Xavier Mertens πŸ‡§πŸ‡ͺ's Avatar

Xavier Mertens πŸ‡§πŸ‡ͺ

@eeksme.bsky.social

A fork of https://twitter.com/xme

209 Followers  |  21 Following  |  39 Posts  |  Joined: 14.11.2023  |  1.643

Latest posts by eeksme.bsky.social on Bluesky

ISC Logo

ISC Logo

Python Bot Delivered Through DLL Side-Loading https://isc.sans.edu/diary/31778

18.03.2025 07:37 β€” πŸ‘ 2    πŸ” 4    πŸ’¬ 0    πŸ“Œ 0

Great talk! πŸ₯³

15.03.2025 07:25 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Good morning from #Insomnihack! I’m here today, ping me if you want to meet!

14.03.2025 08:03 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
ISC Logo

ISC Logo

Shellcode Encoded in UUID's https://isc.sans.edu/diary/31752

10.03.2025 08:30 β€” πŸ‘ 0    πŸ” 5    πŸ’¬ 0    πŸ“Œ 0
Post image

Njrat Campaign Using Microsoft Dev Tunnels isc.sans.edu/diary/31724
#SANSISC

27.02.2025 15:10 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Every once in a while you come across interesting PE Section names

Hello
Guy!

www.virustotal.com/gui/file/051...

19.02.2025 12:45 β€” πŸ‘ 8    πŸ” 2    πŸ’¬ 1    πŸ“Œ 1
Preview
XWorm Cocktail:οΏ½ A Mix of PE data with PowerShell Code - SANS Internet Storm Center

XWorm Cocktail:Β  A Mix of PE data with PowerShell Code isc.sans.edu/diary/31700 #SANSISC

19.02.2025 07:39 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
You've Got Malware: FINALDRAFT Hides in Your Drafts β€” Elastic Security Labs During a recent investigation (REF7707), Elastic Security Labs discovered new malware targeting a foreign ministry. The malware includes a custom loader and backdoor with many features including using...

Monday morning reading with your 0xC0FFEE:
www.elastic.co/security-lab...

17.02.2025 06:30 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
The Danger of IP Volatility - SANS Internet Storm Center The Danger of IP Volatility, Author: Xavier Mertens

The Danger of IP Volatility isc.sans.edu/diary/31688 #SANSISC

15.02.2025 07:28 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
ISC Logo

ISC Logo

Fake BSOD Delivered by Malicious Python Script https://isc.sans.edu/diary/31686

14.02.2025 12:31 β€” πŸ‘ 2    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0

Following back!

07.02.2025 07:27 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

The Unbreakable Multi-Layer Anti-Debugging System isc.sans.edu/diary/31658

06.02.2025 08:22 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
https://securelist.com/sparkcat-stealer-in-app-store-and-google-play/115385/

Be honest… we all do that… taking screenshots of important information! Be careful and don’t keep them for a long time! #InfoStealer #Malware #OCR

t.co/cjI7gNLkW5

06.02.2025 08:11 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
ISC Logo

ISC Logo

From PowerShell to a Python Obfuscation Race! https://isc.sans.edu/diary/31634

29.01.2025 08:41 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
ISC Logo

ISC Logo

Fileless Python InfoStealer Targeting Exodus https://isc.sans.edu/diary/31630

28.01.2025 07:16 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

Let’s wrap up the week with the malware analysis tournament! Wanna join the fun? My next class is in March in London #FOR610 #SANSEMEA

25.01.2025 08:15 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Make Malware Happy isc.sans.edu/diary/31560 #SANSISC

06.01.2025 07:50 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
SwaetRAT Delivery Through Python - SANS Internet Storm Center SwaetRAT Delivery Through Python, Author: Xavier Mertens

SwaetRAT Delivery Through Python isc.sans.edu/diary/31554

03.01.2025 06:46 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
More SSH Fun! - SANS Internet Storm Center More SSH Fun!, Author: Xavier Mertens

More SSH Fun! isc.sans.edu/diary/31542

24.12.2024 06:40 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Modiloader From Obfuscated Batch File - SANS Internet Storm Center Modiloader From Obfuscated Batch File, Author: Xavier Mertens

Modiloader From Obfuscated Batch File isc.sans.edu/diary/31540

23.12.2024 06:33 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Christmas Christmas "Gift" Delivered Through SSH, Author: Xavier Mertens

Christmas "Gift" Delivered Through SSH isc.sans.edu/diary/31538

20.12.2024 11:08 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Interesting read: Windows Server 2022 and MsMpEng.exe www.hexacorn.com/blog/2024/12...

20.12.2024 06:28 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Python Delivering AnyDesk Client as RAT - SANS Internet Storm Center Python Delivering AnyDesk Client as RAT, Author: Xavier Mertens

Python Delivering AnyDesk Client as RAT isc.sans.edu/diary/31524

17.12.2024 08:02 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Is it me or the price of printer cartridges became really insane? @HP has a business more lucrative than #ransomware gangs! Hey Bad Guys, move to the printer business! πŸ‘Ώ

16.12.2024 09:45 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

β€œI see coins everywhere!” 😍

13.12.2024 18:48 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Cyber Defense #Netwars running at full speed in Frankfurt! #SANSEMEA

12.12.2024 18:18 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Full set of Belgian speakers at SANS@Night in Frankfurt tonight! πŸ‡§πŸ‡ͺ The room was full! So exciting! #SANSEMEA

10.12.2024 18:41 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

My last #FOR610 run for this year! Welcome Frankfurt!

09.12.2024 07:16 β€” πŸ‘ 4    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
From a Regular Infostealer to its Obfuscated Version - SANS Internet Storm Center From a Regular Infostealer to its Obfuscated Version, Author: Xavier Mertens

From a Regular Infostealer to its Obfuscated Version isc.sans.edu/diary/31484 #SANSISC

30.11.2024 06:20 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Some attackers look like #scriptkiddies and need a GUI πŸ˜† #Ransomware

27.11.2024 07:46 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@eeksme is following 19 prominent accounts