Look At This Photograph - Passively Downloading Malware Payloads Via Image Caching 文章描述了一种结合ClickFix和FileFix的网络钓鱼技术，并通过Cache Smuggling将恶意软件隐藏在浏览器缓存中。作者提出了一种改进方法，利用JPG图像的Exif数据存储payload以提高隐蔽性，并展示了如何通过PowerShell提取和执行隐藏的恶意代码。... 2025-10-24 19:45:0 | 阅读: 8 | 收藏 | MalwareTech - malwaretech.com exif payload powershell 13371337 filefix

Every Reason Why I Hate AI and You Should Too 文章探讨了大型语言模型（LLMs）的局限性及其在当前AI热潮中的地位。作者认为LLMs本质上是统计模式匹配工具，并不具备真正的推理能力。尽管当前AI技术被过度炒作并吸引了大量投资，但其实际应用价值有限。文章还指出，企业对AI的投入更多是出于对未来的恐惧和营销需求，而非真正的技术突破。... 2025-8-4 08:12:0 | 阅读: 22 | 收藏 | MalwareTech - malwaretech.com llms llm reasoning agi humans

The US Needs A New Cybersecurity Strategy: More Offensive Cyber Operations Isn't It 文章讨论了中美之间的网络攻击问题，特别是“盐台风”事件及其引发的“以牙还牙”策略讨论。作者分析了中国对美国电信网络的攻击以及美国可能采取的报复措施，指出这种策略可能无法有效 deterrence。文章还探讨了网络防御的重要性，并强调美国需要加强网络安全立法和基础设施保护以应对日益复杂的 cyber threats.... 2025-3-28 05:23:0 | 阅读: 20 | 收藏 | MalwareTech - malwaretech.com security typhoon wannacry military

Exploiting the Windows Kernel via Malicious IPv6 Packets (CVE-2024-38063) Since the latest Windows patch dropped on the 13th of August I’ve been deep in the weeds of tcpip.s... 2024-8-27 14:46:0 | 阅读: 66 | 收藏 | MalwareTech - malwaretech.com fragment reverse memory

Bypassing EDRs With EDR-Preloading Previously, I wrote an article detailing how system calls can be utilized to bypass user mode EDR h... 2024-2-13 13:22:0 | 阅读: 20 | 收藏 | MalwareTech - malwaretech.com edrs apc appverifier

Silly EDR Bypasses and Where To Find Them Recently I was testing some EDR’s abilities to detect indirect syscalls, and I had an idea for a qu... 2023-12-27 09:40:0 | 阅读: 13 | 收藏 | MalwareTech - malwaretech.com hardware dword64 hooked breakpoints

An Introduction to Bypassing User Mode EDR Hooks Recently I got back into malware research and was going through some of my old notes for an articl... 2023-12-25 15:0:0 | 阅读: 18 | 收藏 | MalwareTech - malwaretech.com ssn hooked ssdt memory edrs

It might Be Time to Rethink Phishing Awareness In the wake of the MGM news, I thought it a good time to discuss phishing awareness.It’s rumored t... 2023-9-21 01:57:0 | 阅读: 23 | 收藏 | MalwareTech - malwaretech.com phishing security lures victim failing

A Realistic Look at Implications of ChatGPT for Cybercrime Recently there’s been a lot of bold claims about how ChatGPT is going to revolutionize the cybercri... 2023-2-21 21:15:0 | 阅读: 26 | 收藏 | MalwareTech - malwaretech.com chatgpt phishing python chrome translate

TikTok is a National Security Risk, Not A Privacy One Yesterday lawmakers introduced a bill to ban TikTok.But is an outright ban the right course of act... 2022-12-16 01:15:0 | 阅读: 18 | 收藏 | MalwareTech - malwaretech.com clipboard ban influence gathers posed

TikTok is a National Security Risk, Not A Privacy One Yesterday lawmakers introduced a bill to ban TikTok.But is an outright ban the right course of act... 2022-11-25 02:58:0 | 阅读: 6 | 收藏 | MalwareTech - malwaretech.com clipboard ban influence security starbucks

Everything you need to know about the OpenSSL 3.0.7 Patch (CVE-2022-3602 & CVE-2022-3786) Discussion thread: https://updatedsecurity.com/topic/9-openssl-vulnerability-cve-2022-3602-cve-2022... 2022-11-1 18:27:40 | 阅读: 13 | 收藏 | malwaretech.com client malicious software overflow windows

[Video] Introduction to Use-After-Free Vulnerabilities | UserAfterFree Challenge Walkthrough (Part: 1) May 03, 2022VideosVulnerability ResearchMarcus HutchinsAn introduction to Use-Aft... 2022-5-3 09:22:49 | 阅读: 10 | 收藏 | malwaretech.com hutchins marcus malwaretech windows analysis

[Video] Exploiting Windows RPC – CVE-2022-26809 Explained | Patch Analysis Cyber Security, Tech, Analysis.HomeForumSpeakingSponsorsAbout MeContact... 2022-4-24 05:13:1 | 阅读: 26 | 收藏 | malwaretech.com analysis security speaking sponsors walking

An in-depth look at hacking back, active defense, and cyber letters of marque There has been much discussion in cyber security about the possibility of enabling the private sect... 2021-11-18 03:16:16 | 阅读: 10 | 收藏 | malwaretech.com attacker whilst acdc defenders security

How I Found My First Ever ZeroDay (In RDP) Up until recently, I’d never tried the bug hunting part of vulnerability research. I’ve been revers... 2021-1-1 07:36:41 | 阅读: 17 | 收藏 | malwaretech.com client bluekeep windows mouse microsoft

BlueKeep: A Journey from DoS to RCE (CVE-2019-0708) Due to the serious risk of a BlueKeep based worm, I’ve held back this write-up to avoid advancing t... 2019-9-7 07:21:50 | 阅读: 34 | 收藏 | malwaretech.com paged shellcode memory vtable windows

DejaBlue: Analyzing a RDP Heap Overflow In August 2019 Microsoft announced it had patched a collection of RDP bugs, two of which were worma... 2019-8-20 00:23:17 | 阅读: 7 | 收藏 | malwaretech.com v11 0x2000 decompress dvc

YouTube’s Policy on Hacking Tutorials is Problematic Recently YouTube changed its policy on “hacking” tutorials to an essential blanket ban. In the past... 2019-7-4 07:57:17 | 阅读: 10 | 收藏 | malwaretech.com youtube unethical ethical security gun

Analysis of CVE-2019-0708 (BlueKeep) I held back this write-up until a proof of concept (PoC) was publicly available, as not to cause an... 2019-6-1 06:1:3 | 阅读: 13 | 收藏 | malwaretech.com t120 mcsportdata ctxtw