it picks up steam, #sha512 is the winner for integrating into current projects.
Mal eine Frage zu #crypt, #SHA512 und #base64 :
Ich habe aus einem Excel-VBA-Dokument einen base64 kodierten Passworthash samt Salt und Rundenzahl. ...
#John #JtR mag den aber leider nicht erkennen, weil er von Excel mit dem "normalen" base64 codiert wurde (zwei "==" am Ende) und die falsche Länge hätte.
Crypt verwendet aber offenbar eine "spezielle Variante" von base64. 🤔
KEnn jemand einen Weg, diesen standard-base64-hash in einen crypt-base64-hash umzuwandeln?
Blogged: Creating hashes in .NET
Реализация SHA256 и SHA512 на языке RUST
Небольшая заметка студента о том, как самостоятельно реализовать алгоритмы SHA256 и SHA512 на Rust. Статья будет полезна всем, кто интересуется криптографией, хочет повысить уровень безопасности своих приложений или просто расширить свои знания в области программирования на Rust.
https://habr.com/ru/articles/811639/
#sha256 #sha512 #rust #криптография #хэширование #хэшфункция #пошаговая_инструкция #программирование
Attachment details:
Archive unpacked: Ojo de Agua L7e4Q9T8n7H5F02948682763671061.zip (application/zip, 875.00 B)
#MD5: 6631371d736d640a36c6ab4d6c63dea6
#SHA1: 8fd44aa1bff3821d3a433e36749ea72f43a94dd9
#SHA256: 7fc51469303642006715af40b5b8b545e249e8a2a7ff1b6604565db27de0ca0d
#SHA512: e658bd018c278481c1ea5bf32d4dee533bd6448dca8ad7094807fa7c6f569203a5d2c13b2e38a323c72a35fc221139eb7432451d91a924b47973807856ecba37
https://www.filescan.io/uploads/662fd7af75339da04fa6bb92
Expanded to Name: Ojo de Agua L7e4Q9T8n7H5F02948682763671061.html
File Magic: text/#html
SHA-256: 1ea974fab990da9ca61a9c56afdcbecbe8486e0cd2cc5045fea9ab71d8347ee7
https://www.filescan.io/uploads/662fd7af75339da04fa6bb92/reports/cd4142ec-180b-4461-b82a-9c65ac07a4dd/overview looks to be a spoofed #Google page, in German. No detections!
#spammers #scammers #malicious #suspectfiles #malware #triage #ioc #_ioc #infosec #informationSecurity #IncidentResponce #IR #spam #infosec #infomantionSecurity #virustotal #ABUSE #emailabuse
#filescan #virustotal
2/3
Today's #malware is a "DHL Express Inc" message with the content "FYA" and this attachment.
The SRC is 102.211.56.109 which is owned by maxko.org a #MMORPG #developer and #HostingProvider in #Sisak
IP is not currently a #openRelay and this appears to be a #compromised account with #cloudreliable.com
Archive unpacked: DHL Parcel Receipt_pdf.gz (#application/#gzip, 746.96 kB)
#MD5:
2ff3fd65c6fad4a8d0c8a3eaa83452ab
#SHA1:
e6cfce9a587b3e07801d4ac1f8dc97b2b5b9faf3
#SHA256:
6e041c223275155b530b0c1a6ebcfca0f81b312ef61b01324465883825fb8594
#SHA512:
90e3fc572aa8ed1b22501400d6a77f6fa6ad57fcc1597e935f44144892ac2819b16dce9dd1397711bbbc830401d52d932989204e53ec88ed26fda8aa64d1d008
https://www.filescan.io/uploads/66293f9d3137a4e0f3bf3311
#VT has 10/64 detections calling it #trojan.msil/#amsibypass
https://www.virustotal.com/gui/file/6e041c223275155b530b0c1a6ebcfca0f81b312ef61b01324465883825fb8594/detection/f-6e041c223275155b530b0c1a6ebcfca0f81b312ef61b01324465883825fb8594-1713966832
#spammers #scammers #malicious #suspectfiles
#malware #triage #ioc #_ioc #infosec #informationSecurity #IncidentResponce #IR
#spam #infosec #infomantionSecurity #virustotal
the #malware for today was a unique upload to #VT
Under the guise of an #RFQ sourced from 155.94.211.180 - our "friends" at #quadranet #quadranetIsACesspool #quadranetDoesNotRespondToAbuseComplaints
Archive unpacked: RFQ.PDF.lzh (#application/x-rar-compressed; version=4, 790.57 kB)
#MD5:
bfd11c09d12e016a72838e3368da964a
#SHA1:
00654c1b168a06474a3a9d1ea24565f75ccb219f
#SHA256:
127363d38a9a18187a0e9244d31ab1804bc25c32638d207b53e4bdfdde44e14e
#sha512:
e221f2d41f1448325a0652c69650b7abc50e10419230659929044f103b39abc01265be9fa7c7e5af80f06a2077911d409cccda86d2581d899aa67920d5c6eaa4
Detected malicious per https://www.filescan.io/uploads/6628249675339da04f9d43fb
expands to RFQ.PDF.exe
https://www.filescan.io/uploads/6628249675339da04f9d43fb/reports/1bab72f3-3ef2-4462-8437-79e946c52bee/overview
#VT has 30/64 for detection as #trojan.#zmutzy/autoit
https://www.virustotal.com/gui/file/127363d38a9a18187a0e9244d31ab1804bc25c32638d207b53e4bdfdde44e14e/detection/f-127363d38a9a18187a0e9244d31ab1804bc25c32638d207b53e4bdfdde44e14e-1713906829
#spammers #scammers #malicious #suspectfiles
#malware #triage #ioc #_ioc #infosec #informationSecurity #IncidentResponce #IR
#spam #infosec #infomantionSecurity #virustotal
#malware received 4/18/2024 under the guise of a purchase order from 51.81.91.105 : ovh.us
Not listed as an #OpenProxy
This had 2 #zip file attachments:
The first is detected by my endpoint #AV/#EDR as #Trojan.GenericKD.72435855 Filename: PO_APRIL007.zip
The second is
Archive unpacked: company profile.zip (#application/zip, 1.26 kB)
#MD5:
a11c889ac7a9b4a151316687e5470fd2
#SHA1:
539338d7ca7091aa3d4486702c7cc7f8f2f14d98
#SHA256:
b72bb3fe7f6fcc48350382a261b42000832bcde7332d94bf8b0257bf54e5e7f7
#sha512
283a88b8acee1f1ca17a75b81bc02dd1fd5dff3df6d7b396d51e1455e9dc342fb075053cbefd848f3f0dba89f76ade6a1868bd1ad6be761de8187e39e0d935c3
https://www.filescan.io/uploads/66241c163137a4e0f3bc66a2
Only 6 detections via #VT as #trojan.sload
https://www.virustotal.com/gui/file/b72bb3fe7f6fcc48350382a261b42000832bcde7332d94bf8b0257bf54e5e7f7/detection/f-b72bb3fe7f6fcc48350382a261b42000832bcde7332d94bf8b0257bf54e5e7f7-1713491357
#spammers #scammers #malicious #suspectfiles
#malware #triage
#spam #infosec #infomantionSecurity #virustotal
AFOC
Coconut@why2025
Ch M[ae][iy]e?r 🇪🇺 🤍 🇬🇱
damienbod
Habr
IrishMASMS