Similar User
@SOC0923
@119_cpa
@De4Ud7
@y0h33
@EAv2vHjcEbOYcdr
@kenITsec1022
@toto2000jp
@kiha_khl
@takafumi_i
@nVoAAClaJSd34Gp
@Umbtqres
New #lumma c2 panel on lummc2[.]fun with 0 detections on VT app.any.run/tasks/2d9867c3… Query used: services.http.response.favicons.md5_hash="565ac8716e4fd6028e64c29639bfede1" @ViriBack
#NorthKorean #APT28 #LazarusGroup #InvisibleFerret backdoor injected in public Node.js project start-server.js>http[://147[.124[.214[.129[:1244/j/s0HhMg2>test.js>.npl>bow & pay > 101[.106[.211[.[173[.rdns[.colocationamerica[.com[:1245 same for all OS
#APT #APT32 #OceanLotus #CobaltStrike #malware #threat 📍🇻🇳 💥🇨🇳🌏 ⛓️ #Phishing > Mal Doc > LNK run HTA > Drops LenovoDesk and Mal Dll > Dll Side-loading > Persistence > ShellCode > CobaltStrike beacon > #C2 🔗Knowsec 404 report: mp.weixin.qq.com/s?__biz=MzAxND…
A very late (due to vacation :) ) csv formatted list of #malspam campaigns that crossed my path in June to include #malware type, hashes, c2's, subjects, and email exfil addresses: gist.github.com/silence-is-bes… #retrohunt
🚩 #BruteRatel → #Latrodectus ▪ "Form_Ver-11-58-52.js" (https://firebasestorage.googleapis[.]com/v0/b/namo-426715.appspot.com/o/ PqA45bE7me%2FForm_Ver-11-58-52.js?alt=media&token=dc88189e-81de-49e9-879e-365bc76e3567 > bazaar.abuse.ch/sample/3ac8dec…) download BST.msi…
ペンテスターが攻撃手法を練習するための脆弱な Active Directory 環境である GOAD を構築しました。 l3ickey.github.io/2024-05-29-GOA…
📝インシデントレスポンス対応者むけのWindows フォレンジック ガイド。初歩的なところをざっくりとまとめてあるので、WindowsでのIR対応始める際のガイドとして役立ちそうです microsoft.com/en-us/security…
#Shodan Query for #LummaStealer #Malware Query: http.html_hash:2013986754 asn:"AS29470" IOCs: 194.87.207[.]140 194.87.207[.]87 45.11.26[.]124 45.135.233[.]189 45.143.94[.]219 45.151.144[.]169 46.17.248[.]68 87.247.157[.]186 87.247.157[.]34
CVE-2023-50386: Apache Solr Backup/Restore APIs RCE. Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr. Poc github.com/vvmdx/Apache-S…
"TODDLERSHARK: ScreenConnect Vulnerability Exploited to Deploy BABYSHARK Variant" published by Kroll. #TODDLERSHARK, #CVE-2024-1709, #CVE-2024-1708, #KTA082, #CTI, #OSINT, #LAZARUS kroll.com/en/insights/pu…
SharpHoundがどのようにしてSessionをcollectするのか解説した記事、勉強になる blog.compass-security.com/2022/05/bloodh…
"RE:archive | APT37's ROKRAT HWP Object Linking and Embedding" published by 0x0v1. #APT37, #RokRAT, #CTI, #OSINT, #LAZARUS 0x0v1.com/rearchive-rokr…
Advanced CyberChef Techniques for Configuration Extraction - Now in Blog Form 😁 A detailed look into advanced CyberChef operations applied to a config extractor (Flow Control, Registers, Regex, AES and Much Much More). 🔥 embee-research.ghost.io/advanced-cyber… #Malwareanalysis #CyberChef
キングソフトの正規exeからのDLLサイドローディングで最終的にはCobalt Strike。 Attackers leverage PyPI to sideload malicious DLLs reversinglabs.com/blog/attackers…
ICYMI: Lumen's @BlackLotusLabs ace CTI work on Volt Typhoon's KV Botnet, showing the power of Netflow and Temporal Analysis 🇨🇳 🔎 Lumen saw Netflow between the KV Botnet and two Guam telcos, a Guam ISP, and Guam Gov entity. 1. blog.lumen.com/routers-roasti… 2. blog.lumen.com/kv-botnet-dont…
Latest @CISACyber report is packed with details on Volt Typhoon's 🇨🇳 tradecraft - the hottest APT on the block Specifically of note are the observations of Volt Typhoon targeting OT/BMS assets, like HVAC or CCTV, and their focus on domain controllers. cisa.gov/news-events/cy…
I wrote my first blog post with @harfanglab: a primer on reverse engineering .NET AOT applications. harfanglab.io/en/insidethela… This will be interesting to people who never created FLAIR signatures in IDA.
まとめ方含めてとてもよい解析レポートや Detailed Analysis of DarkGate; Investigating new top-trend backdoor malware medium.com/s2wblog/detail…
Burp Suite 101 For Beginners🔥 #1 - Introduction and Installation: 🔗 hacklido.com/blog/621 #2 - Understanding Navigation, Dashboard, Configuration: 🔗hacklido.com/blog/624 #3 - Exploring Burp Proxy and Target Specification: 🔗hacklido.com/blog/625 #4 - Exploring Burp…
United States Trends
- 1. $AROK 6.398 posts
- 2. Ohio State 23,7 B posts
- 3. Indiana 33,5 B posts
- 4. Wayne 122 B posts
- 5. #daddychill 2.343 posts
- 6. Howard 21,7 B posts
- 7. Ryan Day 3.618 posts
- 8. Gus Johnson N/A
- 9. Hoosiers 7.164 posts
- 10. Buckeyes 6.453 posts
- 11. $MOOCAT 7.279 posts
- 12. DJ Lagway 1.695 posts
- 13. #iufb 4.010 posts
- 14. UMass 2.864 posts
- 15. Chip Kelly N/A
- 16. Surgeon General 108 B posts
- 17. Cody Simon N/A
- 18. Carnell Tate N/A
- 19. Neil 33,5 B posts
- 20. Maddison 13 B posts
Something went wrong.
Something went wrong.