Recently joined a cool IR/Threat Intel focused community on discord and the creator just built an awesome blog platform built on github for sharing articles on malware analysis/reverser engineering/incident response.
You can post directly to the blog itself, or link your external blog and it looks and functions really well!
Check it out at https://irchaos.club !
🦀 I'm excited to announce that I am starting a training firm, @decoderloop, focused on providing Rust Reverse Engineering training! https://decoderloop.com/
The tools, techniques, and resources that reverse engineers have were built for the era of C. Meanwhile, malware authors and software developers alike are rapidly switching to modern programming languages such as Rust. Decoder Loop is here to fill the knowledge gap and level the playing field, for reverse engineers facing modern binaries.
We hope to come to a conference near you, next year. If you'd like to stay notified on upcoming trainings: follow us at @decoderloop, or sign up on our mailing list at https://decoderloop.com/contact/#training-signup-form
I'll also be at @ringzer0 COUNTERMEASURE on November 7 in Ottawa, Canada, giving a Rust RE focused workshop! Come say hi if you're there, and let's chat Rust RE!
#ReverseEngineering #MalwareAnalysis #rust #rustlang #infosec #training #cybersecurity
In a recent IR case I had to review Dameware Remote Everywhere Logs, and, being a lover of RMM logs far and wide, I like to try and glean as much from them as possible. I was disappointed when I could not find any overview of these logs on the interwebs, so I decided to write a reference with as much detail as I could from my own testing.
Please let me know if you have anything I should add or anything is incorrect!
Hope this can be useful to you in the future 🙂
https://blog.dingusxmcgee.com/blog/2025/10/13/Dameware-Remote-Everywhere-Log-Reference.html
An important part of an incident response investigation is reviewing logs, whether that be from disparate, disconnected systems, or in a central SIEM, log review is critical to understanding system and user activity as well as gauging risk and impact. In this post, we’re going to look at Dameware Remote Everywhere logs.
@cR0w pushed out a quick and dirty overview of what I found in the contents of the malicious template files, followed by a backdoor for additional execution.
https://blog.dingusxmcgee.com/blog/2025/10/06/Its-Java-All-The-Way-Down.html
Quick and dirty blog post on observed malicious java code as a result of exploitation of recent Oracle CVEs.
Please let me know if I goofed anything up, not a Java expert for sure :D
https://blog.dingusxmcgee.com/blog/2025/10/06/Its-Java-All-The-Way-Down.html
Our technical deep-dive about AppSuite PDF Editor backdoor is out 📝👇
https://www.gdatasoftware.com/blog/2025/08/38257-appsuite-pdf-editor-backdoor-analysis
#GDATA #GDATATechblog #AppSuite
Cindʎ Xiao 🍉
Jesko Hüttenhain
Karsten Hahn