I'm happy to announce that I'll be presenting "yaramail: Open Source Phishing Triage Automation" at this year's Central Ohio ISSA InfoSec Summit. I'll explain how to use my open source tool to automate triage of reported phishing emails by up to 75%! Register ASAP! https://www.infosecsummit.com/website/44575/home/

It's the same talk I presented late last year at Hackers Teaching Hackers. This time, I'm hoping the venue will be able to record the talk for everyone to see later — particularly for the Q & A at the end.

#InfoSec #phishing #YARA #Python #Automation #SOAR #DFIR #ISSA #COISSA #COISSA #COISSAInfoSecSummit

Here's another reason why you should share malware distribution sites on #URLhaus ⬇️⬇️⬇️

We push confirmed malware domains to major public DNS providers, protecting billions of internet users world wide from getting infected with malware 🛡️🪲🛑

Participate in the growing community and contribute confirmed malware sites to URLhaus 🤝 Together we are strong! 💪

👉 https://urlhaus.abuse.ch/browse/

Sharing is caring ❤️

Google search malvertisement for Tor browser leads to Racoon Stealer.

First time I've seen the use of a password on the archive. I had lobbed the sample into VT only to get zero hits. Very unusual. Poking at it I saw that it was password protected and lo behold it was plainly on the site I got it from. Extracted the sample, ZIP'd it back up without a password and fed it to Triage.

tor-vpn[.]com/tor/

2759bf133d68f3fdd6f3c53a4e27634fe9cc90b6df1d852e5854f4bf1a248edc torbrowser-install-win64-12.0.2.rar

https://tria.ge/230206-bng3qafa3v

h/t @cocaman
#malvertising #ioc #ThreatIntel #RacoonStealer

🆕 Just published a new blog post on an #Android #stalkerware analysis:

https://andpalmier.com/posts/stalkerware-analysis/

I’m a frickin genius.

Context: my kid is mildly allergic to citric acid and citric fruit. Brings out eczema. And citric acid is in SO many things. And it’s painful checking ingredients lists for it.

This morning I wondered: can my phone OCR the ingredients list and check it?

My first thought was to make a little web app. But there doesn’t seem to be a OCR in web browsers yet.

But I KNOW my phone can get text from images.

Then…

Apple Shortcuts!!!

CHECK THIS OUT!!!

Promotion of Alternative Social Platforms Policy | Twitter Help https://help.twitter.com/en/rules-and-policies/social-platforms-policy

lol… Elon’s “free speech”

New episode of DISCARDED! We're joined by Sam Scholten and @chicagocyber to talk multi-persona impersonation and using social validation to trick people into engaging with BEC and APT actors. Tune in wherever you get your pods!

Apple: https://podcasts.apple.com/us/podcast/discarded-tales-from-the-threat-research-trenches/id1612506550?i=1000587998591
Spotify: https://open.spotify.com/episode/4LabD3St2qtHyGqAZgrdFJ?si=c9e29c300c3c408f