Bank Security @Bank_Security
Keeping you informed on the latest cyber threats #cybersecurity #threatintelligence bank-security.medium.com Joined September 2013-
Tweets4K
-
Followers41K
-
Following321
-
Likes15K
I'm a huge fan of using Obsidian for everything from a knowledgebase through to a shopping list. @Bank_Security has done a great job in this post of showing how effective it can be as a CTI tool: bank-security.medium.com/mastering-cybe…
Threat Intelligence with AI: The Power of Google Bard, Drive and Inoreader Integration medium.com/@bank-security…
Since February 2023, Microsoft has observed password spray activity by Iranian threat actor Peach Sandstorm (HOLMIUM) against thousands of orgs, likely an attempt to collect intelligence to support Iranian interests. Get TTPs, mitigation, hunting guidance: msft.it/60129e0qE
⚠️ Use Microsoft Teams? Watch out for TeamsPhisher! While it is not usually possible to send files to MS Teams users outside your org, by security researchers found a bypass by manipulating Teams web requests 🔥 github.com/Octoberfest7/T… Examples of MS Teams phish lures ⬇️ 1/3
🎯#Qakbot Botnet Takedown in Operation Duck Hunt! 💻 700,000 Victim Computers 💰 $8.6m in cryptocurrency seized by DOJ 💰 Qakbot has earned $58m in ransoms 🔒 Qakbot used by Conti, ProLock, Egregor, REvil, MegaCortex, and Black Basta ransomware groups justice.gov/usao-cdca/pr/q…
Microsoft has identified a nation-state actor tracked as Flax Typhoon quietly gaining and maintaining access to organizations in Taiwan via known exploits, malware, built-in tools, and legitimate VPN software. Get the actor's TTPs and detection info: msft.it/60119RbsD
The vx-underground x @SentinelOne malware research competition has come to a conclusion and a winner has been chosen. @tr3gleos discovered an unknown malware family named "Net_Neo" which targets banking institutions primarily in Spain and Chile. sentinelone.com/blog/neo_net-t…
Microsoft has detected increased credential attack activity by the threat actor Midnight Blizzard using residential proxy services to obfuscate the source of their attacks. These attacks target governments, IT service providers, NGOs, defense industry, and critical manufacturing.
KILLNET hackers group allegedly claims to have targeted IBAN banking system and they also claims to target SEPA, WISE and SWIFT. Meanwhile "REvil" group started a poll to select the targets. #killnet #REvil #infosec #cybersecurity #cyberattack
🔍Deep-dive on #MustangPanda indicators found in @TrendMicro's latest and awesome blog 🐼 📍5.188.33.190 (hostname mail.mofa[.]gov[.]tw) revealed an intriguing ssl cert. A #Shodan pivot unveiled another hit: 23.106.123.59 which also had hostname mail.mofa[.]gov[.]tw.…
In our continuous tracking of Russian govt affiliated threat groups, Cadet Blizzard (DEV-0586) has emerged as a novel GRU-affiliated actor that's conducted destructive operations likely supporting military objectives in Ukraine. Get TTPs & protection info: msft.it/6016gmzAq
At least 20.3K Fortinet devices likely vulnerable to CVE-2023-27997 (heap buffer overflow in sslvpn pre-authentication) seen in our scans (on 2023-06-12) Fortinet advisory: fortiguard.com/psirt/FG-IR-23… Dashboard: dashboard.shadowserver.org/statistics/com… Make sure to update your FortiOS/FortiProxy!
Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now - @LawrenceAbrams bleepingcomputer.com/news/security/…
Microsoft is attributing attacks exploiting the CVE-2023-34362 MOVEit Transfer 0-day vulnerability to Lace Tempest, known for ransomware operations & running the Clop extortion site. The threat actor has used similar vulnerabilities in the past to steal data & extort victims.
A macOS vulnerability could allow an attacker with root access to bypass System Integrity Protection (SIP) and perform arbitrary operations on a device. Learn more about CVE-2023-32369, which we refer to as “Migraine”, and its patch in our latest blog: msft.it/6018gegrs
Extreme PowerShell Obfuscation: blog.cerbero.io/?p=2709 The following is valid PowerShell code: ${;}=+$();${=}=${;};${+}=++${;};${@}=++${;};${.}=++${;};${[}=++${;}; ${]}=++${;};${(}=++${;};${)}=++${;};${&}=++${;};${|}=++${;};…
Hey :) We published a #QakBot infrastructure analysis bringing some cool findings. #QakBot C2 servers are not separated by affiliate ID, identification of three upstream C2 servers located in Russia, upstream activity,etc: team-cymru.com/post/visualizi… IOCs included 🫡 @teamcymru_S2
More actors are exploiting unpatched CVE-2023-27350 in print management software Papercut since we last reported on Lace Tempest. Microsoft has now observed Iranian state-sponsored threat actors Mint Sandstorm (PHOSPHORUS) & Mango Sandstorm (MERCURY) exploiting CVE-2023-27350.
Florian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇Nicolas Krassas @Dinosn
122K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3Germán Fernández @1ZRR4H
29K Followers 575 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱blackorbird @blackorbird
28K Followers 600 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit Need JobWill @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvilMichael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaFSentinelOne @SentinelOne
52K Followers 1K Following ONE autonomous platform to prevent, detect, respond, and hunt. Do more, save time, secure your enterprise: https://t.co/N75g1HAnCs 🐱💻Clandestine @akaclandestine
36K Followers 5K Following | Security | Osint | Threat Research | Opsec | Threat Intelligence | Infosec | Threat Hunting |JAMESWT @JAMESWT_MHT
35K Followers 419 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcWKarsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️James @James_inthe_box
21K Followers 438 FollowingSamir @SBousseaden
24K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]CyberKnow @Cyberknow20
30K Followers 3K Following Situational Awareness | Threat Intelligence | #cybertracker | Hacktivist tracker | Meme Farmer 🇦🇺🇦🇺 Posts and Opinions are my ownrootsecdev @rootsecdev
24K Followers 1K Following Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.Katie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]Catalin Cimpanu @campuscodi
112K Followers 1K Following Parked account. I don't post here anymore. Follow me on Mastodon: @[email protected]Gi7w0rm @Gi7w0rm
14K Followers 678 Following Threat Intelligence and #URINT Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8pSoufiane @S0ufi4n3
13K Followers 203 Following A random infosec/science enthusiast guy... This account is personal and only reflects my opinions, not those of my employer..🖕hackplayers @hackplayers
54K Followers 1K Following Hacking ético e in-seguridad informática: it's time to play!Bob @Bob_Wagemans
27 Followers 99 FollowingNorman @noaasm_
1K Followers 6K Following 🎓 LL.M. alumni @unioslo ⚖️ | 💼 data protection | Tweeting about international law, geopolitics, tech & data protectionUMAIR AQEEL @umairaqeel888
1 Followers 19 FollowingMohd @focusne0
3 Followers 13 Followingsiphosethu tati @Siphosethu78659
0 Followers 37 FollowingSharjeel Moqrab @sharjeel_MK
40 Followers 90 Following Lifetime Student Computer Science Graduate TechnopreneurDATABREACH NEWS 🚨�.. @NewsDatabreach
1 Followers 15 Following We will provide the latest information on attacks by hackers in breach/darkweb forums. #Databreach #DatabreachnewsSachin Kumar @0_z0x
5 Followers 83 Following Im a Security Researcher specialized in Vulnerability Assessment and Threat Hunting with strong background in Linux.Ravid Ariely @ravid_ariely
5 Followers 72 FollowingDavid.B @BoundlessMindX7
25 Followers 680 Following Cyber Pathfinder in Training 🛡️ || WGU Cybersecurity Student 💻🏫 || Intel Insights ✨and AI Enthusiast 🧠 || ⚔️Veteran || Casual 🎮🕹️👾Eldar Abbasov @abbasov
2K Followers 97 Following@tawanan90000 @tawanan90000
27 Followers 1K FollowingGhost_98 @Ghost929947
4 Followers 27 Followingx0r @x0rLab
12 Followers 73 Following CyberSecurity & Security Research & Reverse Engineering & Malware Analysismedaqueno @medaqueno2
5 Followers 88 Followingjogo @_jogo__
18 Followers 803 Following ** New account ** Linux sysadmin / DevOps / 360 IT Cybersecurity warrior Always out of comfort zonenikomynen @nikomynen
5 Followers 42 FollowingNaman Devnani @naman_devnani
331 Followers 5K Following Security Researcher | Purple Team | Bug Hunter | CTF Player | Science & Tech Enthusiast | R&D | All-Source Intelligence | CAP | DCSP | TTIA | BCDEFarzam Noori @FarzamNoori1
11 Followers 200 Following Before you act, listen. Before you react, think. Before you criticize, wait. Before you quit, try.Espionne @Espionne_007
91 Followers 346 Following -👋 Hi, I'm @ESPIONNE I'm a software engineer who is passionate about making open-source more accessibleMir Razi Ali @MirRaziAli2
6 Followers 323 Followingcarbon6 @carbon61
309 Followers 788 FollowingVladislav @Vladisl93919681
71 Followers 628 FollowingCJS @CJS019751915918
12 Followers 25 FollowingÉlodie Martin @ElodieM0407
0 Followers 70 FollowingAce Defective @DooglesEdits
48 Followers 148 Following InfoSec Engineer by day | Short Form Content Editor by night | I love frogs | Open for work DM for detailskiko_&& @KikoYousof
23 Followers 168 FollowingAmr Teleb @Amr_Teleb22
5 Followers 211 FollowingBhubonic @bhu8888
94 Followers 183 FollowingTrevor Fulmer @TrevFulm
29 Followers 124 Followingibrahem Youssef @ibrahemYousse18
4 Followers 142 Followingsan @san_0zero
20 Followers 72 FollowingThe GodHacker @ahmed_essam00
197 Followers 3K Following Be in time . time is money . time is power ### don't care about anything , ツ smileMatiasevs @evsfifa
0 Followers 250 FollowingRomeu @rmavancini
101 Followers 610 FollowingSky Walker @SkyWalk2438901
0 Followers 48 Followingr.carnate @reincarnatedz
4 Followers 243 FollowingFlorian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇MalwareHunterTeam @malwrhunterteam
219K Followers 36 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.BleepingComputer @BleepinComputer
212K Followers 175 Following Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!Binni Shah @binitamshah
132K Followers 175 Following Linux Evangelist, Malwares , Security Enthusiast, Philanthropist , Reformist , Jain. binitamshah at protonmail dot comGermán Fernández @1ZRR4H
29K Followers 575 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱blackorbird @blackorbird
28K Followers 600 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit Need JobWill @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvilMichael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaFx0rz @x0rz
98K Followers 422 Following Cybersecurity & Threat Intelligence. Knowledge is power, France is bacon 🥓The DFIR Report @TheDFIRReport
53K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion. Services: https://t.co/XW613EKt2wKostas @Kostastsale
16K Followers 364 Following @TheDFIRReport member | Tweeting and following mostly #ThreatIntel,#malware,#IR & #Threat_Hunting. Opinions are mine only! 🇬🇷🇨🇦JAMESWT @JAMESWT_MHT
35K Followers 419 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcWESET Research @ESETresearch
32K Followers 30 Following Security research and breaking news straight from ESET Research Labs.DirectoryRanger @DirectoryRanger
31K Followers 100 Following This account assembles and disseminates information related to Active Directory and Windows security.Karsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️Dark Web Intelligence @DailyDarkWeb
93K Followers 0 Following https://t.co/3gj0T4Udv3 | Your daily dose from the dark side ☠️ For any questions about a post, you can send an email to [email protected]Andrew Thompson @ImposeCost
34K Followers 1K Following Head of Research and Discovery @Mandiant/@GoogleCloud. Understanding and countering adversaries. Posts attributable to me—not my employer.James @James_inthe_box
21K Followers 438 FollowingMatthew @embee_research
12K Followers 1K Following Malware Researcher & Reverse Engineer | Creating and Sharing Educational Cyber ContentIntel-Ops @Intel_Ops_io
2K Followers 4 Following Adversary Infrastructure Hunting & Training Curated Threat Intelligence Feed (Coming Soon) https://t.co/N9OKrTrvV0 https://t.co/3YFZfEbgpIthaddeus e. grugq the.. @thegrugq
129K Followers 423 Following Hacker :: https://t.co/km8BR8E1Ga :: [email protected] :: PGP https://t.co/dYipV8y3bo :: @warstudies :: https://t.co/H3dWknFCfk :: https://t.co/Z2lWqEVVuaHackManac @H4ckManac
28K Followers 182 Following We manage the largest repository of successful public known cyber attacks aiding our customers in crafting superior Cyber Security Strategies optimizing budgetsCERT-UA @_CERT_UA
2K Followers 184 Following Урядова команда реагування на комп’ютерні надзвичайні події України CERT-UA (Computer Emergency Response Team of Ukraine CERT-UA )UN Watch @UNWatch
160K Followers 2K Following Your voice at the United Nations. The only UN-accredited NGO that monitors the world body, defends human rights and fights dictatorships and double standards.Hillel Neuer @HillelNeuer
240K Followers 2K Following International human rights lawyer, writer, Executive Director of United Nations Watch. BA, BCL, LLB, LLM & Doctor of Laws, Honoris Causa. 🇨🇦🇨🇭Cyber Team @Cyberteam008
914 Followers 50 Following Threat Hunting | APT Tracking | Malware Analysis | Darkweb Monitoring "Unity is Strength"Fox_threatintel @banthisguy9349
7K Followers 157 Following Just a person who is against cyber crime.taha @lordx64
7K Followers 5K Following I blog about exploits & malware here : https://t.co/VMeOE55UPA maintainer of Threat Intel Bot GPT https://t.co/T1cvuWHqueThreatMon @MonThreat
8K Followers 1 Following ThreatMon Cyber Threat Intelligence Platform | for IOC and C2 data: https://t.co/2ADZRdutwNGroupIB_DFIR @GroupIB_DFIR
329 Followers 52 Following @GroupIB's #DFIR team. First-hand insights from battle-tested incident respondersUNIFIL @UNIFIL_
33K Followers 260 Following Official twitter account of the United Nations Interim Force in Lebanon (UNIFIL). https://t.co/9SoatNfVERUNRWA @UNRWA
238K Followers 766 Following @UN Agency for Palestine Refugees. #DonateToUNRWA to support the largest humanitarian organisation on the ground in📍#Gaza 👉 https://t.co/Qv6ni4ePZ4Kse Proso @KseProso
1K Followers 90 Following #APT groups analyst #ThreatIntel researcher @GroupIB @GroupIB_TI Opinions are my own.Costin Raiu @craiu
38K Followers 7K Following Romanian antihacker from another planet. #threatintel #yara #chess #taekwondoIs Now on VT! @Now_on_VT
1K Followers 292 Following Get notified when interesting APT/FIN indicators of compromise appear on https://t.co/Sb3PFMresB. A threat intelligence project by @craiuzhixiang hao @HaoZhixiang
1K Followers 297 Following APT threat,Web security,Osint Shandong Lanxiang School China。My sample analysis is just for learning researchHunt.io @Huntio
369 Followers 156 Following https://t.co/aojFWxKETZ is a service that provides threat intelligence data about observed network scanning and cyber attacks.CERT Orange Cyberdefe.. @CERTCyberdef
8K Followers 419 Following First Private CERT in Europe. Tweets are about vulnerability and cyber threats. Corporate account: @OrangeCyberDef / @OrangeCyberFR GPG KeyID: 0xBD54B276Faisal @faisalusuf
2K Followers 972 Following Security Analyst | Threat Intel | CTF | Security Researcher | Detection Engineering. RT != Endorsement @faisalusuf (@infosec.exchange) | (.bsk.social)mRr3b00t @UK_Daniel_Card
93K Followers 7K Following 真理的揭露者 Quis custodiet ipsos custodes fella in cyberspace #nafo undercover #FVEY Lovely Horse #fella #meme #farm #appreciator #cyber #specialistOvi @0x0v1
276 Followers 848 Following hacker, researcher, writer & activist. disrupting APT, gov, surveillance, privacy violations & corporate injustice. In2_tech,hacking,RE,exploits,AV,multimediaNaN_FMC @fmc_nan
567 Followers 258 Following Advanced Persistent Threat Hunter Tweets are personal viewsBart @bartblaze
14K Followers 665 Following Threat Intel and more. Opinions are my own, unless retweeted. Open DMs.Tom Hegel @TomHegel
6K Followers 692 Following Information Security Research, Threat Intelligence, Adversary Analysis. Principal Threat Researcher with SentinelLabs / @SentinelOneAleksandar Milenkoski @milenkowski
2K Followers 472 Following Sr. Threat Researcher @LabsSentinel | https://t.co/lNC3T5OShC | PhD | Personal profile | 🇩🇪Paul Rascagnères @r00tbsd
17K Followers 2K Following Threat Researcher at @Volexity | Mastodon account: 🐘 @[email protected] |CERT-EU @CERTEU
15K Followers 450 Following Official account of the CERT for the EU institutions, bodies and agencies. Please use [email protected] for interaction.Gi7w0rm @Gi7w0rm
14K Followers 678 Following Threat Intelligence and #URINT Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8pt3ft3lb @t3ft3lb
2K Followers 182 Following Threat researcher, Malware analyst All tweets represent my personal opinionلب دوختگان |.. @LabDookhtegan2
3K Followers 101 Following افشای چهره منفور جمهوری اسلامی ایران در کانالهای رسمی لب دوختگان: https://t.co/xhKHbrewey… https://t.co/wvW79mSI8d https://t.co/UUBQ91sZ4n…Saudi Incident Respon.. @SaudiDFIR
9K Followers 185 Following Saudi cybersecurity research group . We do not represent any official gov entity!C2IntelFeedsBot @drb_ra
4K Followers 0 Following Mostly here for posting C2s. Thank you to @censysio for the raw data. Censys Search 2.0 extended our results massively.Joshua Penny @josh_penny
2K Followers 887 Following Senior Threat Intelligence Analyst @BridewellsecThreatBook @ThreatBookLabs
3K Followers 23 Following Expert on cyber threats detection and response. Fast detect and respond to threats with high-fidelity, efficient, actionable security intelligence.Ax Sharma @Ax_Sharma
5K Followers 1K Following Infosec Researcher, Journalist | 📰 Bylines + seen on 📸 BBC, BleepingComputer, Channel5, WaPo, TechCrunch, WIRED | 💳 Member @The_BAJ @CAJ | ✉️ Tips? [email protected]whoever at the @GCHQ cyberchef team added this thank you! Fang URL
Palo Alto GlobalProtect CVE-2024-3400 detailed analysis now public & we started to see attack attempts as of ~14 UTC today (connectivity callback tests). See: security.paloaltonetworks.com/CVE-2024-3400 for patch info/mitigation We plan to start reporting out potentially vulnerable instances soon
Am feeling very fortunate to be a part of the Alpha class for this. The authors are all top of their game and the huge amount of effort they've put into the content certainly shows. Looking forward to day 2!
#UPSTYLE backdoor targeting GlobalProtect VPN devices via CVE-2024-3400 in 3 images/stages 🔥 #0day [+] bazaar.abuse.ch/sample/3de2a43… All technical details in the blogs of: + Volexity (#UTA0218): volexity.com/blog/2024/04/1… + Unit 42 (Operation #MidnightEclipse):…
📌 Palo Alto GlobalProtect VPN 🌐📡 ▪ Shodan (41,662): http.html_hash:-1303565546 ▪ Censys (41,163): services.http.response.body_hash="sha1:28f1cf539f855fff3400f6199f8912908f51e1e1" CVE-2024-3400 (RCE exploited in the wild) ↓
📌 Palo Alto GlobalProtect VPN 🌐📡 ▪ Shodan (41,662): http.html_hash:-1303565546 ▪ Censys (41,163): services.http.response.body_hash="sha1:28f1cf539f855fff3400f6199f8912908f51e1e1" CVE-2024-3400 (RCE exploited in the wild) ↓
Our team at @Volexity has identified a new 0day exploited in the wild. This time we caught a threat actor using an unauthenticated RCE in Palo Alto Networks GlobalProtect. It has been assigned CVE-2024-3400 and is covered in this @PaloAltoNtwks advisory security.paloaltonetworks.com/CVE-2024-3400
Deanon is claiming to have the original version of Pegasus that works on all versions of Android and iOS. The pricing for the lifetime access is $ 1,500,000 👀 A few days later, Deanon offered the subscription model for Pegasus Panel. Around April 10, Apple started sending email…
Tired of those package tracking #smishing messages? In this blog post, we explore some techniques for tracking those #phishing domains using unique fingerprinting techniques developed by Validin. Also, we drop 709 phishing domains and IPs. Enjoy! validin.com/blog/unwrappin…
Analysis of 146 malicious Telegram #C2 Channels: - 68 are still up - Biggest channel contains 280,592 messages - All C2s are private channels between the actor and the bot A list of bot names, actor usernames & first names plus additional info has been compiled. Top 20 C2s:
I just had a nice conversation with the Threat Actor😅 Anyway, guys please don't fall into such lame social engineering traps. Threat Actor TTPs 👇 Social Engineering via X Impersonation of Calendly calendsly[.]cc virustotal.com/gui/ip-address… Arranging meetings or granting access…
Tracking MatanBuchus Dropper Sites Through Hardcoded Certificate Values A short guide to leveraging subdomains, certificates, time filters and cert providers to hone in on malware hosting sites. embeeresearch.io/tls-certificat… #malware #threatintel
#MustangPanda #PlugX submitted from Mongolia: f1f6024579e7c3475f5182aa177f791d1bdffc2e8ceb1e71758d02c2bdf3715a file. zip 6b35d16ab649078c24b669aafaafdcafc5a527b9a7a9e5ac1ad90d751e377a41 xlbrowser.dll 45.76.132.25 ref: lab52.io/blog/mustang-p…
New Blog! Strengthening Proactive CTI Through Collaboration 🤝 🔗 blog.bushidotoken.net/2024/04/streng… #CTI #ThreatIntel #FusionCenter #CouncilOExperts #ProactiveCTI
Uncovering APT Infrastructure with Passive DNS Pivoting This time we're taking a @MsftSecIntel APT report and identifying an additional 122 similar domains using @ValidinLLC embee-research.ghost.io/uncovering-apt… #malware #threatintel
#phishingAlert🚨New active #phishing infra targeting multiple banks like @CommBank, @HSBC_UK, @srbank, @BankofAmerica. Check 193.106.191[.]135. cc @illegalFawn @phishunt_io @PhishFeed @PhishFindR @Bank_Security #ThreatHunting #webthreats #CyberSecurity #opendir
The xz backdoor was the final part of a campaign that spanned two years of operations. These operations were predominantly HUMINT style agent operations. There was an approach that lasted months before the Jia Tan persona was well positioned to be given a trusted role.
I use this setup and it has been a great way to organize notes on #CTI and threat knowledge. For folks looking for a really great example, check out github.com/Twigonometry/C… from @mac__goodwin and is spectacularly documented. Thanks @Bank_Security
Mastering Cyber Threat Intelligence with Obsidian | by Bank Security | Mar, 2024 | Medium bank-security.medium.com/mastering-cybe…
@silascutler @mac__goodwin @Bank_Security My setup for CTI has templates for groups, people, countries, malware, roles etc. It’s a bit over the top but really comes in handy as everything is consistent. Then all infra tracking is done through canvas. Can’t show for reasons, but canvas is my fav feature ❤️
Mastering Cyber Threat Intelligence with Obsidian | by Bank Security | Mar, 2024 | Medium bank-security.medium.com/mastering-cybe…