Demonstrating one of the most common methods hackers use to get into company networks and what to look out for. Full version coming soon.
Пікірлер: 95
@RobertWallhead3 жыл бұрын
This should be a mandatory new employee video for all companies
@martinrages2 жыл бұрын
No, that would make my job more difficult.
@luna2.0263 жыл бұрын
I watched disrupted video on you and I’m so glad I found your channel
@georgesanderson9183 жыл бұрын
Yes! I love these videos so much!! Just one question, I've always been interested in reversing stuff, and I just want to know when is the next reverse engineering with IDA/Ghidra tutorial gonna be? Anyways thanks
@henchnerd94043 жыл бұрын
ive been looking for a video showcasing this for so long! from a cs student always hungry to learn thank you so much Marcus!
@eros45102 жыл бұрын
Great video, new to InfoSec but I love videos that show how easy it is to get user privilege on a box, really scares everyone else lol
@henchnerd94043 жыл бұрын
This is one of APT28's favorite methods of delivery so happy to see an example finaly! (second comment for the algorithim)
@tehpr0lol3 жыл бұрын
any practical advice for companies who genuinely use macros as part of their Office docs and apps - or are we just saying don't click "enable content"?
@boogaplays1232 күн бұрын
Didnt know you made this video i watched it like 50 times
@hitorinohitorino Жыл бұрын
For companies, this option would only have to be able to run VBA with their own company signature, so outside of Office or Excel files can only be run with a valid signature from their company. That's how it is with us, if I would write a VBA, the admin has to sign it to be able to run the script
@cyberc0l0mbiana3 жыл бұрын
LOVED it! 🔥 Can’t wait for more!
@internetwarrior6663 жыл бұрын
Marcus' cock or the video? Come on you can't be serious this video was basically a role-playing of how every skid these days is infecting each other, it's hardly apt and/or just ransomware groups.. anybody who can access any of the Russian forums and has $100 can get a UD exploit like that for their malware. The method of delivery is not even new and if you were to check the date on the CVE you would notice that Microsoft among others haven't done a very good job dealijg with these exploits considering that some of them still being used date back to 2017.
@astonmuk71183 жыл бұрын
Marcus the geek,, this is great.!
@dalvizar40402 күн бұрын
can i ask a permission to make this video a mandatory and security awarness video for my company? i will include the original owner and crator of course, i really love all your videos it's so helping for me!
@000maestro0003 жыл бұрын
I love companies who give you gaming laptops as work laptop :) seriously though, nice presentation
@kevinalexander49593 жыл бұрын
yeah it's retarded. All that power and juice and size for running an Excel worksheet. Waste of money. Get an ultrabook instead! Gaming laptops are made to game, not try and show off your big lit up PC at work.
@000maestro0003 жыл бұрын
@@kevinalexander4959 its probably not a real work laptop though, this id just a demo...
@tiromandal63993 жыл бұрын
@@kevinalexander4959 So smart of you to assume they use nothing but Excel on their gaming laptops! Damn you're one helluva genius dude! You're welcome btw....
@spacifiasome22293 жыл бұрын
Get reverse shell possible.. but how did you open desktop on kali
@VideosNotFound Жыл бұрын
I never knew it was THIS easy ...
@Debarros2010 Жыл бұрын
Any step by step how to set up this both on Win PC (The script) and on K.ali Linux PC? Thanks
@Hamidtbeigi3 жыл бұрын
Perfect 👍
@LabEveryday2 жыл бұрын
Good video!
@alexsec6418 Жыл бұрын
When are you coming to teach us the full skills as a tutorials boss
@blameItleaveit3 жыл бұрын
Simple and sweet
@no_winger3 жыл бұрын
Information ❤️ Marcus
@didyouknowamazingfacts27902 жыл бұрын
I don't understand how the antivirus doesn't pick up on the malware.
@neloangelo__133 жыл бұрын
Hey Marcus, where did you get your FancyBear T-shirt?
@MalwareTechBlog3 жыл бұрын
It was a gift from a CrowdStrike executive
@mayurahir93403 жыл бұрын
Can u make video on how to setup tor to completely anonymous on internet
@novianindy8877 ай бұрын
you should show what's in the VBA code. Is it not detected by AV?
@pabloturnesg3 жыл бұрын
Why did you do it in windows 8, is it possible in win 10 updated?
@MalwareTechBlog3 жыл бұрын
Yeah it's possible in Windows 10, I just didn't have an activated copy of MS Office in my W10 VM.
@hack-talk9098 Жыл бұрын
@@MalwareTechBlog please for educational purpose please give us the code. A lot of white whites like us are looking up to you. Daniel from Ghana
@dalvizarkafilhamristijana11302 жыл бұрын
This is a really usefull information sir, thanks for the informations. I'm a IT Security Officer in my company, and already experienced one case regarding to this Technique, so what mus we do if we need to edit the Documents because it's important? Because the antivirus in my companies not detect the suspicious background activity whenever user click "Enable Protected View". Do i must check it with reverse engineering or just checking in virustotal to avoid Security Issues? Thanks
@hitorinohitorino Жыл бұрын
I recommend that you only be able to run the VBA options using company signatures. A VBA script can only be executed with a valid company signature. a must for companies only with their signatur can run VBA, its e recommen option.
@TecraTube3 жыл бұрын
Aren't you famous or infamous or something?
@patapon30513 жыл бұрын
Great tutorial worked on FBI thanks!
@bdas84203 жыл бұрын
Bruh
@berthold95822 жыл бұрын
I am new to your youtube chanel
@skeletron9505 Жыл бұрын
El barto was here
@user-px4qd4ip8k2 жыл бұрын
I love this field, but unfortunately I can't understand English. My greetings to you Abdo to Mr. Marcus.
@muudus_tv3 жыл бұрын
I think I reverse engineered Ghidra.
@Based-Indian3 жыл бұрын
Which tool did You use?
@internetwarrior6663 жыл бұрын
Looks like msf with a pdf/xls macro and brain.
@damnson28062 жыл бұрын
What's the ASUS model?
@camillavergas78222 жыл бұрын
do you wish to learn more or get the best software ???
@damnson28062 жыл бұрын
@@camillavergas7822 I wish to know the ASUS model.
@arthurrotarmel754 Жыл бұрын
now i get my revenge
@anujtripathi46533 жыл бұрын
First view ⚡⚡⚡❤
@rlynotabot2 жыл бұрын
We've been trying to reach you about your car's extended warranty
@nikos46772 жыл бұрын
*for educational purposes only*
@minibit01033 жыл бұрын
Wouldn’t defender pick this up right away?
@syskey14022 жыл бұрын
It depends if it is obfuscated or not etc... Also how widely used the code is
@ivasivancic2355 Жыл бұрын
@@syskey1402 HEy man , i would you ask some question,do you have email or whatsup or something like that ,im just student and cyber sec resreacher :) PM me :)
@yacoubakonte31463 жыл бұрын
Salut Marcus comment as tu acquéri les connaissances en informatique étant si jeune
@peterkim96963 жыл бұрын
Probablement il ne comprend pas le français hh
@farisikhmal48683 жыл бұрын
nice
@hjk91663 жыл бұрын
this is html
@mose3c963 жыл бұрын
I see some open malware without click enable button
@Gamer-xk8bk Жыл бұрын
This is because malvare threat actors use different ways to comprise a system. This is just one of the ways and that is using macros as a way of dropping malvare into the system.
@mose3c96 Жыл бұрын
@@Gamer-xk8bk thanks for your replay
@sayemon103 жыл бұрын
holy crap
@felixayenor90903 жыл бұрын
My lovely hacker!
@peterkim96963 жыл бұрын
What about anti-virus?
@harrieswanepoel96783 жыл бұрын
Yeah well it’s apparently impossible to create a fud macro -> always gets detected
@root3173 жыл бұрын
wrong
@internetwarrior6663 жыл бұрын
@@root317 scantime it'll be FUD runtime, no.
@root3173 жыл бұрын
@@internetwarrior666 ther is always a way. Trust me i've seen some. They obfuscate the macro. Bypass amsi and load the payload. Without getting detected.
@internetwarrior6663 жыл бұрын
@@root317 obfuscation only helps with scan time, the rest yeah but you would need to know how to write a custom shellcode injection and most services that offer the macro don't offer that to just anyone.
@root3173 жыл бұрын
i know. it helps for static analysis. as for execution there is a lot you can do... the most basic way with powershell...
@JustTheHighlights7 ай бұрын
🤯
@1science2code223 жыл бұрын
What's your TikTok?
@MalwareTechBlog3 жыл бұрын
MalwareTech
@TecraTube3 жыл бұрын
Bruh, Microsoft document macros are so 90's, yet they're so perfect for today! People are morons. Then, now, and will always be 😉
@flTobi3 жыл бұрын
I'd rather blame Microsoft for not fixing the underlying instead of putting the blame on other people. Not everyone is tech-savvy or part of the infosec community....
@TecraTube3 жыл бұрын
@@flTobi yaa, nooo... If you were in infosec, you'd know the biggest, most prevalent security flaw in ANY system, is the human
@flTobi3 жыл бұрын
@@TecraTube yeah and that's exactly why obvious design flaws like this should be avoided, instead of insulting the users who fall victim to these kind of scams
@superman12513 жыл бұрын
Jesus
@justforyoutube13193 жыл бұрын
Second
@kan88163 жыл бұрын
Where you I am Anonymous
@dangerouscoder34553 жыл бұрын
Exploit name
@internetwarrior6663 жыл бұрын
Just go to exploit and buy it 😂
@yeetyeet70703 жыл бұрын
why is the comment section tiktokers instead of nerds now? :( don't but bad words in your title, the algorithm will ruin your channel
@reverseturingtest3 жыл бұрын
If you don't mind me asking, what's wrong with educating the general public about malware and computer safety?
@milkiastewelde50892 жыл бұрын
Can you send me the code you us to hack the computer please 🙏
@ryanconorantonio7322 жыл бұрын
i am really confused dont you have a group"?facebook ,telegram?
@awaaragaming63202 жыл бұрын
This computer hacking curlneltely we did your meeting for herriot and you can hack just gogle but with your passwords wo can somthing Don live rise because he can be compared to data
@DanRellex2 жыл бұрын
We've been trying to reach you about your car's extended warranty