-
Tweets3K
-
Followers33K
-
Following267
-
Likes3K
Nice #MooBot botnet caught by @banthisguy9349 😂 Botnet C2 domain: 🔥 putin.zelenskyj .ru Pointing to: 45.88.90.30:43957 (AS203168 Constant MOULIN 🇧🇪) DNS resolution provided by Cloudflare 🔎 Payload URLs: 🌐 urlhaus.abuse.ch/host/45.88.90.… Payload: 📄 bazaar.abuse.ch/sample/21f1caa…
We have just implemented @spamhaus DROP-ASN (Don't Route Or Peer List) on URLhaus Having a look at the top networks distributing malware, it is no big surprise to see that a big chunk of them are listed on DROP-ASN and subsequently should not be routed or peered with 🔎🕵️🛑…
#100DaysofYARA Just Launched my First YARA rule Live Hunt using YARAify by @abuse_ch 🐧 This is a Great Alternative to premium services such as Virus Total for Threat Hunting using your Own YARA Rules + Planning to upload all my YARA rules on YARAify + Might try to automate it
Another Mirai botnet 🔥. C2 at networkbotbet[.]top (NameSilo 🇺🇸 again), hosted at 91.92.240.138 on port 56999 TCP (Limenet 🇳🇱). Mirai payload URLs initially reported by @tolisec: 🌐 urlhaus.abuse.ch/host/91.92.240… Mirai payload: 📄 bazaar.abuse.ch/sample/9f68f67… Mirai botnet C2 (IOCs): 🔎…
Mirai botnet C2 at fucktheccp[.]top (NameSilo 🇺🇸), hosted at 194.110.247.222 (AlexHost 🇲🇩) on port 59666 TCP 🔥 Mirai payload URLs reported by @tolisec: 🌐 urlhaus.abuse.ch/host/194.110.2… Mirai payload: 📄 bazaar.abuse.ch/sample/5c2fcc6… Mirai botnet C2 (IOCs): 🔎 threatfox.abuse.ch/ioc/1240724/ 🔎…
So true...
An exciting year is about to end in which cyber security experts have reported more than 250,000 malware sites to URLhaus 🪲 and shared over 160,000 IOCs on ThreatFox 🦊 We have processed 7,844,382 malware samples 📄, conducted 41,847,925 YARA scans on YARAify 🔍 and generated…
Can confirm that we have seen the recent #Qbot #Quakbot #Qakbot activity. PDFs/URLs has been used since at least November 28, but can't confirm what payload it was earlier than December 11. URL example: urlhaus.abuse.ch/url/2741437/ MSI/DLL: bazaar.abuse.ch/browse/tag/teo…
🎉NOVEMBER MALWARE DIGEST | It's China again at #1 for malware distribution sites. ShadowPad dominates the ThreatFox Top 15s, 9,242,368 file scans on YARAify, and thanks to @Bryancampbell for 2639 reports! Read the report:👉 hubs.ly/Q02c78Q20 #MalwareTrends #CyberSecurity
It was a busy week for YARAify, peaking at almost 600k scans for more than 500k distinct files 📄🔍👀 Most popular newcomer was the YARA rule "mal_socks5systemz" from @Casperinous catching files associated with socks5systemz malware 🔥 Keep on hunting! 👉…
Our researchers observed threat actors sending out a malspam campaign that abuses Google' DoubleClick Ad network as an open redirect to lure people into downloading a malicious .url file that leads to DarkGate 🔥 1st stage (open redirector at DoubleClick): 👉…
Malspam campaign spreading Sliver 📧🔍👀 XLL ➡️ BitsTransfer ➡️ Sliver payload Spammend XLL: 📄 bazaar.abuse.ch/sample/b77773a… Payload URL: 🌐 urlhaus.abuse.ch/url/2726600/ Dropped Sliver payload: ⚙️ bazaar.abuse.ch/sample/a681cf9… Sliver botnet C2 at 167.235.247.158 - Hetzner 🇩🇪 🔥…
Interesting payload dropped from dhlmissed[.]com, delivering a Telegram bot and #QuasarRAT via SCP (!) 😲 Ever seen that before? zip 🗜️ -> lnk🔗 -> scp 🖥️ -> hta 📄 -> exe 🪲 SSH (SCP): [email protected] (185.196.8.30 🇺🇸) LNK (launching CMD.exe to copy HTA from…
Top malware families distributed through malware sites tracked by URLhaus in August 2023 🪲🔍👀 #1 RedLineStealer (3,251 samples)⬇️ #2 Amadey (3, 216 samples)⬇️ #3 IcedID (1,856 samples)⬇️ #4 Mirai (1,580 samples) ⬆️ #5 BumbeBee (1,001 samples) ⬇️ #6 STOP Ransomware (545…
Florian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇
MalwareHunterTeam @malwrhunterteam
219K Followers 36 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
Will @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvil
ςεяβεяμs - м�.. @c3rb3ru5d3d53c
21K Followers 235 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/SfTI8uJa23
Michael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaF
Ptrace Security GmbH @ptracesecurity
53K Followers 883 Following Empowering IT Security Professionals through Hands-On Online Courses.
Thomas Roccia 🤘 @fr0gger_
25K Followers 2K Following Sr. Threat Researcher @Microsoft, Malware Warlock, Threat Intel, Python🧡- Former @McAfee_labs, Goon @Defcon, Creator of #UnprotectProject - Tweets are my own
Germán Fernández @1ZRR4H
29K Followers 575 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Karsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️
Max_Malyutin @Max_Mal_
11K Followers 302 Following Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
James @James_inthe_box
21K Followers 438 Following
JAMESWT @JAMESWT_MHT
35K Followers 419 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcW
Virus Bulletin @virusbtn
59K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]
hasherezade @hasherezade
84K Followers 845 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
Katie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
x0rz @x0rz
98K Followers 422 Following Cybersecurity & Threat Intelligence. Knowledge is power, France is bacon 🥓
Matthew @embee_research
12K Followers 1K Following Malware Researcher & Reverse Engineer | Creating and Sharing Educational Cyber Content
Gi7w0rm @Gi7w0rm
14K Followers 678 Following Threat Intelligence and #URINT Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8p
MG @0x0M03II
3 Followers 39 Following
Jordan @FireWyrm
4 Followers 46 Following
Jo @toohol
218 Followers 4K Following
NRD7 @NordyAlamri
9 Followers 387 Following
Aminah | أمينة �.. @AmenahAm
461 Followers 523 Following Discovery Mode - DFIR - Cryptography - Malware Analysis
Exploit 0day @Exploit0day404
1 Followers 35 Following
Black Lotus Labs @BlackLotusLabs
3K Followers 562 Following The official Threat Research and Operations arm of @lumentechco. Providing #ThreatIntelligence to help protect our customers and keep the internet clean.
w00p @__N4ch0_
0 Followers 164 Following
Sebas Nick @Nick127546Nick
31 Followers 441 Following
Ravisankar @blueteamdiaries
0 Followers 14 Following
RAMBO’S little brot.. @23Nosrednac
381 Followers 5K Following I'm not a computer scientist or The Company, I am the RESISTANCE.
Smart Cherrys Tech @smartcherrystc
9K Followers 5K Following Smart Cherrys Tech is Technology World.
Sai Charan Paloju @SmartCherrysTho
27K Followers 17K Following Founder of Smart Cherrys Thoughts, Global Technology Influencer, International Speaker.
Hitesh Dalwani @HiteshDalwani
173 Followers 869 Following
D3t0xdo @ejoaquin24
157 Followers 2K Following
48D6215903DFF56 @48D6215903DFF56
0 Followers 595 Following
Daryl Parado @DrelleIntel
6 Followers 89 Following
Alexs Wijoyo @xvxalexs
106 Followers 723 Following I know nothing. Security Wannabe and NFTs connoisseur.
Smith @anonymous467566
531 Followers 6K Following
Romain @Romain344965
7 Followers 121 Following
Tucker.hack @TuckerHack
20 Followers 105 Following
Espionage @Espionage_0
16 Followers 329 Following
Mr0x4b @mr0x4b
1 Followers 9 Following
Thanks Always @iTimonPumbaa
9 Followers 368 Following
Clémence @CPouchieu
11 Followers 192 Following
M M @0pSeas
2 Followers 18 Following
cristofer_mora010101 @D4sh010101
90 Followers 1K Following
Gus Swens @GGGGGGVIC
39 Followers 423 Following
Piotr Błędowski @BledowskiP
15 Followers 198 Following
PFN @PFNelson
24 Followers 84 Following
pulsarbeans @pulsarbean
1 Followers 12 Following
whatever douchebag @notsureigetthis
70 Followers 925 Following
Dillosec @dillosec
1 Followers 121 Following
Jeremy Sanders @SandersJer62828
49 Followers 122 Following
Fhutt Wonnsp @w264481hh
34 Followers 476 Following
simone.helena87@gmail.. @Helena87Simone
0 Followers 203 Following
BrainStackOverFlow @BrainStackOver1
14 Followers 560 Following
Chocapikk 🇨🇵 @Chocapikk_
1K Followers 736 Following Pentesting Enthusiast, Hunter/Moderator at @leak_ix, Student at @OteriaCS, x18 CVEs - https://t.co/Ezbt3w1g3v Views are my own
Jordy @Jordyvanraalte
37 Followers 314 Following Digital Specialist Cybercrime | Co-founder Optify | MSc
MalwareHunterTeam @malwrhunterteam
219K Followers 36 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
Unit 42 @Unit42_Intel
51K Followers 88 Following The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.
Will @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvil
Michael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaF
blackorbird @blackorbird
28K Followers 600 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit Need Job
Thomas Roccia 🤘 @fr0gger_
25K Followers 2K Following Sr. Threat Researcher @Microsoft, Malware Warlock, Threat Intel, Python🧡- Former @McAfee_labs, Goon @Defcon, Creator of #UnprotectProject - Tweets are my own
Germán Fernández @1ZRR4H
29K Followers 575 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Karsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️
Max_Malyutin @Max_Mal_
11K Followers 302 Following Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
James @James_inthe_box
21K Followers 438 Following
JAMESWT @JAMESWT_MHT
35K Followers 419 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcW
hasherezade @hasherezade
84K Followers 845 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
Matthew @embee_research
12K Followers 1K Following Malware Researcher & Reverse Engineer | Creating and Sharing Educational Cyber Content
Gi7w0rm @Gi7w0rm
14K Followers 678 Following Threat Intelligence and #URINT Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8p
Samir @SBousseaden
24K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]
Catalin Cimpanu @campuscodi
112K Followers 1K Following Parked account. I don't post here anymore. Follow me on Mastodon: @[email protected]
Kimberly @StopMalvertisin
16K Followers 631 Following Security Researcher | Cyber Threat / Malware Analyst | Ex Sr. Threat Analyst @ Proofpoint | Founder of Stop Malvertising
Josh Stroschein | The.. @jstrosch
8K Followers 1K Following Reverse engineer at FLARE/@Google | @pluralsight author | 700K+ views on YT 😱 Find FREE resources below👇
blinkz @BlinkzSec
131 Followers 93 Following From Call Center Agent to Operation Centre Analyst 24/7 Shift Worker Interest in security + further development in this direction i also like cats :D
Fox_threatintel @banthisguy9349
7K Followers 157 Following Just a person who is against cyber crime.
Ven0m @V3n0mStrike
2K Followers 195 Following Entusiasta de la Ciberseguridad 🌐🔍 // CTF Player ☕️🚩// Guitarrista autodidacta 🎸🎶
moto_sato @58_158_177_102
7K Followers 1K Following 企業のCSIRTの人兼企業のCTOの人。シンクホールは趣味。書き込む内容は所属に関係しているものもありますが、意見や見解は個人的なもの。意識低い低い系/User side Cyber Security Researcher & sinkholer
Ian Kenefick @ian_kenefick
2K Followers 2K Following Cybercrime Fighter 🛡Threat Intelligence 🕵🏻♂️ & Malware Analysis 🦠 Fortunate to work @trendmicroRSRCH Happy to help whenever possible.
Joseliyo @Joseliyo_Jstnk
2K Followers 556 Following CTI, Hunting & Detection | Ex @McAfee @BlackBerry | Security Engineer at @Google - @VirusTotal | opinions are my own.
𝑹𝒆𝒅𝒓𝒂 @redrabytes
143 Followers 9 Following 20 y.o. // Cyber Threat Intelligence (#CTI) Threat & C2 hunter, Developer, Offensive Security.
Michael R @nahamike01
1K Followers 3K Following Threat (Adversary Infrastructure) Researcher | Python Development | Long-time Japan resident
Sh3ll. @SecureSh3ll
1K Followers 310 Following Gray Hat 🎭 Posix 💜 Hyperactive and Hypersensitive ✨ Libertarian/Alterglobalist 🕸 Music 🎵 🤡 I am scary according to some. 🤡 👅 *A guy trying stuff* 👅
Dávid Kosť @dk_samper
431 Followers 3K Following Everything SOC | All opinions are mine and not necessarily those of my employer, whoever that might be.
ThreatMon @MonThreat
8K Followers 1 Following ThreatMon Cyber Threat Intelligence Platform | for IOC and C2 data: https://t.co/2ADZRdutwN
x3ph @x3ph1
678 Followers 270 Following Hack and Hack again.. Won Top 3 in the HackTheBox ValentinesDay Tournament. Won Top 100 in the HacktheBox Cyber Apocalypse event.
Brad @malware_traffic
1K Followers 50 Following Sharing info on malware samples and infection traffic. Also on Mastodon: @[email protected]
Ovi @0x0v1
276 Followers 848 Following hacker, researcher, writer & activist. disrupting APT, gov, surveillance, privacy violations & corporate injustice. In2_tech,hacking,RE,exploits,AV,multimedia
RussianPanda 🐼 �.. @RussianPanda9xx
8K Followers 350 Following Senior Threat Intelligence Researcher at @esthreat | Threat Hunter | Malware Addict
SarlackLab @SarlackLab
279 Followers 6 Following THIS ACCOUNT IS A #BOT 🤖 (mostly) Autonomous #malware sandbox && #C2 cartographer Developed by @Abjuri5t and assistants https://t.co/KrV5T8lDY2
Who said what @g0njxa
2K Followers 187 Following qui fa lo que pot no esta obligat a mes | objetivo 2028 | Bad Student, enthusiast, more likely than an expert DMs are open, feel free to reach! 😼☂️🟣🍇👾
Kevin Beaumont @GossiTheDog
151K Followers 943 Following https://t.co/r8moXSpOva. I create cyber weather. Follow me: https://t.co/vdIisQz5hg
JPCERT/CC @jpcert_en
10K Followers 8 Following Official English Twitter account for JPCERT/CC on security alerts, blog posts, publications, etc. For Inquiries, email [email protected].
Global Government Aff.. @GlobalAffairs
453K Followers 65 Following The voice of X's Global Government Affairs team
IlluminatiFish @fish_illuminati
154 Followers 111 Following RE, CTI, IR, Malware Analysis, Phishing Detection Maintainer @phish_report IOK Researcher @ VipyrSec
Bart @bartblaze
14K Followers 665 Following Threat Intel and more. Opinions are my own, unless retweeted. Open DMs.
𝚍𝚛𝚎𝚊𝚖�.. @bofheaded
1K Followers 1K Following I just frequently hop b/w Offensive and Defensive. :) Note: kind of inactive here until TBD/IDK.
Antelox @Antelox
5K Followers 2K Following A Civil Engineer married with Mrs IDA Pro. Sons are WinDbg and OllyDbg. We live in a VM. We eat bread and malware, APT on Sunday
ELF DIGEST @elfdigest
278 Followers 9 Following Non-profit Linux malware analysis service created by @tolisec. The service performs static, behavioural and network analysis to identify IoC.
Chris Duggan @TLP_R3D
4K Followers 2K Following Inventor of Patent Pending Endpoint Threat Intelligence Agent (GB2314601.2)
FuYingLab @fuyinglab
376 Followers 1 Following Official NSFOCUS FuYingLab Twitter account. Security information on APT & botnet.
Joshua Penny @josh_penny
2K Followers 887 Following Senior Threat Intelligence Analyst @Bridewellsec
DomainGuard @GuardYourDomain
329 Followers 370 Following Proactive Phishing and Fraud Prevention. Public threat feed below. If your site is in our feed and you'd like to be removed, let us know!
Spamhaus @spamhaus
9K Followers 104 Following Changing behavior for the good of the internet, by being the trusted authority on IP and domain reputation. Mastodon: @[email protected]
sicehice @sicehice
1K Followers 52 Following Follow us for IP address OSINT, threat data aggregation, bulk IP lookups, free API access and more - https://t.co/FdwKUSr0a0
FINSIN @FINSIN_CL
272 Followers 57 Following Somos la Fundación de Investigación en Seguridad Informática. Queremos que nos acompañen mientras hacemos un poco de ruido ;) https://t.co/aexATbVuyO
NVISO Labs @NVISO_Labs
4K Followers 321 Following NVISO Labs is the research arm of @NVISOSecurity, focused on infosec research. This is where our lab rats share the results! 🐀
Leandro Fróes @leandrofr0es
280 Followers 1K Following Threat Researcher | Reverse Engineer | @MenteBinaria | Opinions are my own.
S-Owl @Sec_S_Owl
3K Followers 257 Following Security Analyst / Malware Researcher / Threat Intel / APT / Malspam / ばらまきメール回収の会(@bomccss)/ 所属に関係のない個人の意見です。pastebin.com/JcgkHDqc 63 IOC's currently still active that are used to control botnets. Fun fact is that 44 are duplicate which means that we have quite some bulletproof hosts :)
@abuse_ch helped me to fix autotagging for #hajime now all hajime's #iocs that we have recently found through @censysio and some other tools are labelled with tag:"hajime" urlhaus.abuse.ch/browse/tag/haj…
09 active Chilean IP addresses serving the #Mirai botnet hxxp://190.217.148.227:4886/i hxxp://216.155.93.238:33194/i hxxp://186.67.115.166:42924/i hxxp://179.51.168.26:10428/i hxxp://190.153.161.82:41582/i hxxp://186.67.227.98:65300/i hxxp://190.217.148.149:32075/i…
yesterday was a real run - over 40 malware reported and most of it was Mirai - but I don't think anyone can get @banthisguy9349 that fast :D @abuse_ch in addition ~1800 infected devices found via @censysio
@smica83 @abuse_ch #Rhadamanthys email example Samples bazaar.abuse.ch/browse/tag/car…
looking good again. thx @ReversingLabs i also apparently reported 8916 unique malware urls to urlhaus @abuse_ch
#lockbit sample seems to be just shared on malware bazaar from @abuse_ch bazaar.abuse.ch/sample/e4bd46e…
after posting this ip for whatever reason the ip went down! But this time its different! we observed a full move to another ip! urlhaus.abuse.ch/host/net-kille… thank you @abuse_ch for facilitating such infrastructure to make this much more convenient in tracing down baddies!
The ip 103.172.79.74:43957 keeps being used as #moobot #c2 Although me with some other Security Researcher are able to retrack the new malware samples. Vietnamese language have been observed in one of the script files urlhaus.abuse.ch/host/103.172.7…
Ahh i guess we found our issue @abuse_ch lmao
We’re aware that some users are encountering an error when logging into X or creating a new account. We’re working on it and will share an update when things are back to normal. Thanks for sticking with us!
#100DaysofYARA Finally managed to upload all my YARA rules to YARAify by @abuse_ch. Had to manually do it 🐧 + 51 (out of 66) Selected Rules were Vetted & Added + TLP:WHITE for YARA matches & the Rule itself Link to my profile: yaraify.abuse.ch/user/50301/ Already some Hits ⬇️
#opendir 182.23.67.109:8088 ▪ manchesterIsRed_b64.exe [+] bazaar.abuse.ch/sample/744b9de… ▪ medellin_a64.exe [+] bazaar.abuse.ch/sample/e537a0e… C2: 103.191.15.10 #CobaltStrike 🧐
jfrog.com/blog/data-scie… IOCs: 136.243.156[.]120:53252 210.117.212[.]93:4242 Detection: github.com/stamparm/maltr… TF: threatfox.abuse.ch/browse/malware…
#APT #Gamaredon non-DNS connections: hXXp://136.244.118.172 hXXp://143.198.136.173 hXXp://146.190.128.252 hXXp://159.223.67.132 hXXp://78.141.224.44 Detection: github.com/stamparm/maltr… cc @Cyber0verload FYI
Just released a #Python script for interacting with the @abuse_ch Malware Bazaar collection and finding samples that meet multiple criteria github.com/montysecurity/… I showcase it here hunting #CobaltStrike samples montysecurity.medium.com/hunting-cobalt…
Trends for United States
You might like
