Karsten Hahn
@struppigel.bsky.social
For anyone who wants to understand certificates better and how to spot abuse,
this is a great read
certcentral.org/training
this is a great read
certcentral.org/training
November 13, 2025 at 3:12 PM
For anyone who wants to understand certificates better and how to spot abuse,
this is a great read
certcentral.org/training
this is a great read
certcentral.org/training
My #VirusBulletin2025 loot 😍
I also met someone from vxunderground and all I got was this lousy sticker
I also met someone from vxunderground and all I got was this lousy sticker
September 30, 2025 at 12:20 PM
My #VirusBulletin2025 loot 😍
I also met someone from vxunderground and all I got was this lousy sticker
I also met someone from vxunderground and all I got was this lousy sticker
IDA, why are you doing this?
I lost my work because IDA refused to save. I needed to reboot the system to get network connection again. Without network there is no licensing server available.
Surely there must be a better way to not loose work?
I lost my work because IDA refused to save. I needed to reboot the system to get network connection again. Without network there is no licensing server available.
Surely there must be a better way to not loose work?
August 27, 2025 at 3:22 AM
IDA, why are you doing this?
I lost my work because IDA refused to save. I needed to reboot the system to get network connection again. Without network there is no licensing server available.
Surely there must be a better way to not loose work?
I lost my work because IDA refused to save. I needed to reboot the system to get network connection again. Without network there is no licensing server available.
Surely there must be a better way to not loose work?
These PDF editors are functional but each contain a backdoor
➡️https://virustotal.com/gui/file/fde67ba523b2c1e517d679ad4eaf87925c6bbf2f171b9212462dc9a855faa34b
bazaar.abuse.ch/sample/17355...
URLs
pdfreplace(dot)com
pdfmeta(dot)com
pdfartisan(dot)com
appsuites(dot)ai
#TamperedChef
➡️https://virustotal.com/gui/file/fde67ba523b2c1e517d679ad4eaf87925c6bbf2f171b9212462dc9a855faa34b
bazaar.abuse.ch/sample/17355...
URLs
pdfreplace(dot)com
pdfmeta(dot)com
pdfartisan(dot)com
appsuites(dot)ai
#TamperedChef
August 20, 2025 at 3:15 PM
These PDF editors are functional but each contain a backdoor
➡️https://virustotal.com/gui/file/fde67ba523b2c1e517d679ad4eaf87925c6bbf2f171b9212462dc9a855faa34b
bazaar.abuse.ch/sample/17355...
URLs
pdfreplace(dot)com
pdfmeta(dot)com
pdfartisan(dot)com
appsuites(dot)ai
#TamperedChef
➡️https://virustotal.com/gui/file/fde67ba523b2c1e517d679ad4eaf87925c6bbf2f171b9212462dc9a855faa34b
bazaar.abuse.ch/sample/17355...
URLs
pdfreplace(dot)com
pdfmeta(dot)com
pdfartisan(dot)com
appsuites(dot)ai
#TamperedChef
Nikola Knežević created an overview of AsyncRAT forks and how they relate to each other. Great research.
#AsyncRAT #QuasarRAT
www.welivesecurity.com/en/eset-rese...
#AsyncRAT #QuasarRAT
www.welivesecurity.com/en/eset-rese...
July 16, 2025 at 5:25 AM
Nikola Knežević created an overview of AsyncRAT forks and how they relate to each other. Great research.
#AsyncRAT #QuasarRAT
www.welivesecurity.com/en/eset-rese...
#AsyncRAT #QuasarRAT
www.welivesecurity.com/en/eset-rese...
This curious wanna-be Batch virus appeared already on several systems. But why?
autoexec.NT does not work anymore and it has an endless loop that pretends to scan.
Did not find any tmp.bat yet. Not sure it even exists.
www.virustotal.com/gui/file/e28...
autoexec.NT does not work anymore and it has an endless loop that pretends to scan.
Did not find any tmp.bat yet. Not sure it even exists.
www.virustotal.com/gui/file/e28...
February 10, 2025 at 7:32 PM
This curious wanna-be Batch virus appeared already on several systems. But why?
autoexec.NT does not work anymore and it has an endless loop that pretends to scan.
Did not find any tmp.bat yet. Not sure it even exists.
www.virustotal.com/gui/file/e28...
autoexec.NT does not work anymore and it has an endless loop that pretends to scan.
Did not find any tmp.bat yet. Not sure it even exists.
www.virustotal.com/gui/file/e28...