Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @yorickkoster
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @yorickkoster
-
Yorick Koster Retweeted
Microsoft will no longer require users to enter a password to access their accounts. Instead, they'll have to use an app, a verification code or facial recognition. Check it out
pic.twitter.com/9I379X0MZL
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
#cerberus_v4 Android banking trojan src and builder panel leak is a fact, we are already see an increase in new samples.pic.twitter.com/gC3DsKOrWEThanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
The Community Kit has been growing and now has 60+ projects. The research behind these projects is fantastic. Thanks to everyone who has shared their work. Consider following me and
@CoreAdvisories for updates.https://cobalt-strike.github.io/community_kit/Thanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
As
@splinter_code mentioned, the use of a .JS: (and other) URI can result it pretty trivial code execution of a local script: https://twitter.com/splinter_code/status/1437536703040917509 … IE seems to prompt before using URIs. However, Word using the ITW exploit works fine. Perhaps this is why it's so complicated?pic.twitter.com/3LssUERu27Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
As we promised on Friday, here is an update to our blog on
#SOVA, describing all the new features implemented, like 2FA grabber and automated session stealer.https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html#updates …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
After testing another CVE-2021-40444 sample that works with html+cab payload on a remote web server, I can now confirm that "mhtml:" and "x-usc:" are not needed in the remote OLE URL for the exploit to work. But the double URL http:...!http:... seems required.https://twitter.com/decalage2/status/1436085507663056898 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
CVE-2021-40444 PoCs are being shared on private forums. We will now share the PoC we received. However, additions have been made to what we are releasing. It contains 3 HTML script variants. https://vx-underground[.]org/tmp/CVE-2021-40444.rarpic.twitter.com/fqqmTERETv
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
Not sure if Microsoft fixed this (my VM is unpatched). But it works in explorer preview mode via RTF: https://twitter.com/buffaloverflow/status/1435596990650503168 …pic.twitter.com/H5cdmL8tpX
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
btw, it's not just CVE-2021-40444 that this trick is useful for. For example, it works for other RTF-based vectors too, e.g. https://www.securify.nl/blog/click-me-if-you-can-office-social-engineering-with-embedded-objects … https://twitter.com/buffaloverflow/status/1435607956205326336 …pic.twitter.com/CJrLA2JlbH
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
Several banking,
#cryptocurrency wallets, and shopping apps are the target of a newly discovered#Android trojan that could enable attackers to siphon sensitive data from infected devices, including credentials and open the door for on-device fraud.https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
The new campaign comes with new features: - 2FA stealer - Country checks to defend CIS devices - Telegram API support to receive information - Emulator checks - Manufacturer specific modules - App download support Stay tuned, we will update our blog to tell you more!
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
A new banking trojan S.O.V.A with great ambitions discovered: cookie stealing becoming a new trend. Check out our new blog
#sova:https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html …Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
#Cabassous (#FluBot) 4.9 is out with new overlay targets for Android banking apps in USA, UK
, Ireland
+ Crypto wallets!pic.twitter.com/pwHYY7T4UN
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
Bad news about CVE-2021-40444 detection: after some tests, I can confirm that the remote object URL can be a simple URL, no need for mhtml, x-usc or even the double URL. So no way to detect CVE-2021-40444 just by looking at the URL, you need to get the remote object to find out.https://twitter.com/decalage2/status/1435640605149908992 …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
Good thread on the activeX vulnhttps://twitter.com/JRoosen/status/1435792491899494402 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
Early august our MTI team discovered a new Android banking trojan
#SOVA with fowl intentions: cookie stealer, DDOS, Ransomware, overlays, keylogger, VNC, stay tuned for our new blog!pic.twitter.com/jTcHqug5AAThanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
Things discovered: 1) If you plug in enough USB VID/PID pairs, eventually you'll end up with a Windows system that no longer boots and is not repairable. 2) If you're patient/masochistic enough to single step the area around a sweet spot, you can pinpoint VID:0x0711 PID:0x5824pic.twitter.com/Iost9FWhao
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster RetweetedThanks. Twitter will use this to make your timeline better. UndoUndo
-
Yorick Koster Retweeted
With a majority stake of
@Solvinity in@Securifybv we can make our customers more resilient through knowledge sharing and a strong service portfolio. Watch the video:#news#cybersecurity#managedservicespic.twitter.com/KHCoYCgqO5Thanks. Twitter will use this to make your timeline better. UndoUndo -
Yorick Koster Retweeted
We are proud to announce a strategic partnership with
@Solvinity. From now on we will work together to offer our customers a safe digital environment on all fronts. Read more here: https://www.securify.nl/news/solvinity-neemt-meerderheidsbelang-in-securify …#press release#news#cybersecurity#managedservicespic.twitter.com/wTOVtdLzVPThanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.