vx-underground

06 Apr 2024 05:08

Hello,

We've uploaded quite a few things to vx-underground, including roughly 12,000 new malware samples.

You can see the full list of additions here: https://vx-underground.org/Update%20Notes

vx-underground

05 Apr 2024 20:53

A leader from Israel's Unit 8200 made an OPSEC mistake in a book published in 2021. The mistake resulted in media outlet TheGuardian unveiling his identity today.

https://www.theguardian.com/world/2024/apr/05/top-israeli-spy-chief-exposes-his-true-identity-in-online-security-lapse

vx-underground

04 Apr 2024 17:55

Imagine trying to present an educational video to inform people about the xz backdoor and thousands of people have to see our dumb ass takes 😂😂

vx-underground

04 Apr 2024 08:26

One of our recommendations to nerds to keep up to date with stuff —allocate a binge read day.

1. Bookmark or save interesting tweets

2. Every Thursday, or Tuesday, or whatever, spend an hour, or more reviewing stuff.

3. Flex newly learned stuff to seem cool and badass

vx-underground

04 Apr 2024 00:40

tfw Tuuka can't even see what bad code looks like. Tuuka can physiologically detect bad code like he's in the Matrix

vx-underground

03 Apr 2024 20:31

Doxbin's Telegram has been banned.

vx-underground

03 Apr 2024 01:31

A group of Threat Actors operating under the monikers; IntelBroker, Sanggiero and EnergyWeaponUser claim to have compromised Acuity Inc, a Federal tech consulting firm based out of Reston, Virginia.

The Threat Actors claim to have successfully exfiltrated sensitive information on United States government personnel, and United States allies.

Some data shared shows information on individuals from the Department of Justice, Federal Bureau of Investigation, Department of Homeland Security, and Department of State. The information shared shows employee full name, government e-mail address, and government phone number (and extension if applicable).

Other snippets of data show alleged plans or operations by the United States government (not entirely sure, they're just snippets of text)

We have not verified the authenticity of these files... we're also not entirely sure how we could verify these files 🤔

We are not sure of the size or scale of the files either.

vx-underground

02 Apr 2024 20:52

Amazon has announced they're phasing out their checkout-less grocery stores.

The "Just Walk Out" technology, which was labeled as automatic, was actually thousands of Indian employees monitoring you as you walked through the store.

https://gizmodo.com/amazon-reportedly-ditches-just-walk-out-grocery-stores-1851381116

vx-underground

02 Apr 2024 20:32

Ransomware but it makes everyone watch workplace sensitivity training videos

vx-underground

02 Apr 2024 08:11

Sam Bankman-Fried looks like he's having fun amongst his new esteemed colleagues

vx-underground

01 Apr 2024 18:23

We've uploaded 85,000+ malware samples to vx-underground.

Download it.

vx-underground

01 Apr 2024 15:50

We have no April Fool's day joke planned this year. Please accept this image of a cat instead.

vx-underground

31 Mar 2024 16:16

Hello, how are you?

It is Sunday. Today is a day to rest. We hope everyone had a good week. We hope all of you have a good weekend.

vx-underground

31 Mar 2024 01:34

We made a post congratulating and praising Andres Freund for his discovery of the xz backdoor

Dorks immediately started freaking out

>i WouLd hAvE cAuGhT ThiS
>i dO bEnChMarkS liKe tHiS tOO

How about you be happy for someone? Not everything is an attack on your ego 😤😤

vx-underground

30 Mar 2024 16:11

Microsoft engineer: 500ms lag in liblzma? Something's up.

Also Microsoft engineer: 45 minute lag in Microsoft Teams? Perfect.

vx-underground

06 Apr 2024 02:07

Hello, how are you?

We are testing out an 'update' page which lists new additions. Please note there are no links to the files – you can search them yourself. However, this new listing allows you to look at new additions easier.

Have a nice day.

https://vx-underground.org/Update%20Notes

vx-underground

04 Apr 2024 22:19

Today a couple of media outlets picked up on a patent filed by Roku in 2022. In a brief summary: a patent which allows Roku to slipstream advertisements via the HDMI cable. It would allow content to be paused so advertisements can be displayed.

Link: https://patents.google.com/patent/US20230388589A1/en

vx-underground

04 Apr 2024 08:36

Everytime you see a malicious porn advertisement on Twitter do 1 push up

You in 1 week:

vx-underground

04 Apr 2024 04:47

Yesterday the United States Department of Homeland Security released the Cyber Safety Review Board’s (CSRB) findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion.

They spit in Microsoft's face 😭😭😭

You can read the full independent review here: https://www.cisa.gov/sites/default/files/2024-04/CSRB_Review_of_the_Summer_2023_MEO_Intrusion_Final_508c.pdf

vx-underground

04 Apr 2024 00:28

Tuukka Ojala is a blind software developer. He almost exclusively uses the command line. He relies on text-to-speech and braille to code.

tl;dr completely blind dude is a better coder than you

https://www.vincit.com/blog/software-development-450-words-per-minute

vx-underground

03 Apr 2024 09:45

Good morning, or afternoon, or night.

We've updated the vx-underground APT collection of March, 2024. Later today we will be updating our malware analysis collection from Malpedia. Sometime later this week we will add more papers too.

That's all we've got right now.

Love you

vx-underground

03 Apr 2024 01:09

11.50 PS4 Testkit Pup was leaked online

vx-underground

02 Apr 2024 20:33

Plot twist: companies would rather pay a ransom than watch 8 hours of sensitivity training

vx-underground

02 Apr 2024 20:27

We've updated the vx-underground "The Old New Thing" archive for March, 2024

Please read it or Raymond Chen will haunt you for 35 years

https://vx-underground.org/Archive/The%20Old%20New%20Thing

vx-underground

01 Apr 2024 23:13

Today we learned RecordedFuture's Insikt group is pronounced 'In-sikt' and NOT 'in sync'. No idea where we got the 'N' from – but we did. For several years we thought the organization was named after Justin Timberlake's hit 90's boy band

vx-underground

01 Apr 2024 17:37

Discord has announced they will begin displaying ads to boost revenue

vx-underground

01 Apr 2024 07:53

PandaBuy has been breached by Threat Actors operating under the names "Sanggiero" and "IntelBroker". Exfiltrated data includes:

- UserId
- First name
- Last name
- Phone number
- Email
- Login Ip
- Full address
- Order information

Breach patrons are relatively excited

vx-underground

31 Mar 2024 07:49

Most difficult things to do:

- Climbing Mt. Everest
- Mastering a second language
- Overcoming addiction
- Syncing Outlook

vx-underground

30 Mar 2024 22:55

JiaT75 on GitHub pretending to be an OSS enthusiast and 100% NOT a state-sponsored Threat Actor

vx-underground

30 Mar 2024 14:49

The xz backdoor was initially caught by a software engineer at Microsoft. He noticed 500ms lag and thought something was suspicious.

This is the Silver Back Gorilla of nerds. The internet final boss.