1c:I[5025,["2266","static/chunks/870fdd6f-6bc796c30d2d789b.js","6874","static/chunks/6874-1092c3b716d98184.js","3063","static/chunks/3063-d60ec0b08e19cd33.js","7698","static/chunks/7698-29ba5779557874ff.js","5801","static/chunks/app/podcast/%5BpodcastSlug%5D/%5BpodcastShortId%5D/%5BepisodeSlug%5D/%5BepisodeShortId%5D/page-b8b82ab127fe442b.js"],"default"] 1d:I[5163,["2266","static/chunks/870fdd6f-6bc796c30d2d789b.js","6874","static/chunks/6874-1092c3b716d98184.js","3063","static/chunks/3063-d60ec0b08e19cd33.js","7698","static/chunks/7698-29ba5779557874ff.js","5801","static/chunks/app/podcast/%5BpodcastSlug%5D/%5BpodcastShortId%5D/%5BepisodeSlug%5D/%5BepisodeShortId%5D/page-b8b82ab127fe442b.js"],"default"] 1e:T76c,
The Unbreakable Multi-Layer Anti-Debugging System
Xavier found a nice Python script that included what it calls the "Unbreakable Multi-Layer Anti-Debugging System". Leave it up to Xavier to tear it appart for you.
https://isc.sans.edu/diary/The%20Unbreakable%20Multi-Layer%20Anti-Debugging%20System/31658
Take my money: OCR crypto stealers in Google Play and App Store
Malware using OCR on screen shots was available not just via Google Play, but also the Apple App Store.
https://securelist.com/sparkcat-stealer-in-app-store-and-google-play-2/115385/
Threat Actors Still Leveraging Legit RMM Tool ScreenConnect
Unsurprisingly, threat actors still like to use legit remote admin tools, like ScreenConnect, as a command and control channel. Silent Push outlines the latest trends and IoCs they found
https://www.silentpush.com/blog/screenconnect/
Cisco Identity Services Engine Insecure Java Deserialization and Authorization Bypass Vulnerabilities
Java deserializing strikes again to allow arbitrary code

‌

Episode description

SANS Internet Stormcast Feb 7th 2025: Unbreakable Anti-Debugging;

Episode description