04/25

Ghosting AMSI: Cutting RPC to disarm AV | by Andrea Bocchetti | Apr, 2025 | Medium

https://medium.com/@andreabocchetti88/ghosting-amsi-cutting-rpc-to-disarm-av-04c26d67bb80
Ghosting AMSI: Cutting RPC to disarm AV | by Andrea Bocchetti | Apr, 2025 | Medium

Microsoft announces fix for CPU spikes when typing in Outlook

https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-fix-for-cpu-spikes-when-typing-in-outlook/
Microsoft announces fix for CPU spikes when typing in Outlook

Cyber Noir Detective

https://mr-r3b00t.github.io/cyber-detective/
Cyber Noir Detective

Deobfuscation techniques: Peephole deobfuscation | CERT Polska

https://cert.pl/en/posts/2025/04/peephole-deobfuscation
Deobfuscation techniques: Peephole deobfuscation | CERT Polska

North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures

https://thehackernews.com/2025/04/north-korean-hackers-spread-malware-via.html
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures

2025 | OffensiveCon

https://www.offensivecon.org/agenda/2025.html
2025 | OffensiveCon

Baltimore City Public Schools data breach affects over 31,000 people

https://www.bleepingcomputer.com/news/security/baltimore-city-public-schools-data-breach-affects-over-31-000-people/
Baltimore City Public Schools data breach affects over 31,000 people

Masking Malicious Memory Artifacts – Part I: Phantom DLL Hollowing

https://www.forrest-orr.net/post/malicious-memory-artifacts-part-i-dll-hollowing
Masking Malicious Memory Artifacts – Part I: Phantom DLL Hollowing

Deploy Hidden Virtual Machine For VMProtections Evasion And Dynamic Analysis

https://r0ttenbeef.github.io/Deploy-Hidden-Virtual-Machine-For-VMProtections-Evasion-And-Dynamic-Analysis/
Deploy Hidden Virtual Machine For VMProtections Evasion And Dynamic Analysis

Craft CMS RCE exploit chain used in zero-day attacks to steal data

https://www.bleepingcomputer.com/news/security/craft-cms-rce-exploit-chain-used-in-zero-day-attacks-to-steal-data/
Craft CMS RCE exploit chain used in zero-day attacks to steal data

SAP fixes suspected Netweaver zero-day exploited in attacks

https://www.bleepingcomputer.com/news/security/sap-fixes-critical-netweaver-flaw-exploited-in-attacks/
SAP fixes suspected Netweaver zero-day exploited in attacks

Bypassing AMSI with Dynamic API Resolution in PowerShell - ROOTFU.IN

https://rootfu.in/bypassing-amsi-with-dynamic-api-resolution-in-powershell/
Bypassing AMSI with Dynamic API Resolution in PowerShell - ROOTFU.IN

Mobile provider MTN says cyberattack compromised customer data

https://www.bleepingcomputer.com/news/security/mobile-provider-mtn-says-cyberattack-compromised-customer-data/
Mobile provider MTN says cyberattack compromised customer data

Code reuse in the age of kCET and HVCI - Slowerzs' blog

https://blog.slowerzs.net/posts/keyjumper/
Code reuse in the age of kCET and HVCI - Slowerzs' blog

Windows "inetpub" security fix can be abused to block future updates

https://www.bleepingcomputer.com/news/microsoft/windows-inetpub-security-fix-can-be-abused-to-block-future-updates/
Windows "inetpub" security fix can be abused to block future updates