Here are my notes on using a Python virtual environment with IDA Pro:

https://williballenthin.com/post/using-a-virtualenv-for-idapython/

#idapro

A new version of #Latrodectus is out 📣🔥

Version: 1.9
Campaign: Mimikast

The corresponding botnet C2s have been caught earlier today by @r0ny_123 🎣
📡https://threatfox.abuse.ch/browse/malware/win.latrodectus/

The relevant malware sample is available on MalwareBazaar:
📄 https://bazaar.abuse.ch/sample/762d06bfa27f703890e9eda2ba03189518c87c85826621126545cf4c78f4194c/

@joxean does this sound similar to IDAPro Lumina?

Revisiting 2 of the 5 docs from the Snowden leaks that mention 'cookies'.

GCHQ 2009 on 'target detection identifiers':
https://snowden.glendon.yorku.ca/items/show/188/

NSA 2011 on 'selector types':
https://snowden.glendon.yorku.ca/items/show/172

...featuring cookie/browser IDs from Google/Doubleclick, Facebook, Microsoft and many more.

It's breathtaking how the surveillance marketing industry has still managed to claim for many years that unique personal identifiers processed in the web browser are 'anonymous', and sometimes still does.

Drafting an #idaplugin to add a few extra features to #ida

Customized IDA Exports screen to make it easier to find exports that are not just the single instruction `retn`

Check it out at: https://github.com/xorhex/IDAExtras

@qutluch @xorhex looking forward to both of you! ;)

@joxean I used both #Bindiff and #Diaphora in the past, but these days only #Diaphora because #BinDiff is lacking new algorithms/heuristics for efficient and reliable matching which I suspect, is not the case internally for Google.