Kyle Ehmke @kyleehmke
Threat intel researcher focused on infrastructure hunting. Views are my own and not my employer's. Others: @[email protected] @kyleehmke.bsky.social Joined March 2014-
Tweets2K
-
Followers5K
-
Following306
-
Likes2K
Another John Mark Dougan domain administered via the same account as britishchronicle[.]com, gbgeopolitics[.]com, and londonchronicle[.]news: foreignagentintel[.]com
Suspicious domains softupdate[.]org (5.45.93[.]209) and teamsupdate[.]org (5.61.51[.]33) were registered in short proximity through Njalla on 4/3.
Suspicious domain docstorage[.]link was registered through Njalla on 4/2. It and subdomain drv[.]docstorage[.]link resolve to 212.46.38[.]222 and redirect to legitimate Microsoft sites.
Suspicious domain msdn-live[.]com was registered through Njalla on 3/25 and resolves to 89.147.109[.]166. Domain is hosting a remote support portal.
Some recent domains administered via Parscale / Nucleus accounts indicating the company has done work for websites related to a Jair Bolsonaro-led protest and event: dia25euvou[.]com[.]br euapoioisrael[.]com[.]br
Couple of Parscale / Nucleus domains purporting to be local news: buckeyestatenews[.]com bigskyprospector[.]com Site content currently in development.
Recently acquired domain most likely administered by Parscale / Nucleus: carteltracker[.]com
The @sansforensics #CTI Summit videos are up - check out an in-depth discussion of what "indicators" mean within #ThreatIntel youtu.be/8QpsmMAQOUI?si…
Suspicious domain msftauth[.]com was registered through Njalla on 2/15. Co-located with the similarly registered (1/31) domain googlservices[.]com at 195.85.114[.]11.
Suspicious domain salesmicrosoft[.]com was registered through RockHoster on 2/13 and resolves to 104.248.200[.]223.
Suspicious domain aws-data[.]in was registered through Njalla on 2/11 and resolves to 185.216.68[.]154.
Suspicious domain intel-drivers[.]com was registered through Njalla on 2/6 and is resolving to IPs 193.142.30[.]96 and 193.142.30[.]81.
Suspicious domain worldclksyncsvr[.]com was registered through Njalla on 2/2 and resolves to 5.255.118[.]21.
Suspicious domains registered separately through OrangeWebsite on 1/30 that resolve to nondedicated infrastructure, but have subs on dedicated infrastructure: msedge-srv2[.]com db2.msedge-srv2[.]com (91.207.183[.]103) msedge-tenet[.]com zone1.msedge-tenet[.]com (91.207.183[.]222)
Two sets of suspicious domains registered through Njalla about ten min apart on 1/18: msft-events[.]com event-msft[.]com msftncis[.]com ncsimsft[.]net Not definitively related, but timing, theme, and string switching suggest an overlap. Not hosted, but worth keeping an eye on.
Sherrod DeGrippo 🦓 @sherrod_im
31K Followers 7K Following Strawberry Tempest. Weird security voyeur. Vibe merchant. CISO of your heart. Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast.
Katie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
John Hultquist @JohnHultquist
28K Followers 1K Following Chief Analyst, Mandiant Intelligence @Google. @CYBERWARCON and @SLEUTHCON founder. Johns Hopkins professor. Army vet.
Justin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Will @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvil
blackorbird @blackorbird
28K Followers 600 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit Need Job
Joe Słowik 🌻 @jfslowik
29K Followers 1K Following CTI, OT/ICS, DE&TH, and related infosec content. Oh, and memes. And shitposting. Lots of shitposting.
Michael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaF
Girth Brooks @r0wdy_
17K Followers 1K Following
Kim Zetter @KimZetter
95K Followers 3K Following Journalist - cyber/national security. Author - COUNTDOWN TO ZERO DAY: Stuxnet and the Launch of the World's First Digital Weapon. https://t.co/334DzfSL1f
Steve YARA Synapse Mi.. @stvemillertime
15K Followers 1K Following cyber-physical intel @google writing & sharing on adversary tradecraft, dfir, malware, threat detection, ics/ot intel and all things #yara
Germán Fernández @1ZRR4H
29K Followers 575 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Nick Carr @ItsReallyNick
38K Followers 4K Following Lead, Cyber Crime Intelligence @Microsoft ☠🏛️ Former Incident Response + Threat Research @Mandiant 🦅 Former Chief Technical Analyst @CISAgov 🛡️
Paul Melson @pmelson
15K Followers 1K Following Author/Operator of @ScumBots. Blue Team by day, Blue Team by night. Opinions, typos, and bad grammar do not represent my employer. He/Him
Tyler McLellan @tylabs
3K Followers 599 Following Intrusion aficionado. @Google/@Mandiant Advanced Practices
JD Work @HostileSpectrum
8K Followers 1K Following Former intel, now academic @NDU_CIC, @TheKrulakCenter, @SIWPSColumbia @ColumbiaSIPA, @CyberStatecraft, @ElliottSchoolGW, @PAISWarwick. Apolitical, views=own
I//uS!0nS @c03rci0n
79 Followers 891 Following
Av4x @Av4xor
67 Followers 413 Following i like malware, cti, geopolitics, and khachapuri. | IR Analyst @TheParanoids
Will @William48233471
1K Followers 649 Following USMC vet, A & P mechanic and fitness enthusiast. Spent years traveling Central and South America
Michael Scott @MichaelSco77349
3 Followers 25 Following
Your.Demo.Master @YourDemoMaster
281 Followers 5K Following
Silicon Freak @FreakSilicon
15 Followers 136 Following
bot blocker | бло�.. @antibot4navalny
11K Followers 633 Following Exposing troll farms: 🇷🇺🇺🇦 // Cited by @NYTimes @WashingtonPost @FT @CNN @TheTimes @Wired @TheEconomist @libe @alhurra @haaretzcom @the_Ins_ru @agents_media
cscfufo @cscfufo
27 Followers 2K Following
ibun Hydara @MannehBuba12712
88 Followers 1K Following GOD creates GOD loves GOD helps GOD hears GOD heals GOD saves GOD speaks GOD blesses GOD teaches GOD watches GOD answers GOD defends GOD forgives
Steve Townsend @SteveTownsend0
15K Followers 12K Following Brit in NYC Computer programming lifer. #SlavaUkraini #StandWithIsrael #FreePalestineFromHamas
Billie @BillieGoatin
3K Followers 3K Following Aspiring Purple Teamer 💜 | Former Web #Developer #PHP👩🏻💻 | #InfoSec Enthusiast | #Programmer | #Math | Always Learning 👩🏻🏫 | Mum
G4l@n 🇪🇸 @CGC_PhD
2K Followers 2K Following IT & International Relations Lawyer. Interested in #Security, #Intelligence & #disinformation. Lecturer @uc3m, @Nebrija. Collaborator @monitordisinfo
E Rosalie @Info_Rosalie
19K Followers 825 Following Public health + national security • Johns Hopkins alum • Tracking mysterious weaponized pigeons and FIMI • Most likely building a database somewhere
Jørgen B. @omgjurg
10 Followers 61 Following
hks @_zzzwwwzzz_
8 Followers 460 Following
Andreas Bråthen @andtux
4 Followers 703 Following
Marius Gundersen @Marius314159
1 Followers 10 Following
HaCky @HaCkyWang
10 Followers 176 Following
Ерши @mo1kram
17 Followers 926 Following
Endre @change_sec
15 Followers 60 Following
Beth Hepworth @beth_no1
122 Followers 1K Following Intelligence Director at PGI. Our team specializes in complex environments and advanced OSINT and social media intelligence
Sylvain @xsylvain
248 Followers 538 Following Cybersecurity entrepreneur, @Exabeam, @Imperva. Topics mostly about tech, cyber and design, some geopolitics. Usually rant-free.
gnida project @gnidaproject
20 Followers 38 Following Всероссийский научно-исследовательский институт гнид
Irregular Horizons @i_horizons_
32 Followers 452 Following Thoughts and analysis on online media ecosystems, influence operations, and data-driven open-source research. Here to man the wall. 🛡️ 👁️🗨️ 🔎
xuhan jin @JinXuhan56466
1 Followers 37 Following
Nsk @nsk_offl_
315 Followers 3K Following Director🎬& Lyricist of Kattravai Katrapin & Onedaykadhalan CyberSecurity Analyst,Travel freak, Ardent Suriya ❤ Jo,Maddy🤩,VJS😍 Fan,CR7MSD Fan🤟,Maduraikaran😎
Azhan @ShykhAzhan
0 Followers 26 Following
MoeSec @MoeSecCom
6 Followers 233 Following Website Hack Repair, Malware & Blacklist removal services. Website Firewall Protection Digital Forensics Vulnerability Assessment & Penetration Testing
Natalie Huet @NatalieHuet
731 Followers 979 Following Senior Analyst at @NewsGuardRating. Previously journalist and sub-editor @Euronews and @Reuters & contributing reporter @POLITICOEurope
Tartao @il_tarta
167 Followers 539 Following
Fran ElObjetivo @Franelobjetivo1
568 Followers 2K Following Ing. aeronáutico y actualmente buceando en el mundo jurídico-penal. RTs not endorsements.
RavenDarkholmeMystiqu.. @raven_myst30160
0 Followers 1 Following
Rodrigo Gothardi @RGothardi
8 Followers 82 Following
Mike Katz-Lacabe 😷 @mlacabe
1K Followers 288 Following Director of Research, Oakland Privacy, focused on law enforcement surveillance technologies (ALPR, StingRay, etc). Parent. Spouse. Also on Mastodon.
James Kethon @JKethon
15 Followers 64 Following
seantelligence @niksadecimal
300 Followers 843 Following intel nerd & admitted tech idiot. tier 6 memes only. ridin w/ no tint so mf-ers know it's me. thoughts=mine. crusty vet. human rights ally.
Pi Lover @caratluvr17ot13
30 Followers 644 Following
n hawk @nighthawk1921
17 Followers 139 Following
Sherrod DeGrippo 🦓 @sherrod_im
31K Followers 7K Following Strawberry Tempest. Weird security voyeur. Vibe merchant. CISO of your heart. Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast.
Katie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
John Hultquist @JohnHultquist
28K Followers 1K Following Chief Analyst, Mandiant Intelligence @Google. @CYBERWARCON and @SLEUTHCON founder. Johns Hopkins professor. Army vet.
blackorbird @blackorbird
28K Followers 600 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit Need Job
Joe Słowik 🌻 @jfslowik
29K Followers 1K Following CTI, OT/ICS, DE&TH, and related infosec content. Oh, and memes. And shitposting. Lots of shitposting.
Michael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaF
Unit 42 @Unit42_Intel
51K Followers 88 Following The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.
The DFIR Report @TheDFIRReport
53K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion. Services: https://t.co/XW613EKt2w
Girth Brooks @r0wdy_
17K Followers 1K Following
Steve YARA Synapse Mi.. @stvemillertime
15K Followers 1K Following cyber-physical intel @google writing & sharing on adversary tradecraft, dfir, malware, threat detection, ics/ot intel and all things #yara
Nick Carr @ItsReallyNick
38K Followers 4K Following Lead, Cyber Crime Intelligence @Microsoft ☠🏛️ Former Incident Response + Threat Research @Mandiant 🦅 Former Chief Technical Analyst @CISAgov 🛡️
Paul Melson @pmelson
15K Followers 1K Following Author/Operator of @ScumBots. Blue Team by day, Blue Team by night. Opinions, typos, and bad grammar do not represent my employer. He/Him
JD Work @HostileSpectrum
8K Followers 1K Following Former intel, now academic @NDU_CIC, @TheKrulakCenter, @SIWPSColumbia @ColumbiaSIPA, @CyberStatecraft, @ElliottSchoolGW, @PAISWarwick. Apolitical, views=own
Jazi @h2jazi
7K Followers 522 Following Threat Intel researcher! Technical tweets only; not reflective of employer's views. No endorsement of political groups/entities.
Just Another Nerd @NicoleBeckwith
41K Followers 8K Following Manager, Threat Operations @kroger 🍓 Intel, Hunting, Detection Engineering, Insider Risk & Fraud. 💻 Fmr LE & DFIR for OH & Secret Service TF. ✝️ #FSD
Silas Cutler // p1nk @silascutler
13K Followers 2K Following Hacker, sometimes researcher @Only_Scans, @mal_share Resident Hacker @InsideStairwell, Adjunct Senior Cyber Threat Researcher @IST_org,
ςεяβεяμs - м�.. @c3rb3ru5d3d53c
21K Followers 235 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/SfTI8uJa23
bot blocker | бло�.. @antibot4navalny
11K Followers 633 Following Exposing troll farms: 🇷🇺🇺🇦 // Cited by @NYTimes @WashingtonPost @FT @CNN @TheTimes @Wired @TheEconomist @libe @alhurra @haaretzcom @the_Ins_ru @agents_media
Intel-Ops @Intel_Ops_io
2K Followers 4 Following Adversary Infrastructure Hunting & Training Curated Threat Intelligence Feed (Coming Soon) https://t.co/N9OKrTrvV0 https://t.co/3YFZfEbgpI
McKenzie Sadeghi @SadeghiMckenzie
851 Followers 2K Following Editor, AI and Foreign Influence @NewsGuardRating
Silent Push @silentpush
601 Followers 347 Following Enterprise threat intelligence & threat hunting. We Know First.
Paul Myers @PaulMyersBBC
10K Followers 3K Following BBC Verify / BBC Academy trainer and journalist. Opinions are my own. Link/RT is not an endorsement. Find me at paulmyersbbc on Bluesky, Instagram, Facebook etc
Mike Wendling @mwendling
8K Followers 4K Following US National Digital Reporter @BBCNews. Formerly @BBCTrending. DAY OF RECKONING out May 2024: https://t.co/fTVmW1ciEu [email protected] #billsmafia
Mona Damian @monadomain
101 Followers 529 Following professional lurker👀. interpret IOCs @LinkedIn. learnt translating @UniofOxford @SAISHopkins. tweets all mine.
Johan @Syndikalist
257 Followers 566 Following Mostly RT interesting stuff. RT != Endorsement and all that jazz. #WeAreNAFO
Sebastian Walla @SebastianWalla
200 Followers 586 Following Did a Cybersecurity Bachelor and Master in Computer Science with a focus on Security. Senior Security Researcher - Cloud Security. Opinion/Thoughts are my own.
Léa Ronzaud @Lea_Ronzaud
339 Followers 498 Following Senior Investigator @Graphika_NYC OSINT/State-Sponsored IOs/Cybercrime/Hacktivism/Extremism All views are my own 🇬🇧🇪🇪🇩🇪🇺🇦🇲🇫🇷🇺
Jake Knowlton @j2k3k
2K Followers 2K Following @Mandiant | Board member at @VeteranSec | https://t.co/6nviinvBUQ | tweets are my own | Ask me why I hate Andrew Northern
VV @_vventura
1K Followers 567 Following THIS ACCOUNT IS NOT ACTIVE. NEW https://t.co/IbsMvvpwZp My opinions are my own not my employer
Asheer Malhotra @asheermalhotra
352 Followers 1K Following Threat Researcher @TalosSecurity. Metalhead. Shitposter. Not necessarily in that order. Opinions are my own. #CTI #APT @[email protected]
John Bambenek @bambenek
32K Followers 1K Following Artisanal Malware Curator. Big data wrangler. Founder of threat intelligence company, Bambenek Labs.
Robert Giczewski @lazy_daemon
697 Followers 354 Following Interested in CTI/Malware Analysis/RE, DFIR and windows exploitation. I like video games & tech as well 🙂. CTI @ Deutsche Telekom Security. Tweets are my own.
Sean M. McNee @seanmcnee
143 Followers 580 Following Making a safe, secure, and open Internet at @DomainTools.
Thomas Arnold @0xEBFE_
60 Followers 331 Following Principal Security Researcher at MSTIC | Malware Analyst | Former Soace Shuttle Flight Controller
Daniel Gordon @ValidHorizon
695 Followers 288 Following Thought Trailer, Cyber Threat Intel, DFIR, and influence operations. Blocked by a lot of terrible people. He/him ValidHorizon on the other site
Kristina Balaam @chmodxx_
6K Followers 1K Following 💻 Senior Staff Threat Researcher @Lookout. 中文学习. Malware, Threat Intel, International Relations, Human Rights. Opinions my own.
Justin @sixdub
11K Followers 1K Following Microsoft Threat Intelligence | Student @ GMU Antonin Scalia Law School | USAFA '10 & USAF Veteran | Focus: Intelligence, Technology, Leadership
Ben Nimmo @benimmo
30K Followers 1K Following Writer, linguist, diver. Investigating, analysing and exposing influence ops. RT ≠ endorsement.
[email protected].. @killchain
2K Followers 226 Following I'm an analyst. I co-authored the paper that introduced the kill chain to information security. Just my personal views here.
Michael R @nahamike01
1K Followers 3K Following Threat (Adversary Infrastructure) Researcher | Python Development | Long-time Japan resident
Kimberly @StopMalvertisin
16K Followers 631 Following Security Researcher | Cyber Threat / Malware Analyst | Ex Sr. Threat Analyst @ Proofpoint | Founder of Stop Malvertising
Stop Wagner @stopwagnergroup
3K Followers 319 Following Humanitarian workers. Witnesses of #Wagner's crimes and behavior in #Africa. Raising awareness on #PMC exactions in #Ukraine and the #MiddleEast.
Tom Hegel @TomHegel
6K Followers 691 Following Information Security Research, Threat Intelligence, Adversary Analysis. Principal Threat Researcher with SentinelLabs / @SentinelOne
Greg Schloemer @Greg_Schloemer
1K Followers 1K Following Threat Intelligence Analyst @Microsoft (MSTIC). VP/Board of Directors @kc7cyber. Tweets are mine. He/him
Simeon @simandsec
2K Followers 1K Following Threat Intel @Microsoft Threat Intelligence. @HowardU and @Cambridge_Uni alum. Founder @kc7cyber. Sometimes says things that make sense. Views are my own.
Digital_Monet @aRtAGGI
2K Followers 265 Following Binary and Art Recovery Specialist. aka "The White Glove"
Jaime @JaimeD1371
56 Followers 323 Following Interested in intersection between cyber and econ | Alum @1st_Marine_Div and USG | Trained @ucdavis and @JohnsHopkins | Doer |
OrdoPaintus @OrdoPaintus
46 Followers 113 Following A strange mix of cyber, cats, IPSC and wargaming. All opinions/thoughts are my own.
Jack Stubbs @jc_stubbs
10K Followers 2K Following VP of Intelligence, @Graphika_NYC. Previously: Russia, Ukraine, cyber for @Reuters. All views my own - this one ☝️ is the Isle of Harris.
Ian Campbell @neurovagrant
3K Followers 1K Following Security ops engineer, writer, voracious reader. he/him. Opinions here mine only. Autistic/depressed/anxious/hungry. Also at https://t.co/KNCF1YJNSq
BeijingJoe @FDjoes
548 Followers 367 Following
steven monacelli @stevanzetti
80K Followers 5K Following special investigative correspondent @texasobserver • publisher @proteanmag • words in many places • cofounder @apprenticedtx • contact me & support my work 👇🔗
Winnona 💾 @__winn
3K Followers 2K Following Harvard & Georgetown MPP/JD candidate. @CyberStatecraft / @BelferCenter fellow, ex-Google threat research. Dog mom. Opinions=my own 👩🏻💻
Volexity @Volexity
8K Followers 7 Following A security firm providing Incident Response, Proactive Threat Assessments, Trusted Advisory, and Threat Intelligence
InfoSecProf @_John_Doyle
2K Followers 808 Following Cyber threat intelligence | Mandiant | SANS FOR578 instructor | Member of @curatedintelligence | Arcane Trickster | Ex-CIA | Posts represent my personal views
Bex @cyberlabrador
96 Followers 160 Following Clustering Spider intel for @CrowdStrike. Dog aficionado 🐕 Thoughts/opinions are my own.
Also, some personal and professional news: I have spawned. Am very happy about this. I am on leave and will be mostly off the clock until mid-summer. If you can, try to ensure there isn't any news between now and then. Thank you.
@CD_R0M_ That looks like OUTRIDER TIGER to me. Unless you're in a car full of Pakistani diplomats it should be fine.
The @sansforensics #CTI Summit videos are up - check out an in-depth discussion of what "indicators" mean within #ThreatIntel youtu.be/8QpsmMAQOUI?si…
Shutd0wn is the CEO of I-SOON, Wu Haibo, so that makes sense -- good background read here: nattothoughts.substack.com/p/i-soon-anoth…
I made a single JSON file from the iSoon/Anxun leak (that you can grab from here (github.com/soufianetahiri…) The very first analysis shows that the two key figures are lengmo and Shutd0wn:
The whole Texas Nationalist Movement infrastructure is suspicious as hell.
This is obviously a Russian. Only Russia talks about the value of a warm water port. Because the US as a whole has several and this has never been an issue for us.
Nice to be attending the SANS CTI Summit in person again after many years! I'm excited to see old friends and make some new connections. Please say hi if you see me around! (If you're not in DC, sign up to attend virtually for free)
📣 Starting Monday: Attend #CTISummit Free Live Online to enjoy 21 highly technical #CTI talks from @billmarczak @fr0gger_ @Cyb3rWard0g @jfslowik @euphoricfall @jamieantisocial @klrgrz @s0urcesmeth0ds @jaded_muse & more! ➡️ View Agenda & Register Here: sans.org/u/1rB5
Artist depiction of #CTI sharing groups
'Clear Story News' claimed that @ZelenskyyUa ordered the killing of a journalist in #Egypt, after he exposed a 4.5M$ villa purchase by a Zelensky relative. Except, all of that was fake. For @The_NewArab: another node in 'DC Weekly' disinfo network newarab.com/investigations…
Happy Accidents in Domain Registration monitoring, amirite @kyleehmke
Hunting Adversary Infrastructure Training update! 🔥 The training will start from the basics and the main objective will be to help you develop your own hunting methodologies. If you are interested you can sign up here 👇docs.google.com/forms/d/10oy2Z… All details are in the slides.
Hunting Adversary Infrastructure Training Update. I am currently working on the syllabus for my upcoming training program, which will consist of approx 16 modules covering both theory and practical labs. In this training, I will teach you how to hunt down Ransomware Groups,…
Sneak peek🔥 Already 42 pages on Hunting Lazarus Group🇰🇵 with practical examples/step-by-step walkthrough and is not finished yet. In this module, you will learn cool pivoting techniques!
view-invoice-onedrive[.]site was recently registered through NetworkSolutions and resolves to 20.243.23[.]241, along with one subdomain. Both domains use a Let's Encrypt cert with an interesting subject common name of invoicing-onedriv[.]site
@kyleehmke Setting up disinfo infrastructure and letting it cook?
We love when researchers use Censys! Check out this excellent post by @MichalKoczwara doing just that: michaelkoczwara.medium.com/threat-intel-p… Do you want to further your understanding of the Internet? Think you’d benefit from researcher level access? Drop us a note! support.censys.io/hc/en-us/artic…
Interesting #Domain kasperskgor[.]com registered through Njalla[.]io yesterday redirects to 360[.]net @kaspersky
the amount of malicious domain names you can find just by using keywords 📈
Suspicious domains cloud-storage[.]download (213.139.205[.]143) and cloud-servers[.]download (213.139.205[.]113) were registered through Njalla on 11/10 about 15 min apart. Relevant subdomains: onedrive[.]cloud-storage[.]download adobe[.]cloud-servers[.]download
@kyleehmke Geez…nothing good is gonna happen with those domains
Trends for United States
You might like
