Excited to teach my class on software deobfuscation in Paris at @hexacon_fr Oct 6β9, 2025!
Learn advanced techniques to defeat state-of-the-art obfuscation in DRMs & APT malware.
https://www.hexacon.fr/trainer/blazytko/
#reverseengineering #malware #malwareanalysis #softwaresecurity
Our Houston-based client is looking for a π πΏπ²πΊπΌππ² π (must be in Mexico) Senior Email Security Analyst with experience with Abnormal Security or a similar email security platform. If you're interested, please apply in English :
https://recruiterflow.com/nsc/jobs/38
#Remote #WFH #Mexico #EmailSecurity #AbnormalSecurity #MalwareAnalysis #Phishing #Nearshore #CybersecurityJobs
MalChela v2.1 Released: Smoother Workflows, Easier Tool Integration
π§° A Toolkit That Grows With You
Version 2.1 of MalChela, the modular digital forensics and malware analysis launcher, is now available. This release focuses on flexibility and simplicity β especially when integrating third-party tools and refining workflows between CLI and GUI.
Whether youβre testing suspicious files, generating YARA rules, or examining malware indicators from different sources, the updated interface helps you move fluidly from one tool to another β without losing your place or rewriting commands.
π Run, Re-run, Refine
One of the most helpful improvements in 2.1 is the ability to quickly rerun tools with updated arguments. Thereβs no need to backtrack or manually rebuild command lines. Just update the Arguments field in the GUI, click Run, and MalChela will handle the rest.
If youβre pivoting between tools like mstrings, pdf-parser, or capa, the consistent interface lets you switch input, adjust flags, and review results in one console β no clutter, no confusion.
π Integration Made Easy
You can now seamlessly add external tools β including Python scripts, native binaries, or custom Rust programs β using just the tools.yaml configuration file. Each tool can define:
The GUI reads these definitions and builds a dynamic interface to support them, removing the guesswork of launching external programs.
πΎ One Report to Rule Them All
In past versions, you might have seen multiple output files for a single run β especially when running scripts that already saved their own logs. Thatβs no longer the case.
With 2.1, all tools now produce a single unified report when run through the GUI. Even scripts that donβt natively generate output will have their results captured and saved by MalChela, giving you clean, consistent documentation for every tool.
π CLI Power, GUI Convenience
MalChela still supports CLI-based workflows (cargo run -p toolname) and a menu-driven terminal launcher. But the GUI now offers a refined experience for analysts who want more visibility, easier input selection, and better organization of results β without losing the precision of command-line control.
π Try It Out
MalChela is open-source and free to use. You can:
π₯ A Video Tour
If you havenβt seen it yet, be sure to check out the YouTube video where I walk through some of the different functions in MalChela in the new GUI, stepping through basic static analysis to yara rule writing β all in minutes.
π Thank You
A huge thank you to the community of forensic analysts and developers who continue to test, refine, and inspire this project. If you have feedback, feature ideas, or tools youβd like to see integrated β reach out, submit a PR, or just let me know whatβs working.
#DFIR #digitalforensics #Forensics #MalChela #Malware #MalwareAnalysis #malwareanalysis #opensource #Rust #rustlang #threatintel #yara
Our Houston-based client is looking for a π πΏπ²πΊπΌππ² π (must be in Mexico) Senior Email Security Analyst with experience with Abnormal Security or a similar email security platform. If you're interested, please apply in English :
https://recruiterflow.com/nsc/jobs/38
#Remote #WFH #Mexico #EmailSecurity #AbnormalSecurity #MalwareAnalysis #Phishing #Nearshore #CybersecurityJobs
π± Can honeypots keep pace with next-gen smishing?
Weβre excited to welcome Sharad Agarwal to #Honeynet2025 in Prague to present Staying Up-to-Date with SMS Scams β showcasing a honeypot catching real-world scams across SMS, RCS, and iMessage.
π
June 2β4, 2025
π https://prague2025.honeynet.org
#honeynet #cybersecurity #deception #honeypots #infosec #prague #praguetoday #SecurityConference #ThreatIntel #MalwareAnalysis #PragueEvents
π΅οΈββοΈ Can attackers spot open-source honeypots before taking the bait?
Weβre excited to welcome Anastasiia Dorosh to #Honeynet2025 in Prague to present Detecting Open-Source Honeypots β uncovering subtle signs in Cowrie, Conpot, Dionaea, Glastopf, and how detection can be scaled with tools like Nuclei.
π
June 2β4, 2025
π https://prague2025.honeynet.org
#honeynet #cybersecurity #deception #honeypots #infosec #prague #praguetoday #SecurityConference #ThreatIntel #MalwareAnalysis #PragueEvents
π€ How do botnets quietly stage malware before an attack β and how can we catch them?
Weβre excited to welcome Murtuza Ali to #Honeynet2025 in Prague to present Bot-any of Stagers β exploring RCE botnets, reactive telescopes, and new disruption methods.
π
June 2β4, 2025
π https://prague2025.honeynet.org
#honeynet #cybersecurity #deception #honeypots #infosec #prague #praguetoday #SecurityConference #ThreatIntel #MalwareAnalysis #PragueEvents
I recorded a brief video, walking through some of the different functions in MalChela in the new GUI, stepping through basic static analysis to yara rule writing - all in minutes.β¨β¨https://youtu.be/hI1EqojI1DA
#DFIR #MalwareAnalysis #YARA #MITRE #Rust
MalChela: https://github.com/dwmetz/MalChela
PS: Looks great on REMnux. #DFIR #MalwareAnalysis https://infosec.exchange/@dwmetz/114399000282866629
π€ Can generative AI fake a shell convincingly enough to fool attackers?
Weβre excited to welcome Muris SladiΔ to #Honeynet2025 in Prague to present VelLMes β an LLM-powered deception framework simulating SSH, MySQL, POP3 & more.
π
June 2β4, 2025
ποΈ Early birds open!
π https://prague2025.honeynet.org
#honeynet #cybersecurity #deception #honeypots #infosec #prague #praguetoday #SecurityConference #ThreatIntel #MalwareAnalysis #PragueEvents
In a previous article of JPCERT/CC Eyes, we reported on SPAWNCHIMERA malware, which infects the target after exploiting the vulnerability in Ivanti Connect Secure. #MalwareAnalysis #CyberSecurity
https://blogs.jpcert.or.jp/en/2025/04/dslogdrat.html
New Open-Source Tool Spotlight π¨π¨π¨
Mandiant's `capa` analyzes executable files to pinpoint their capabilities. From detecting HTTP communications to identifying persistence mechanisms, it helps analysts assess malware functionality quickly. Supports PE, ELF, .NET, shellcode, and sandbox reports. #malwareanalysis #cybersecurity
π Project link on #GitHub π https://github.com/fireeye/capa
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
β β¨
π P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking π»π΄ββ οΈ
The dangers of cheap IOT smart devices and malware. Takeaway: be highly suspicious of even something so innocent seeming as a photo frame.
https://gist.github.com/iansinclair/c32aeafdc84e641c537a0a6c549f30b9
Experts report that a new social engineering technique is using ClickFix Captcha to deliver malware like Quakbot, effectively bypassing traditional security measures and posing a significant threat. #MalwareAnalysis #CyberSecurity https://darkatlas.io/blog/delivering-trojans-via-clickfix-captcha
Whoa, seeing a serious evolution in malware campaigns lately! π€― Multi-stage attacks? They're definitely gaining traction, mainly because they're so good at slipping past detection systems. We're talking attack chains like Email -> Zip -> JavaScript -> PowerShell β it's turned into a real gauntlet for security teams to navigate.
Hereβs something that keeps catching my eye, though: way too many companies seem to be leaning *very* heavily on just their automated tools. Look, automation is absolutely vital, no doubt about it. *But*, when you're facing down these increasingly sophisticated threats, you really can't skip having experienced penetration testers in the mix.
Why? Because these pros think like the attackers. They actively hunt for those sneaky vulnerabilities that automated tools often just don't catch.
So, it really begs the question: Are businesses *truly* investing enough in their offensive security measures, or is this an area where corners are being cut?
With our team at Stratosphere Laboratory AIC FEE CTU, we are organising this year's Honeynet Project Workshop 2025 in Prague!
It will be a unique space to share your passion for deception technologies, honeypots, and cybersecurity with industry leaders and fellow researchers!
π We are looking for sponsors who want to support deception research!
π Early birds are still open until April 29th! Grab your tickets!
π Last days to submit your training and talks proposals!
π Students can apply for a CΓ©dric Blancher Memorial Scholarship!
This is the first time the conference is coming to Prague, with previous editions hosted in Copenhagen (2024), Innsbruck (2019), Taipei (2018), Canberra (2017), San Antonio (2016), Stavanger (2015), Warsaw (2014), Dubai (2013), San Francisco (2012), Paris (2011), Mexico City (2010) and Kuala Lumpur (2009).
What a unique opportunity!
π https://prague2025.honeynet.org/
Boost and help us spread the word! πΎ
#honeynet #cybersecurity #deception #honeypots #infosec #prague #praguetoday #SecurityConference #ThreatIntel #MalwareAnalysis #PragueEvents
Mining for Mismatches: Detecting Executables Disguised as Image Files #rust #dfir #MalwareAnalysis #YARA
New Open-Source Tool Spotlight π¨π¨π¨
Want a Windows VM tailored for malware analysis and reverse engineering? FLARE-VM automates setup with Chocolatey and Boxstarter, offering a curated toolbox. Just meet the requirements: Win10+, PowerShell5+, 60GB+ disk. Ideal for secure sandboxing. #ReverseEngineering #MalwareAnalysis
π Project link on #GitHub π https://github.com/fireeye/flare-vm
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
β β¨
π P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking π»π΄ββ οΈ
Inside the Mind of a Hacker #CyberSecurity #HackerMindset #DigitalDefense #InfoSec #CyberThreats #TTPs #PhishingAwareness #PrivilegeEscalation #NetworkSecurity #MalwareAnalysis #EthicalHacking #OpSec #BlueTeam #RedTeam #CyberIntel #DeadSwitch #CyberGhost #KnowYourEnemy #SilenceIsTactical #FearTheSwitch
http://tomsitcafe.com/2025/04/08/inside-the-mind-of-a-hacker/
