-
Tweets3K
-
Followers33K
-
Following267
-
Likes3K
Nice #MooBot botnet caught by @banthisguy9349 😂 Botnet C2 domain: 🔥 putin.zelenskyj .ru Pointing to: 45.88.90.30:43957 (AS203168 Constant MOULIN 🇧🇪) DNS resolution provided by Cloudflare 🔎 Payload URLs: 🌐 urlhaus.abuse.ch/host/45.88.90.… Payload: 📄 bazaar.abuse.ch/sample/21f1caa…
We have just implemented @spamhaus DROP-ASN (Don't Route Or Peer List) on URLhaus Having a look at the top networks distributing malware, it is no big surprise to see that a big chunk of them are listed on DROP-ASN and subsequently should not be routed or peered with 🔎🕵️🛑…
#100DaysofYARA Just Launched my First YARA rule Live Hunt using YARAify by @abuse_ch 🐧 This is a Great Alternative to premium services such as Virus Total for Threat Hunting using your Own YARA Rules + Planning to upload all my YARA rules on YARAify + Might try to automate it
Another Mirai botnet 🔥. C2 at networkbotbet[.]top (NameSilo 🇺🇸 again), hosted at 91.92.240.138 on port 56999 TCP (Limenet 🇳🇱). Mirai payload URLs initially reported by @tolisec: 🌐 urlhaus.abuse.ch/host/91.92.240… Mirai payload: 📄 bazaar.abuse.ch/sample/9f68f67… Mirai botnet C2 (IOCs): 🔎…
Mirai botnet C2 at fucktheccp[.]top (NameSilo 🇺🇸), hosted at 194.110.247.222 (AlexHost 🇲🇩) on port 59666 TCP 🔥 Mirai payload URLs reported by @tolisec: 🌐 urlhaus.abuse.ch/host/194.110.2… Mirai payload: 📄 bazaar.abuse.ch/sample/5c2fcc6… Mirai botnet C2 (IOCs): 🔎 threatfox.abuse.ch/ioc/1240724/ 🔎…
So true...
An exciting year is about to end in which cyber security experts have reported more than 250,000 malware sites to URLhaus 🪲 and shared over 160,000 IOCs on ThreatFox 🦊 We have processed 7,844,382 malware samples 📄, conducted 41,847,925 YARA scans on YARAify 🔍 and generated…
Can confirm that we have seen the recent #Qbot #Quakbot #Qakbot activity. PDFs/URLs has been used since at least November 28, but can't confirm what payload it was earlier than December 11. URL example: urlhaus.abuse.ch/url/2741437/ MSI/DLL: bazaar.abuse.ch/browse/tag/teo…
🎉NOVEMBER MALWARE DIGEST | It's China again at #1 for malware distribution sites. ShadowPad dominates the ThreatFox Top 15s, 9,242,368 file scans on YARAify, and thanks to @Bryancampbell for 2639 reports! Read the report:👉 hubs.ly/Q02c78Q20 #MalwareTrends #CyberSecurity
It was a busy week for YARAify, peaking at almost 600k scans for more than 500k distinct files 📄🔍👀 Most popular newcomer was the YARA rule "mal_socks5systemz" from @Casperinous catching files associated with socks5systemz malware 🔥 Keep on hunting! 👉…
Our researchers observed threat actors sending out a malspam campaign that abuses Google' DoubleClick Ad network as an open redirect to lure people into downloading a malicious .url file that leads to DarkGate 🔥 1st stage (open redirector at DoubleClick): 👉…
Malspam campaign spreading Sliver 📧🔍👀 XLL ➡️ BitsTransfer ➡️ Sliver payload Spammend XLL: 📄 bazaar.abuse.ch/sample/b77773a… Payload URL: 🌐 urlhaus.abuse.ch/url/2726600/ Dropped Sliver payload: ⚙️ bazaar.abuse.ch/sample/a681cf9… Sliver botnet C2 at 167.235.247.158 - Hetzner 🇩🇪 🔥…
Interesting payload dropped from dhlmissed[.]com, delivering a Telegram bot and #QuasarRAT via SCP (!) 😲 Ever seen that before? zip 🗜️ -> lnk🔗 -> scp 🖥️ -> hta 📄 -> exe 🪲 SSH (SCP): [email protected] (185.196.8.30 🇺🇸) LNK (launching CMD.exe to copy HTA from…
Top malware families distributed through malware sites tracked by URLhaus in August 2023 🪲🔍👀 #1 RedLineStealer (3,251 samples)⬇️ #2 Amadey (3, 216 samples)⬇️ #3 IcedID (1,856 samples)⬇️ #4 Mirai (1,580 samples) ⬆️ #5 BumbeBee (1,001 samples) ⬇️ #6 STOP Ransomware (545…
Florian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇MalwareHunterTeam @malwrhunterteam
219K Followers 36 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.Will @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvilςεяβεяμs - м�.. @c3rb3ru5d3d53c
21K Followers 235 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/SfTI8uJa23Michael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaFPtrace Security GmbH @ptracesecurity
53K Followers 883 Following Empowering IT Security Professionals through Hands-On Online Courses.Thomas Roccia 🤘 @fr0gger_
25K Followers 2K Following Sr. Threat Researcher @Microsoft, Malware Warlock, Threat Intel, Python🧡- Former @McAfee_labs, Goon @Defcon, Creator of #UnprotectProject - Tweets are my ownGermán Fernández @1ZRR4H
29K Followers 575 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱Karsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️Max_Malyutin @Max_Mal_
11K Followers 302 Following Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”James @James_inthe_box
21K Followers 438 FollowingJAMESWT @JAMESWT_MHT
35K Followers 419 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcWVirus Bulletin @virusbtn
59K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]hasherezade @hasherezade
84K Followers 845 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)Katie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]x0rz @x0rz
98K Followers 422 Following Cybersecurity & Threat Intelligence. Knowledge is power, France is bacon 🥓Matthew @embee_research
12K Followers 1K Following Malware Researcher & Reverse Engineer | Creating and Sharing Educational Cyber ContentGi7w0rm @Gi7w0rm
14K Followers 678 Following Threat Intelligence and #URINT Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8pMG @0x0M03II
3 Followers 39 FollowingJordan @FireWyrm
4 Followers 46 FollowingJo @toohol
218 Followers 4K FollowingNRD7 @NordyAlamri
9 Followers 387 FollowingAminah | أمينة �.. @AmenahAm
461 Followers 523 Following Discovery Mode - DFIR - Cryptography - Malware AnalysisExploit 0day @Exploit0day404
1 Followers 35 FollowingBlack Lotus Labs @BlackLotusLabs
3K Followers 562 Following The official Threat Research and Operations arm of @lumentechco. Providing #ThreatIntelligence to help protect our customers and keep the internet clean.w00p @__N4ch0_
0 Followers 164 FollowingSebas Nick @Nick127546Nick
31 Followers 441 FollowingRavisankar @blueteamdiaries
0 Followers 14 FollowingRAMBO’S little brot.. @23Nosrednac
381 Followers 5K Following I'm not a computer scientist or The Company, I am the RESISTANCE.Smart Cherrys Tech @smartcherrystc
9K Followers 5K Following Smart Cherrys Tech is Technology World.Sai Charan Paloju @SmartCherrysTho
27K Followers 17K Following Founder of Smart Cherrys Thoughts, Global Technology Influencer, International Speaker.Hitesh Dalwani @HiteshDalwani
173 Followers 869 FollowingD3t0xdo @ejoaquin24
157 Followers 2K Following48D6215903DFF56 @48D6215903DFF56
0 Followers 595 FollowingDaryl Parado @DrelleIntel
6 Followers 89 FollowingAlexs Wijoyo @xvxalexs
106 Followers 723 Following I know nothing. Security Wannabe and NFTs connoisseur.Smith @anonymous467566
531 Followers 6K FollowingRomain @Romain344965
7 Followers 121 FollowingTucker.hack @TuckerHack
20 Followers 105 FollowingEspionage @Espionage_0
16 Followers 329 FollowingMr0x4b @mr0x4b
1 Followers 9 FollowingThanks Always @iTimonPumbaa
9 Followers 368 FollowingClémence @CPouchieu
11 Followers 192 FollowingM M @0pSeas
2 Followers 18 Followingcristofer_mora010101 @D4sh010101
90 Followers 1K FollowingGus Swens @GGGGGGVIC
39 Followers 423 FollowingPiotr Błędowski @BledowskiP
15 Followers 198 FollowingPFN @PFNelson
24 Followers 84 Followingpulsarbeans @pulsarbean
1 Followers 12 Followingwhatever douchebag @notsureigetthis
70 Followers 925 FollowingDillosec @dillosec
1 Followers 121 FollowingJeremy Sanders @SandersJer62828
49 Followers 122 FollowingFhutt Wonnsp @w264481hh
34 Followers 476 Followingsimone.helena87@gmail.. @Helena87Simone
0 Followers 203 FollowingBrainStackOverFlow @BrainStackOver1
14 Followers 560 FollowingChocapikk 🇨🇵 @Chocapikk_
1K Followers 736 Following Pentesting Enthusiast, Hunter/Moderator at @leak_ix, Student at @OteriaCS, x18 CVEs - https://t.co/Ezbt3w1g3v Views are my ownJordy @Jordyvanraalte
37 Followers 314 Following Digital Specialist Cybercrime | Co-founder Optify | MScMalwareHunterTeam @malwrhunterteam
219K Followers 36 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.Unit 42 @Unit42_Intel
51K Followers 88 Following The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.Will @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvilMichael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaFblackorbird @blackorbird
28K Followers 600 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit Need JobThomas Roccia 🤘 @fr0gger_
25K Followers 2K Following Sr. Threat Researcher @Microsoft, Malware Warlock, Threat Intel, Python🧡- Former @McAfee_labs, Goon @Defcon, Creator of #UnprotectProject - Tweets are my ownGermán Fernández @1ZRR4H
29K Followers 575 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱Karsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️Max_Malyutin @Max_Mal_
11K Followers 302 Following Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”James @James_inthe_box
21K Followers 438 FollowingJAMESWT @JAMESWT_MHT
35K Followers 419 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcWhasherezade @hasherezade
84K Followers 845 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)Matthew @embee_research
12K Followers 1K Following Malware Researcher & Reverse Engineer | Creating and Sharing Educational Cyber ContentGi7w0rm @Gi7w0rm
14K Followers 678 Following Threat Intelligence and #URINT Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8pSamir @SBousseaden
24K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]Catalin Cimpanu @campuscodi
112K Followers 1K Following Parked account. I don't post here anymore. Follow me on Mastodon: @[email protected]Kimberly @StopMalvertisin
16K Followers 631 Following Security Researcher | Cyber Threat / Malware Analyst | Ex Sr. Threat Analyst @ Proofpoint | Founder of Stop MalvertisingJosh Stroschein | The.. @jstrosch
8K Followers 1K Following Reverse engineer at FLARE/@Google | @pluralsight author | 700K+ views on YT 😱 Find FREE resources below👇blinkz @BlinkzSec
131 Followers 93 Following From Call Center Agent to Operation Centre Analyst 24/7 Shift Worker Interest in security + further development in this direction i also like cats :DFox_threatintel @banthisguy9349
7K Followers 157 Following Just a person who is against cyber crime.Ven0m @V3n0mStrike
2K Followers 195 Following Entusiasta de la Ciberseguridad 🌐🔍 // CTF Player ☕️🚩// Guitarrista autodidacta 🎸🎶moto_sato @58_158_177_102
7K Followers 1K Following 企業のCSIRTの人兼企業のCTOの人。シンクホールは趣味。書き込む内容は所属に関係しているものもありますが、意見や見解は個人的なもの。意識低い低い系/User side Cyber Security Researcher & sinkholerIan Kenefick @ian_kenefick
2K Followers 2K Following Cybercrime Fighter 🛡Threat Intelligence 🕵🏻♂️ & Malware Analysis 🦠 Fortunate to work @trendmicroRSRCH Happy to help whenever possible.Joseliyo @Joseliyo_Jstnk
2K Followers 556 Following CTI, Hunting & Detection | Ex @McAfee @BlackBerry | Security Engineer at @Google - @VirusTotal | opinions are my own.𝑹𝒆𝒅𝒓𝒂 @redrabytes
143 Followers 9 Following 20 y.o. // Cyber Threat Intelligence (#CTI) Threat & C2 hunter, Developer, Offensive Security.Michael R @nahamike01
1K Followers 3K Following Threat (Adversary Infrastructure) Researcher | Python Development | Long-time Japan residentSh3ll. @SecureSh3ll
1K Followers 310 Following Gray Hat 🎭 Posix 💜 Hyperactive and Hypersensitive ✨ Libertarian/Alterglobalist 🕸 Music 🎵 🤡 I am scary according to some. 🤡 👅 *A guy trying stuff* 👅Dávid Kosť @dk_samper
431 Followers 3K Following Everything SOC | All opinions are mine and not necessarily those of my employer, whoever that might be.ThreatMon @MonThreat
8K Followers 1 Following ThreatMon Cyber Threat Intelligence Platform | for IOC and C2 data: https://t.co/2ADZRdutwNx3ph @x3ph1
678 Followers 270 Following Hack and Hack again.. Won Top 3 in the HackTheBox ValentinesDay Tournament. Won Top 100 in the HacktheBox Cyber Apocalypse event.Brad @malware_traffic
1K Followers 50 Following Sharing info on malware samples and infection traffic. Also on Mastodon: @[email protected]Ovi @0x0v1
276 Followers 848 Following hacker, researcher, writer & activist. disrupting APT, gov, surveillance, privacy violations & corporate injustice. In2_tech,hacking,RE,exploits,AV,multimediaRussianPanda 🐼 �.. @RussianPanda9xx
8K Followers 350 Following Senior Threat Intelligence Researcher at @esthreat | Threat Hunter | Malware AddictSarlackLab @SarlackLab
279 Followers 6 Following THIS ACCOUNT IS A #BOT 🤖 (mostly) Autonomous #malware sandbox && #C2 cartographer Developed by @Abjuri5t and assistants https://t.co/KrV5T8lDY2Who said what @g0njxa
2K Followers 187 Following qui fa lo que pot no esta obligat a mes | objetivo 2028 | Bad Student, enthusiast, more likely than an expert DMs are open, feel free to reach! 😼☂️🟣🍇👾Kevin Beaumont @GossiTheDog
151K Followers 943 Following https://t.co/r8moXSpOva. I create cyber weather. Follow me: https://t.co/vdIisQz5hgJPCERT/CC @jpcert_en
10K Followers 8 Following Official English Twitter account for JPCERT/CC on security alerts, blog posts, publications, etc. For Inquiries, email [email protected].Global Government Aff.. @GlobalAffairs
453K Followers 65 Following The voice of X's Global Government Affairs teamIlluminatiFish @fish_illuminati
154 Followers 111 Following RE, CTI, IR, Malware Analysis, Phishing Detection Maintainer @phish_report IOK Researcher @ VipyrSecBart @bartblaze
14K Followers 665 Following Threat Intel and more. Opinions are my own, unless retweeted. Open DMs.𝚍𝚛𝚎𝚊𝚖�.. @bofheaded
1K Followers 1K Following I just frequently hop b/w Offensive and Defensive. :) Note: kind of inactive here until TBD/IDK.Antelox @Antelox
5K Followers 2K Following A Civil Engineer married with Mrs IDA Pro. Sons are WinDbg and OllyDbg. We live in a VM. We eat bread and malware, APT on SundayELF DIGEST @elfdigest
278 Followers 9 Following Non-profit Linux malware analysis service created by @tolisec. The service performs static, behavioural and network analysis to identify IoC.Chris Duggan @TLP_R3D
4K Followers 2K Following Inventor of Patent Pending Endpoint Threat Intelligence Agent (GB2314601.2)FuYingLab @fuyinglab
376 Followers 1 Following Official NSFOCUS FuYingLab Twitter account. Security information on APT & botnet.Joshua Penny @josh_penny
2K Followers 887 Following Senior Threat Intelligence Analyst @BridewellsecDomainGuard @GuardYourDomain
329 Followers 370 Following Proactive Phishing and Fraud Prevention. Public threat feed below. If your site is in our feed and you'd like to be removed, let us know!Spamhaus @spamhaus
9K Followers 104 Following Changing behavior for the good of the internet, by being the trusted authority on IP and domain reputation. Mastodon: @[email protected]sicehice @sicehice
1K Followers 52 Following Follow us for IP address OSINT, threat data aggregation, bulk IP lookups, free API access and more - https://t.co/FdwKUSr0a0FINSIN @FINSIN_CL
272 Followers 57 Following Somos la Fundación de Investigación en Seguridad Informática. Queremos que nos acompañen mientras hacemos un poco de ruido ;) https://t.co/aexATbVuyONVISO Labs @NVISO_Labs
4K Followers 321 Following NVISO Labs is the research arm of @NVISOSecurity, focused on infosec research. This is where our lab rats share the results! 🐀Leandro Fróes @leandrofr0es
280 Followers 1K Following Threat Researcher | Reverse Engineer | @MenteBinaria | Opinions are my own.S-Owl @Sec_S_Owl
3K Followers 257 Following Security Analyst / Malware Researcher / Threat Intel / APT / Malspam / ばらまきメール回収の会(@bomccss)/ 所属に関係のない個人の意見です。pastebin.com/JcgkHDqc 63 IOC's currently still active that are used to control botnets. Fun fact is that 44 are duplicate which means that we have quite some bulletproof hosts :)
@abuse_ch helped me to fix autotagging for #hajime now all hajime's #iocs that we have recently found through @censysio and some other tools are labelled with tag:"hajime" urlhaus.abuse.ch/browse/tag/haj…
09 active Chilean IP addresses serving the #Mirai botnet hxxp://190.217.148.227:4886/i hxxp://216.155.93.238:33194/i hxxp://186.67.115.166:42924/i hxxp://179.51.168.26:10428/i hxxp://190.153.161.82:41582/i hxxp://186.67.227.98:65300/i hxxp://190.217.148.149:32075/i…
yesterday was a real run - over 40 malware reported and most of it was Mirai - but I don't think anyone can get @banthisguy9349 that fast :D @abuse_ch in addition ~1800 infected devices found via @censysio
@smica83 @abuse_ch #Rhadamanthys email example Samples bazaar.abuse.ch/browse/tag/car…
looking good again. thx @ReversingLabs i also apparently reported 8916 unique malware urls to urlhaus @abuse_ch
#lockbit sample seems to be just shared on malware bazaar from @abuse_ch bazaar.abuse.ch/sample/e4bd46e…
after posting this ip for whatever reason the ip went down! But this time its different! we observed a full move to another ip! urlhaus.abuse.ch/host/net-kille… thank you @abuse_ch for facilitating such infrastructure to make this much more convenient in tracing down baddies!
The ip 103.172.79.74:43957 keeps being used as #moobot #c2 Although me with some other Security Researcher are able to retrack the new malware samples. Vietnamese language have been observed in one of the script files urlhaus.abuse.ch/host/103.172.7…
Ahh i guess we found our issue @abuse_ch lmao
We’re aware that some users are encountering an error when logging into X or creating a new account. We’re working on it and will share an update when things are back to normal. Thanks for sticking with us!
#100DaysofYARA Finally managed to upload all my YARA rules to YARAify by @abuse_ch. Had to manually do it 🐧 + 51 (out of 66) Selected Rules were Vetted & Added + TLP:WHITE for YARA matches & the Rule itself Link to my profile: yaraify.abuse.ch/user/50301/ Already some Hits ⬇️
#opendir 182.23.67.109:8088 ▪ manchesterIsRed_b64.exe [+] bazaar.abuse.ch/sample/744b9de… ▪ medellin_a64.exe [+] bazaar.abuse.ch/sample/e537a0e… C2: 103.191.15.10 #CobaltStrike 🧐
jfrog.com/blog/data-scie… IOCs: 136.243.156[.]120:53252 210.117.212[.]93:4242 Detection: github.com/stamparm/maltr… TF: threatfox.abuse.ch/browse/malware…
#APT #Gamaredon non-DNS connections: hXXp://136.244.118.172 hXXp://143.198.136.173 hXXp://146.190.128.252 hXXp://159.223.67.132 hXXp://78.141.224.44 Detection: github.com/stamparm/maltr… cc @Cyber0verload FYI
Just released a #Python script for interacting with the @abuse_ch Malware Bazaar collection and finding samples that meet multiple criteria github.com/montysecurity/… I showcase it here hunting #CobaltStrike samples montysecurity.medium.com/hunting-cobalt…