Peter Kruse | Cybercrime Research @peterkruse
Peter Kruse is a cybersecurity researcher. Co-founder of CSIS Security Group, Kruse Industries, SIE-Europe & Heimdal. CARO member. CISO at Clever. Denmark Joined January 2009-
Tweets13K
-
Followers14K
-
Following859
-
Likes10K
#Censys Researchers investigated the threat actor infrastructure behind the #ArcaneDoor campaign, led by previously unknown state-sponsored threat actor #UAT4356, and found networks, certificate indicators, and software hinting at potential ties to China. censys.com/analysis-of-ar…
DropBox says hackers stole customer data, auth secrets from eSignature service - @LawrenceAbrams bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…
This brings back some memories: This repo contains the original source-code and compiled binaries for MS-DOS v1.25 and MS-DOS v2.0, github.com/microsoft/MS-D…
By me @CSOonline Authentication failure blamed for Change Healthcare #ransomware attack csoonline.com/article/209460… (feat. experts @Azeem_Aleem, @CloudCoCoPlc, @OpenTextSec, @KrollWire) ,
ToddyCat is making holes in your infrastructure, securelist.com/toddycat-traff…
A self-proclaimed #APT group (APT73) has launched a bounty program spanning from $1000 to $1 million. Their primary buisness is #ransomware deployment. Go figure.
Microsoft has identified longstanding activity by the Russian-based threat actor we track as Forest Blizzard using a custom tool we call GooseEgg to exploit CVE-2022-38028 in the Windows Print Spooler service to elevate permissions and steal credentials: msft.it/6014YG3oI
Så ruller der lidt mere #investeringssvindel hvor der laves en række checks herunder browser agent, geoip, referal, cookies osv. Hvis de ikke opfyldes, så lander man ved at klikke på de uønskede reklamer, på en falsk webshop og ikke på en portal til indrulning til svindel.
I did a short analysis of a #Vidarstealer being dropped from fake Bitdefender and McAfee websites: kruse.industries/l/falsk-bitdef… It’s in Danish but your favorite translator should make it readable :-)
Nice research: No, LLM Agents can not Autonomously Exploit One-day Vulnerabilities, struct.github.io/auto_agents_1_…
In the first quarter of 2024, established ransomware families like Akira, Lockbit, Play, and Phobos were still the most predominantly used in attacks observed by Microsoft. Microsoft now tracks 75 active ransomware families.
MITRE Response to Cyber Attack in One of Its R&D Networks, mitre.org/news-insights/…
I just posted a rundown on the #Medusastealer CaaS which also documents targeted campaigns against the Netherlands and Belgium: kruse.industries/l/en-analyse-a…
Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm, cloud.google.com/blog/topics/th…
Det her #leakyCLI er nok noget man lige skal være OBS på, og omfatter AWS, Google og Azure command-line værktøjer, orca.security/resources/blog…
Detailed technical analysis into CVE-2024-3400 now available on @AttackerKb courtesy of @stephenfewer and @ChairNectar attackerkb.com/topics/SSTk336… #infosec #cybersecurity
#infosec 0day lifecycle: XZUtils 10/10 found ITW XZUtils patch XZUtils in all media XZUtils PoC release … day goes by XZUtils is OKish … day goes by PAN-OS 10/10 found ITW PAN-OS patch PAN-OS in all media … WE ARE HERE PAN-OS PoC release … day goes by PAN-OS is OKish …
For my Danish Followers: Denne artikel er den mest præcise jeg har læst når det handler om at finde årsagen til #investeringssvindel, nyheder.tv2.dk/samfund/2024-0… Måske nogen i @dkpol kunne spørge Facebook hvorfor de ikke filtrerer på deres udgående trafik?
Henrik Moltke @DRMoltke
4K Followers 132 Following Tech korrespondent hos @drnyheder. @marcelfard’s bedre halvdel på AI-podcasten Prompt. 📧 [email protected] Signal: 27123536 Taler engelsk på: @moltke. DMs åbne.Will @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REviltveskov @tveskov
18K Followers 5K Following Digital/Analog Concept Wrangler. I used to design spaceships @ LEGO. Love to build concepts, models, meaning and more. Into art, creativity, AI, walking..JAMESWT @JAMESWT_MHT
35K Followers 419 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcWanders kjærulff @kjaerulv
6K Followers 3K Following radiovideoprintonlinepoetjournalist and technocritic. mail: [email protected] Signal: 42440634 Mastodon: https://t.co/y2096FRuggGermán Fernández @1ZRR4H
29K Followers 576 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱Michael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaFKarsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️Virus Bulletin @virusbtn
59K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]blackorbird @blackorbird
28K Followers 600 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit Need JobSentinelOne @SentinelOne
52K Followers 1K Following ONE autonomous platform to prevent, detect, respond, and hunt. Do more, save time, secure your enterprise: https://t.co/N75g1HAnCs 🐱💻Catalin Cimpanu @campuscodi
112K Followers 1K Following Parked account. I don't post here anymore. Follow me on Mastodon: @[email protected]James @James_inthe_box
21K Followers 438 Followinghasherezade @hasherezade
84K Followers 846 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)Peter Sønderby-Wagne.. @sonderby
7K Followers 4K Following I love Tech, Gaming, Food, Wine and nice cars! NOW: Real Estate, https://t.co/MnY1s01kCg, Luxplus EXIT: Freeway, Trendsales, Arto, DKBN,Dating dk, Just-Eat, Plusbog .. +Max_Malyutin @Max_Mal_
11K Followers 302 Following Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”Joe Roosen @JRoosen
8K Followers 1K Following SpyCloud - Security Research Manager, Cryptolaemus Coordinator, Emotet(Ivan)/QBot(Boris) hater, gold prospector & former sysadmin.Graham Cluley @gcluley
113K Followers 2K Following Award-winning cybersecurity keynote speaker, writer, podcaster | Co-host of "Smashing Security" podcast @SmashinSecurity | 🐘 https://t.co/LbjAKHahyPJazi @h2jazi
7K Followers 522 Following Threat Intel researcher! Technical tweets only; not reflective of employer's views. No endorsement of political groups/entities.Thomas Wittenburg @t_wittenburg
4K Followers 2K Following CEO @dashtwo_io, Air Force Reservist. Singer of filthy Rock and Roll. +45 2972 3373Deepak @Vamsi0991384371
5 Followers 165 Followingsol ʕ⁎̯͡⁎ʔ༄ @dominatrixisol
273 Followers 762 Following 21 // basically a diary for my deranged thoughts (my pfp is a pic of me ☆)Is Now on VT! @Now_on_VT
1K Followers 306 Following Get notified when interesting APT/FIN indicators of compromise appear on https://t.co/Sb3PFMresB. A threat intelligence project by @craiuJoey Labriola @joeylabri0la
10 Followers 68 Following Work: @Hacker0x01. Cybersecurity meme connoisseur.Lyn @Lucifer_UD
151 Followers 790 Following Threat Intel researcher、Threat Analysis、Vul&Mal research、 Special interest in tracking APTs. SoC&SIEM interesters.Ouanilo MEDEGAN 🇧�.. @ouanilo
6K Followers 841 Following #IT, #InfoSec (https://t.co/Ytlo6lZcGW), #MMA 🥋 (https://t.co/ZYBAmtO76e), #AfricaSuresh Bishnoi @Surii_Bishnoii
0 Followers 31 FollowingTeemu Kyyber @TKyyber
5 Followers 32 FollowingSafa @s_wrdk
455 Followers 1K Following Former Beauty Consultant at @OriflameTurkiye |Calligraphy ✍🏻| Interpreter between 4 languages | Views are my own. 🇦🇫daniele pesolo @DPesolo
5 Followers 281 FollowingYohan Jones @YohanJones6859
3 Followers 48 FollowingRobert Christiansen �.. @RobertKHC
24 Followers 49 Followingtsr @tsr1654079
6 Followers 137 FollowingNeal C Turing @KnoxKicker
19 Followers 44 Following 🔮✨ Digital Story Explorer | Engineer by day, Writer by night | Passionate about literature 📚💡 and technology 🖥️🌟 | Digital Activist 🌐✊Bug Hunter @h_p__official
1 Followers 15 FollowingDurvesh Dundale @DDundale281203
10 Followers 80 FollowingMySelfLuls @MySelfLuls
17 Followers 166 FollowingBenny Winther @benny_winther
237 Followers 5K Following Undervisningsdifferentiering og inklusion – Få jeres VISION omsat til PRAKSIS i kommunen/skolen. SKOLE MED OVERSKUD TIL ALLE.Susanna Rankenberg @rankenberg
414 Followers 430 Following Ideas, words, voice in digital media+broadcasting / VO at DR1 / law student /Podcast @Techsistens not dead, it's resting. Fan of science and democracy.iamshe @JamilMichelle
623 Followers 3K Following Student of international currency exchange, Compassionate contact for veterans former ambassador agri/canna co.Orlando Jarra @OrlandoJarra
13 Followers 107 FollowingSplunkjamma @splunkjamma
10 Followers 90 Following Co-founder and lead programmer for WPGB Studio @BadlyWeNuhu Hawaii @HawaiiNuhu_38
105 Followers 1K FollowingSwastik Thorat @swastikthorat45
100 Followers 1K FollowingChase Carter @cr_carter_
49 Followers 76 Following System/Network Administrator | BS Cybersecurity | Pentest+ | CySA+ | Sec+ | Net+ | SSCP | ITILv4Salman Shaikh @salmanvsf
163 Followers 892 Following Senior Security Researcher at Kaspersky ICS CERTAlişan Yıldız @alisanyildiztr
0 Followers 108 FollowingMomF0rd @vantage1337
20 Followers 100 Followingdhm_cyber @dhm_cyber
3 Followers 82 Following On a never-ending pursuit of keeping the bits flipped the write-side up.Sanketh CM @cm_sanketh
1 Followers 6 FollowingMT @ManiTiw34727354
3 Followers 230 Followingzeee @Dszeee20
18 Followers 13 Followingmadhav @madhavabhardwaj
3 Followers 47 FollowingOzer @skekwlwl77
0 Followers 125 FollowingHarishNokhwal @harishnokh
2 Followers 51 Following I know looks aren’t everything, but I have them just in case.Lukasz @Lukasz202307
32 Followers 13 FollowingR48BIT @R48BT
0 Followers 6 Following🚫 404 - Not found @8ttp_4o4__
0 Followers 21 Following Opinions are my own, I don't need to copy/paste.Adjie Dwi Pangestu @adjiedwipangest
60 Followers 552 Following Hai orang-orang yang beriman, jadikanlah sabar dan shalat sebagai penolongmu, sesungguhnya Allah beserta orang-orang yang sabar. — Surat Al-Baqarah Ayat 153Peter Christensen @PeterSandahl
48 Followers 246 Followingsockecito @sockecitoUy
45 Followers 101 FollowingBleepingComputer @BleepinComputer
213K Followers 175 Following Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!Will @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvilAndrew Thompson @ImposeCost
34K Followers 1K Following Head of Research and Discovery @Mandiant/@GoogleCloud. Understanding and countering adversaries. Posts attributable to me—not my employer.ESET Research @ESETresearch
32K Followers 30 Following Security research and breaking news straight from ESET Research Labs.JAMESWT @JAMESWT_MHT
35K Followers 419 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcWanders kjærulff @kjaerulv
6K Followers 3K Following radiovideoprintonlinepoetjournalist and technocritic. mail: [email protected] Signal: 42440634 Mastodon: https://t.co/y2096FRuggGermán Fernández @1ZRR4H
29K Followers 576 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱Michael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaFKarsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️Virus Bulletin @virusbtn
59K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]blackorbird @blackorbird
28K Followers 600 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit Need Jobςεяβεяμs - м�.. @c3rb3ru5d3d53c
21K Followers 235 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/SfTI8uJa23Catalin Cimpanu @campuscodi
112K Followers 1K Following Parked account. I don't post here anymore. Follow me on Mastodon: @[email protected]Poul-Henning Kamp @bsdphk
8K Followers 95 Following Author of a lot of FreeBSD, most of Varnish and tons of other Open Source Software. All your passwords are belong to my md5crypt() @[email protected]Will Dormann @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. @[email protected]James @James_inthe_box
21K Followers 438 Followingx0rz @x0rz
98K Followers 422 Following Cybersecurity & Threat Intelligence. Knowledge is power, France is bacon 🥓hasherezade @hasherezade
84K Followers 846 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)Kostas @Kostastsale
16K Followers 366 Following @TheDFIRReport member | Tweeting and following mostly #ThreatIntel,#malware,#IR & #Threat_Hunting. Opinions are mine only! 🇬🇷🇨🇦Squiblydoo @SquiblydooBlog
2K Followers 60 Following Malware Analysis (mostly SolarMarker) I post my random arts under the handle @SquiblyArt Debloat discord: https://t.co/ZcWIqa6rKBRamin Nafisi @MalwareRE
5K Followers 2K Following Malware RE Lead @ Microsoft Threat Intel Center (MSTIC) || Fascinated & humbled by your complex malware, me vs. your code, not me vs. you/yours.ET Labs @ET_Labs
6K Followers 204 Following ET Labs is the research team of Emerging Threats - Bionic threat intelligence specialists from Fantasia.Gi7w0rm @Gi7w0rm
14K Followers 680 Following Threat Intelligence and #URINT Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8pMats Magnussen @MatsMagnussen
728 Followers 1K Following Medstifter af Radar og journalist på Ingeniørens it-medie Version2. 24917900 // [email protected]Malpulse @malpulse
236 Followers 35 Following Actionable C2 / CnC Intel — Sharings may be sampled because of Twitter/X API limits, for full IOC list, visit our website or Threatfox (For FPs: malpulse@gmail)Nordjyllands Politi @NjylPoliti
99K Followers 426 Following Vi kan ikke garantere svar her. Søg svar på https://t.co/KLxZHqKzmk eller ring 114. Brug for akut hjælp? Ring 112. Anmeld online: https://t.co/uEgMhKbYjAZero Day Initiative @thezdi
77K Followers 17 Following Trend Micro’s Zero Day Initiative (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.Gavin Kramer @atomiczsec
6K Followers 122 FollowingMalware Patrol @MalwarePatrol
9K Followers 2K Following Malware | Ransomware | Phishing | CryptominingPatrick Wardle @patrickwardle
37K Followers 959 Following Founder of the Objective-See Foundation 🛠️🍎FalconFeeds.io @FalconFeedsio
30K Followers 534 Following Democratizing Cyber Security. Threat intelligence platform for Cyber Security professionals and Small/medium business. Insights from Darkweb and Threat Actors.SecurityWeek @SecurityWeek
220K Followers 3K Following #Cybersecurity News, Threats, Insights and Expert Analysis: #SCADA #Infosec #ICS CoverageChetan Nayak (Brute R.. @NinjaParanoid
27K Followers 0 Following DarkVortex Founder | https://t.co/x8K5gzt2RG | Former RedTeam @CrowdStrike/@Mandiant/@niiconsultingFrank Boldewin @r3c0nst
5K Followers 301 Following Reverser, Malware Researcher, Threat Intelligence dude, focused on hunting APTs targeting the financial industry. https://t.co/lLGcnbam8yAnkit Anubhav @ankit_anubhav
8K Followers 390 Following Voice of IoT Security & awareness. I make the world of IoT a safer place. Ex- McAfee / FireEye / NewSkyLianne P. @Tech_Soapbox
1K Followers 2K Following Head of SecOps | Cyber Anthropologist | Tech Founder @anthrosecurist l Podcast Host @cp_securitypod | Not Your Average (Height) Cybersecurity ProfessionalKelsey @k3dg3
3K Followers 308 Following @proofpoint | Friendly NEIGHborhood Threat Researcher | Hobby Reverse EngineerGameel Ali 🤘 @MalGamy12
5K Followers 920 Following Threat Researcher @nextronsystems and volunteer at @vxundergroundThreatBook @ThreatBookLabs
3K Followers 23 Following Expert on cyber threats detection and response. Fast detect and respond to threats with high-fidelity, efficient, actionable security intelligence.SKII @SethKingHi
1K Followers 598 Following Senior Security Researcher @kaspersky GReAT, tweets and opinions are my own.0xor0ne @0xor0ne
55K Followers 526 Following | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |Daniel Stepanic @DanielStepanic
1K Followers 609 Following Malwarez at @elasticseclabs | Macrodata RefinementC2IntelFeedsBot @drb_ra
4K Followers 0 Following Mostly here for posting C2s. Thank you to @censysio for the raw data. Censys Search 2.0 extended our results massively.IronNet Threat Resear.. @IronNetTR
920 Followers 24 Following Transforming NDR through Collective Defense Interested in a trial or demo of IronRadar? Reach out to [email protected]Aaron Jornet @RexorVc0
2K Followers 392 Following Threat Researcher at @One_eSecurity | Malware Researcher | Threat Hunter | CTI ¦ Former @ElevenPaths @Panda_Securityjagchandra @jag_chandra
611 Followers 351 Following Malware Research, Mobile malware, Reverse Engineering, DM me to report malware apps/URL. (On [email protected] )Jan Kaastrup @csis_jankaa
15 Followers 0 FollowingIgal Lytzki🇮🇱 @0xToxin
9K Followers 285 Following Security Researcher at @Microsoft | Ex - Perception Point Threat Analyst & Team LeadNoVirusThanks @novirusthanks
3K Followers 3K Following Cybersecurity company focused on security tools / https://t.co/DrFbvvEMAM / https://t.co/V8B0zpvirn / https://t.co/QrNgNxlMuR / https://t.co/NnpH7uvgc4 / https://t.co/pDDdUgV7nv[email protected].. @Xtemporality
205 Followers 314 Following Reverse Engineer && Digital Investigator; Opinions are my own.Harbulary Battery @keydet89
5K Followers 67 Following Sr DFIR Advisor, Researcher, Practitioner. USMC vet. Author. Opinions = own. https://t.co/NRAYlb4Xb1 #IntrusionIntel #IObviateCompliance @HuntressLabsWes Drone @wesdrone
2K Followers 439 Following Microsoft | Former @Proofpoint Threat Research, @FBI, ESRX, DFIR Adjunct @UMSL | Tweets are my own not my employersIvo I @securesearcher
362 Followers 526 Following Principal Security Engineer @Dropbox (ex-AMZN/ex-MSFT). Hardware & Software Security, Boxing, Skiing & Heavy Metal. Opinions are my own.Kasper Stad @kasperstad
13 Followers 43 Following Systems Administrator and cybersecurity engineer at @AarhusUni in Denmark. Not actively using this account, find me on Mastodon. https://t.co/ZpSdNl7gIiR. @0xrb
5K Followers 1K Following Reverse Threat Intel | Malware /Threat Hunter | Exploit Research \\ #IoT #Malware #Research, Reverse Engineering, #Botnet C2 #HijackingOdisseus @_odisseus
10K Followers 2K Following Independent Security Researcher, who likes the story of "the legendary Greek hero" (cit.)Så er det i morgen 4. maj finalen af De Danske Cybermesterskaber afvikles på @aalborg_uni i Kbh. De 100 bedste unge hackere dyster om placeringer - og om at komme i betragtning til Cyberlandsholdet. Håber at både #dkmedier og #dkpol følger med! @Industriensfond, @Cybersikkerhed
[2024-05-02] #Magecart #webskimmers domains Update for Palo Alto Networks list: github.com/PaloAltoNetwor… pastebin.com/qRiXRyun
2024-04-30 (Tuesday): We've found several seemingly legitimate websites hosting JavaScript-based #webskimmers. List of associated file hashes for examples of skimmer code and domains used by endpoints collecting the stolen data are available at bit.ly/3Wn4apC
🚨 Pakistan Prime Minister's Office Themed Phishing PDF File Evaded All the AV Solutions 🚨 📌 VT Detection: 0 / 63 📁 Filename: Outstanding Payment of Tender upload fee - PPRA.pdf 🔐 MD5: d4eb4cee8aeb6f2ea36afadeda9dbb23 🕵️♂️ IOCs: - http[:]//docs.mofa-services-server.top/ -…
Kan nogen forklare mig hvorfor man skulle bruge rejsekortet appen så? dr.dk/nyheder/senest…
@PiaOlsen God satire gør ondt på dem som bør føle sig ramt. Samtidig er satire det ypperste adelsmærke for et frit demokrati: at magten netop kan latterliggøres og tales imod. Så pak blot krænkelsen væk.
@PiaOlsen Der er rigtig rigtig mange ting der bekymrer mig om den demokratiske samtale og demokratiet. Dit parti har selv haft en meget vigtig, nogen vil måske sige alvorlig rolle i et skred væk fra de demokratiske værdier. Alligevel vælger du at være forarget over en korrekt markeret…
How can a 7 year old vulnerability be an 0-Day? “7-Year-Old 0-Day in Microsoft Office Exploited to Drop Cobalt Strike” hackread.com/microsoft-offi…
#phishing DK - MitID /mitid-verificere.com Domain Creation Date: 2024-04-25T22:53:09Z Registrar NICENIC INTERNATIONAL GROUP CO. VT: virustotal.com/gui/ip-address…
Tænk hvis @DigstDK havde været fremsynet nok til at lave, og lære folk at AL officiel statslig IT kørte som sub-domains til fx borger.dk eller gov.dk. Altså som fx mitid.gov.dk, så det var nemt at lære folk hvad de IKKE skulle klikke på.
#phishing DK - MitID Detected in realtime with SIE Europe pDNS Sensor network and analytics VT virustotal.com/gui/ip-address…
There is a bunch of websites currently #compromised with #FakeUpdate malware. Most notably: ecowas[.]int ( @ecowas_cedeao @Ecowas_cdc @BIDC_EBID ) icef[.]com (@ICEFglobal) and fup[.]edu[.]co ( @La_Fup) a full list of compromised sites can be found here: github.com/Gi7w0rm/Malwar…
#phishing DK - MitID Detected in realtime with SIE Europe pDNS Sensor network and analytics VT virustotal.com/gui/ip-address…
Seems @sekoia_io sinkholed a #PlugX C2 and observed around 100.000 devices from 127 countries connecting. Good job on this investigation 👍 blog.sekoia.io/unplugging-plu…
📌 Hunting #WyrmSpy aka AndroidControl (Android surveillance malware) C2 servers operated by #APT41 🇨🇳 ▪ Shodan: title:"AndroidControl v1.0.4" ▪ Censys: services.http.response.html_title="AndroidControl v1.0.4" 8.219.55.216 47.241.218.217 In one of the JS files of the panel…
@dimitribest @DmitriyMelikov @patrickwardle @vxunderground Android components 🔎 + 2nd stage: http://103.27.109[.]217:52202/963852741/mmfile/ads/smallmload.jar + Alleged #LightSpy core: http://103.27.109[.]217:52202/963852741/mmfile/ads/bbbb.jar (threatfabric.com/blogs/lightspy…). date=2020-11-16 filename=bbbb.jar…
A Glance into the Spyware Industry github.com/blackorbird/AP…
Unplugging PlugX - Sinkholing the PlugX USB worm botnet - #plugx #mustangpanda #worm blog.sekoia.io/unplugging-plu… (h/t @charlesmeslay, @r1chev & @sekoia_io)
Defusing the Threat of Compromised Credentials decipher.sc/defusing-the-t… #decipher #deciphersec