⚯ Michel de Cryptadamus ⚯Jan 26

Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

1. --export-png images lets you export images of the analysis

2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

3. couple of small bug fixes and debugging related command line options

You can try it on the web here: https://yaratoolkit.securitybreak.io/
(I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

- Github: https://github.com/michelcrypt4d4mus/yaralyzer
- Pypi: https://pypi.org/project/yaralyzer/
- on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

Hacker NewsJan 14

Never-before-seen Linux malware is "more advanced than typical"

https://arstechnica.com/security/2026/01/never-before-seen-linux-malware-is-far-more-advanced-than-typical/

#HackerNews #LinuxMalware #AdvancedThreat #CyberSecurity #TechNews #MalwareDetection #LinuxSecurity

Never-before-seen Linux malware is “far more advanced than typical”

VoidLink includes an unusually broad and advanced array of capabilities.

Ars Technica
eqtvJan 13

Tips from Nadiyno.org: how to recognise dangerous attachments in emails and protect yourself

https://peertube.eqver.se/w/iWZ4NyZS9zpXwiqUZNat2S

Nadyino_qa_1_004_en

PeerTube
Reddit Tech VN BotDec 22

Đang tìm kiếm mô hình/công cụ để quét và phát hiện mã độc trong dự án mã nguồn mở. Đang cân nhắc Nemotron, GPT-OSS, Qwen Coder hoặc liệu có mô hình điều chỉnh/tập trung chuyên sâu nào khác hỗ trợ? Cần gợi ý từ cộng đồng! #AiAnToan #PhanTichMa #OSS #CodeSecurity #MalwareDetection

https://www.reddit.com/r/LocalLLaMA/comments/1psr8rl/looking_for_modelsprojects_to_scan_and_detect/

Reddit Tech VN BotDec 6

Một công cụ mới dành cho Windows, GuardianX, được ra mắt để giúp người dùng phát hiện malware, rootkit chưa bị nhận diện. Công cụ này phát hiện các file .exe không chữ ký, tiến trình ẩn, kết nối mạng đáng ngờ, và cho phép xem cây tiến trình để dễ dàng kiểm soát. Hỗ trợ Win10/11, không thu thập dữ liệu.

#MalwareDetection #WindowsTool #Cybersecurity #GuardianX #PhầnMềmDiệtVirus #CôngCụWindows #BảoMậtMáyTính #AnNinhMạng

https://www.reddit.com/r/SaaS/comments/1pfog6b/i_made_a_windows_tool_for_find

The DefendOps DiariesSep 23

Could a simple QR code hide a hidden threat? The fezbox npm incident revealed malware camouflaged inside a QR code, challenging everything we thought we knew about cybersecurity. Read on to see how attackers are outsmarting traditional defenses.

https://thedefendopsdiaries.com/steganographic-use-of-qr-codes-in-cybersecurity-the-fezbox-npm-package-incident/

#qrsecurity
#steganography
#npmsecurity
#malwaredetection
#cyberattacktrends

Steganographic Use of QR Codes in Cybersecurity: The Fezbox npm Package Incident

Explore how attackers used QR codes and steganography in the fezbox npm package to evade detection and deliver malware in open-source ecosystems.

The DefendOps Diaries
The DefendOps DiariesSep 23

A QR code turned Trojan horse? A crafty npm package used hidden QR codes to smuggle cookie-stealing malware, evading detection in plain sight. How safe is our open-source world?

https://thedefendopsdiaries.com/steganographic-use-of-qr-codes-in-cybersecurity-the-fezbox-npm-package-incident/

#qrsecurity
#steganography
#npmsecurity
#malwaredetection
#cyberattacktrends

Steganographic Use of QR Codes in Cybersecurity: The Fezbox npm Package Incident

Explore how attackers used QR codes and steganography in the fezbox npm package to evade detection and deliver malware in open-source ecosystems.

The DefendOps Diaries
⚯ Michel de Cryptadamus ⚯Sep 8, 2025

Used some #AI to jury rig a basic API documentation site for The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data.

* GitHub: https://github.com/michelcrypt4d4mus/yaralyzer
* PyPi: https://pypi.org/project/yaralyzer/
* API documentation: https://michelcrypt4d4mus.github.io/yaralyzer/api/
* Can also be installed (indirectly) via homebrew if you install The #Pdfalyzer (different tool)

#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

⚯ Michel de Cryptadamus ⚯Jul 30, 2025

Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.

https://universeodon.com/@cryptadamist/114768170683991686

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

⚯ Michel de Cryptadamus ⚯ (@[email protected])

Attached: 1 image Just published version 1.16.6 of The Pdfalyzer, the surprisingly popular tool for analyzing (possibly malicious) PDFs I created after my own unpleasant encounter with such a creature. Includes a (kind of janky) #YARA rule for #GIFTEDCROOK infostealer PDFs. * Github: https://github.com/michelcrypt4d4mus/pdfalyzer * Pypi: https://pypi.org/project/pdfalyzer/ * Homebrew: https://formulae.brew.sh/formula/pdfalyzer #pypi #python #pdf #pdfs #malware #Threatassessment #maldoc #malwareanalysis #homebrew #infosec #cybersecurity #yararule

Universeodon Social Media
⚯ Michel de Cryptadamus ⚯Jul 30, 2025

just released version 1.0.1 of The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data. Fixes a small bug when trying to choose a byte offset to force a UTF-16 or UTF-32 decoding of matched bytes.

someone set up Yaralyzer as a #Kali package; not sure if that's made it into a release yet but if not the links are below.

https://universeodon.com/@cryptadamist/113642071681749608

#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

⚯ Michel de Cryptadamus ⚯ (@[email protected])

Attached: 1 image just pushed a new release of The Yaralyzer, my unexpectedly popular tool for visually inspecting the output of #YARA scans with a lot of colors. example output below. change is small: it can now use a directory full of YARA rules files without renaming them all to end in .yara. https://github.com/michelcrypt4d4mus/yaralyzer someone has packaged this tool for Kali Linux though I don't know if it's in the distro yet. also available for macOS homebrew via an installer someone made for The Pdfalyzer. Thomas Roccia at #Microsoft was also kind enough to make The Yaralyzer available via a web interface: https://x.com/fr0gger_/status/1749690000478974283 #malware #infosec #cybersecurity #kali #KaliLinux #YARArules #malwaredetection #threathunting #reverseEngineering #malwareAnalysis #reversing #yaralyze #yaralyzer #pdfalyze #pdfalyzer #detectionengineering

Universeodon Social Media