Jul Ismail
@julismail.bsky.social
Lecturer, love sports, malware, security, books and movies
Https://julismail.staff.telkomuniversity.ac.id
Https://julismail.staff.telkomuniversity.ac.id
Reposted by Jul Ismail
The Google Cloud security team has spotted Chinese cyber-espionage group APT41 deploy the TOUGHPROGRESS malware in recent attacks, a backdoor that uses Google Calendar as a command-and-control channel
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
May 29, 2025 at 12:13 PM
The Google Cloud security team has spotted Chinese cyber-espionage group APT41 deploy the TOUGHPROGRESS malware in recent attacks, a backdoor that uses Google Calendar as a command-and-control channel
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
Reposted by Jul Ismail
A cybercrime group is applying to real jobs using malicious resumes that deploy malware. Security firm Arctic Wolf linked the attacks to a group known as Venom Spider, or TA4557.
arcticwolf.com/resources/bl...
arcticwolf.com/resources/bl...
Venom Spider Uses Server-Side Polymorphism to Weave a Web Around Victims - Arctic Wolf
Arctic Wolf Labs discovered a new campaign targeting corporate HR departments with fake resumes that drop a malicious backdoor called More_eggs onto their devices.
arcticwolf.com
May 6, 2025 at 9:21 AM
A cybercrime group is applying to real jobs using malicious resumes that deploy malware. Security firm Arctic Wolf linked the attacks to a group known as Venom Spider, or TA4557.
arcticwolf.com/resources/bl...
arcticwolf.com/resources/bl...
Reposted by Jul Ismail
My RECon 2024 presentation is now online!
Check it out if you're at all interested in some novel Android Malware techniques!
(I also released a tool for some clever auto-decompilation)
Check it out if you're at all interested in some novel Android Malware techniques!
(I also released a tool for some clever auto-decompilation)
April 4, 2025 at 5:50 PM
My RECon 2024 presentation is now online!
Check it out if you're at all interested in some novel Android Malware techniques!
(I also released a tool for some clever auto-decompilation)
Check it out if you're at all interested in some novel Android Malware techniques!
(I also released a tool for some clever auto-decompilation)
Reposted by Jul Ismail
🐝💻 Ukrainian drones are now being used to conduct minor cyber operations against Russia, - Forbes
According to Russian video, the variants of malware on the Ukrainian drones are "burning out the USB port, preventing reflashing, or hijacking the repurposed FPV and revealing the operator location."
According to Russian video, the variants of malware on the Ukrainian drones are "burning out the USB port, preventing reflashing, or hijacking the repurposed FPV and revealing the operator location."
April 3, 2025 at 11:57 AM
🐝💻 Ukrainian drones are now being used to conduct minor cyber operations against Russia, - Forbes
According to Russian video, the variants of malware on the Ukrainian drones are "burning out the USB port, preventing reflashing, or hijacking the repurposed FPV and revealing the operator location."
According to Russian video, the variants of malware on the Ukrainian drones are "burning out the USB port, preventing reflashing, or hijacking the repurposed FPV and revealing the operator location."
Selamat hari raya, mohon maaf lahir dan batin, Taqabbalallahu Minna wa minkum, Eid Mubarak
March 30, 2025 at 11:17 PM
Selamat hari raya, mohon maaf lahir dan batin, Taqabbalallahu Minna wa minkum, Eid Mubarak
Reposted by Jul Ismail
Hello, I wrote a new blog analyzing a sample from a recent APT37 phishing attack.
zw01f.github.io/malware%20an...
Would love to hear your feedback!
#RokRat #APT37 #ScarCruft #malware #APT #MalwareAnalysis #Infosec
zw01f.github.io/malware%20an...
Would love to hear your feedback!
#RokRat #APT37 #ScarCruft #malware #APT #MalwareAnalysis #Infosec
APT37 - RokRat
An in-depth analysis of APT37’s latest campaign leveraging fileless RokRat malware
zw01f.github.io
March 9, 2025 at 10:09 PM
Hello, I wrote a new blog analyzing a sample from a recent APT37 phishing attack.
zw01f.github.io/malware%20an...
Would love to hear your feedback!
#RokRat #APT37 #ScarCruft #malware #APT #MalwareAnalysis #Infosec
zw01f.github.io/malware%20an...
Would love to hear your feedback!
#RokRat #APT37 #ScarCruft #malware #APT #MalwareAnalysis #Infosec
Reposted by Jul Ismail
Malware Infects Linux and macOS via Typosquatted Go Packages
Socket exposes a typosquatting campaign delivering malware to Linux and macOS systems via malicious Go packages. Discover the…
#hackernews #news
Socket exposes a typosquatting campaign delivering malware to Linux and macOS systems via malicious Go packages. Discover the…
#hackernews #news
Malware Infects Linux and macOS via Typosquatted Go Packages
Socket exposes a typosquatting campaign delivering malware to Linux and macOS systems via malicious Go packages. Discover the…
hackread.com
March 7, 2025 at 7:55 PM
Malware Infects Linux and macOS via Typosquatted Go Packages
Socket exposes a typosquatting campaign delivering malware to Linux and macOS systems via malicious Go packages. Discover the…
#hackernews #news
Socket exposes a typosquatting campaign delivering malware to Linux and macOS systems via malicious Go packages. Discover the…
#hackernews #news
Reposted by Jul Ismail
A new botnet named PolarEdge has secretly infected over 2,000 devices over the past two years.
French security firm Sekoia has found the botnet's malware on Cisco and ASUS routers, and QNAP and Synology NAS devices.
blog.sekoia.io/polaredge-un...
French security firm Sekoia has found the botnet's malware on Cisco and ASUS routers, and QNAP and Synology NAS devices.
blog.sekoia.io/polaredge-un...
February 25, 2025 at 12:17 PM
A new botnet named PolarEdge has secretly infected over 2,000 devices over the past two years.
French security firm Sekoia has found the botnet's malware on Cisco and ASUS routers, and QNAP and Synology NAS devices.
blog.sekoia.io/polaredge-un...
French security firm Sekoia has found the botnet's malware on Cisco and ASUS routers, and QNAP and Synology NAS devices.
blog.sekoia.io/polaredge-un...
Reposted by Jul Ismail
Malware variants that target operational tech systems are very rare – but 2 were found last year
Malware variants that target operational tech systems are very rare – but 2 were found last year
Fuxnet and FrostyGoop were both used in the Russia-Ukraine war
Two new malware variants specifically designed to disrupt critical industrial processes were set loose on operational technology networks last year, shutting off heat to more than 600…
dlvr.it
February 25, 2025 at 11:03 AM
Malware variants that target operational tech systems are very rare – but 2 were found last year
Reposted by Jul Ismail
"Between early November and December 2024, Palo Alto Networks researchers discovered new Linux malware called Auto-color."
Was used to target universities and government offices in North America and Asia, so prolly an APT here
unit42.paloaltonetworks.com/new-linux-ba...
Was used to target universities and government offices in North America and Asia, so prolly an APT here
unit42.paloaltonetworks.com/new-linux-ba...
February 25, 2025 at 10:32 AM
"Between early November and December 2024, Palo Alto Networks researchers discovered new Linux malware called Auto-color."
Was used to target universities and government offices in North America and Asia, so prolly an APT here
unit42.paloaltonetworks.com/new-linux-ba...
Was used to target universities and government offices in North America and Asia, so prolly an APT here
unit42.paloaltonetworks.com/new-linux-ba...
Read my latest #research on #malware, MIDALF—multimodal image and audio late fusion for malware detection published with
@springernature.com
in Eurasip Journal
rdcu.be/eaq8k
@springernature.com
in Eurasip Journal
rdcu.be/eaq8k
MIDALF—multimodal image and audio late fusion for malware detection
rdcu.be
February 21, 2025 at 4:24 AM
Read my latest #research on #malware, MIDALF—multimodal image and audio late fusion for malware detection published with
@springernature.com
in Eurasip Journal
rdcu.be/eaq8k
@springernature.com
in Eurasip Journal
rdcu.be/eaq8k
Reposted by Jul Ismail
#ESETresearch analyzed a campaign by #DeceptiveDevelopment targeting developers with trojanized coding tests. Posing as recruiters, the operators approach their targets on job-hunting platforms, aiming to steal their cryptocurrency wallets and more.
www.welivesecurity.com/en/eset-rese...
🧵 1/6
www.welivesecurity.com/en/eset-rese...
🧵 1/6
DeceptiveDevelopment targets freelance developers
ESET researchers have observed a cluster of North Korea-aligned activities that they named DeceptiveDevelopment and where its operators pose as headhunters and serve their targets with software projec...
www.welivesecurity.com
February 20, 2025 at 8:33 PM
#ESETresearch analyzed a campaign by #DeceptiveDevelopment targeting developers with trojanized coding tests. Posing as recruiters, the operators approach their targets on job-hunting platforms, aiming to steal their cryptocurrency wallets and more.
www.welivesecurity.com/en/eset-rese...
🧵 1/6
www.welivesecurity.com/en/eset-rese...
🧵 1/6
Reposted by Jul Ismail
NEW: Hackers modified a video game to lace it with malware and then put it on Steam with the goal of stealing gamers' passwords —and for a few days, it worked.
Researchers found that the malware is Vidar, and the game was built on top of a pre-existing video game template.
Researchers found that the malware is Vidar, and the game was built on top of a pre-existing video game template.
Hackers planted a Steam game with malware to steal gamers' passwords | TechCrunch
Researchers found that PirateFI was never designed to be a real game, but a vehicle to infect gamers with malware and steal their passwords with an infostealer called Vidar.
techcrunch.com
February 18, 2025 at 5:26 PM
NEW: Hackers modified a video game to lace it with malware and then put it on Steam with the goal of stealing gamers' passwords —and for a few days, it worked.
Researchers found that the malware is Vidar, and the game was built on top of a pre-existing video game template.
Researchers found that the malware is Vidar, and the game was built on top of a pre-existing video game template.
Reposted by Jul Ismail
🚨 Warning to Cybersecurity Researchers: A fake PoC exploit for is circulating, targeting Microsoft's LDAP vulnerability. It delivers info-stealing malware disguised in malicious repositories.
Read: hackread.com/fake-poc-exp...
#CyberSecurity #InfoSec #Malware #Scam
Read: hackread.com/fake-poc-exp...
#CyberSecurity #InfoSec #Malware #Scam
Fake PoC Exploit Targets Cybersecurity Researchers with Malware
Follow us on Bluesky, Twitter (X) and Facebook at @Hackread
hackread.com
January 11, 2025 at 1:56 PM
🚨 Warning to Cybersecurity Researchers: A fake PoC exploit for is circulating, targeting Microsoft's LDAP vulnerability. It delivers info-stealing malware disguised in malicious repositories.
Read: hackread.com/fake-poc-exp...
#CyberSecurity #InfoSec #Malware #Scam
Read: hackread.com/fake-poc-exp...
#CyberSecurity #InfoSec #Malware #Scam
Reposted by Jul Ismail
The U.S. Department of Justice announced today that the FBI has deleted Chinese #PlugX malware from over 4,200 computers in networks across the United States. #Malware #MustangPanda #CyberSecurity www.bleepingcomputer.com/news/securit...
FBI wipes Chinese PlugX malware from over 4,000 US computers
The U.S. Department of Justice announced today that the FBI has deleted Chinese PlugX malware from over 4,200 computers in networks across the United States.
www.bleepingcomputer.com
January 15, 2025 at 12:29 AM
The U.S. Department of Justice announced today that the FBI has deleted Chinese #PlugX malware from over 4,200 computers in networks across the United States. #Malware #MustangPanda #CyberSecurity www.bleepingcomputer.com/news/securit...
Reposted by Jul Ismail
Hewlett Packard report that they are spotting AI-generated malware in the wild, not through complex analysis or watermarking, but because… it is weirdly well-commented. https://threatresearch.ext.hp.com/wp-content/uploads/2024/09/HP_Wolf_Security_Threat_Insights_Report_September_2024.pdf
December 26, 2024 at 4:01 PM
Hewlett Packard report that they are spotting AI-generated malware in the wild, not through complex analysis or watermarking, but because… it is weirdly well-commented. https://threatresearch.ext.hp.com/wp-content/uploads/2024/09/HP_Wolf_Security_Threat_Insights_Report_September_2024.pdf
Reposted by Jul Ismail
Malware botnets exploit outdated D-Link routers in recent attacks
Malware botnets exploit outdated D-Link routers in recent attacks
Two botnets tracked as 'Ficora' and 'Capsaicin' have recorded increased activity in targeting D-Link routers that have reached end of life or are running outdated firmware versions.
www.bleepingcomputer.com
December 30, 2024 at 7:42 AM
Malware botnets exploit outdated D-Link routers in recent attacks
Reposted by Jul Ismail
Zscaler has discovered a new malware family named NodeLoader that's written in Node.js and works to distribute crypto-miners and information stealers to infected Windows systems
www.zscaler.com/blogs/securi...
www.zscaler.com/blogs/securi...
NodeLoader Exposed: The Node.js Malware Evading Detection
A technical analysis of how a malware campaign using a game cheat lure leverages Node.js to distribute XMRig, Lumma and Phemedrone Stealer.
www.zscaler.com
December 14, 2024 at 5:25 PM
Zscaler has discovered a new malware family named NodeLoader that's written in Node.js and works to distribute crypto-miners and information stealers to infected Windows systems
www.zscaler.com/blogs/securi...
www.zscaler.com/blogs/securi...
Reposted by Jul Ismail
🚨 Malware exploits Avast's anti-rootkit driver to gain kernel-level access and terminate key security processes 💻🛡️
✅ Implement #BYOVD safeguards and deploy expert rules to block vulnerable drivers.
Read: hackread.com/malware-avas...
#CyberSecurity #Malware #Avast
✅ Implement #BYOVD safeguards and deploy expert rules to block vulnerable drivers.
Read: hackread.com/malware-avas...
#CyberSecurity #Malware #Avast
Malware Exploits Avast Anti-Rootkit Driver to Bypass Security Software
Malware exploits legitimate Avast anti-rootkit driver to disable security software. Trellix researchers uncover the attack & provide mitigation steps.
hackread.com
November 25, 2024 at 12:51 PM
🚨 Malware exploits Avast's anti-rootkit driver to gain kernel-level access and terminate key security processes 💻🛡️
✅ Implement #BYOVD safeguards and deploy expert rules to block vulnerable drivers.
Read: hackread.com/malware-avas...
#CyberSecurity #Malware #Avast
✅ Implement #BYOVD safeguards and deploy expert rules to block vulnerable drivers.
Read: hackread.com/malware-avas...
#CyberSecurity #Malware #Avast
Cek afiliasi dinasti politik, bisnis, serta keterlibatan kasus korupsi dari para kandidat dulu guys sebelum nyoblos rekamjejak.net/kandidatpilk...
Pilkada 2024
rekamjejak.net
November 26, 2024 at 11:15 AM
Cek afiliasi dinasti politik, bisnis, serta keterlibatan kasus korupsi dari para kandidat dulu guys sebelum nyoblos rekamjejak.net/kandidatpilk...