You might like
Following up on our last analysis of Trickbot's web inject module we are now publishing a deep dive into the module: kryptoslogic.com/blog/2022/01/d…
Telltale now has data on the Log4j 2 (CVE-2021-44228) vulnerability, over the coming days this data will expand as we find new ways to scan for this complex attack surface. CERTs and Orgs with their assets added will see data in real time as we find it. telltale.kryptoslogic.com
We're hiring! Come join our growing threat research team developing new and interesting capabilities to automate analysis of threats and help improve the victim discovery/notification process. jobs.kryptoslogic.com/o/research-eng…
We've just scanned for CVE-2021-41773 and found at least 12,000 vulnerable hosts on the internet, likely more out there. Make sure you patch! The list of vulnerable hosts has been loaded into Telltale (telltale.kryptoslogic.com).
We observed changes to AnchorDNS & an interesting new component - read more about it here: kryptoslogic.com/blog/2021/07/a…
We recently discovered some changes TrickBot made to their webinjects module, read about our finding here: kryptoslogic.com/blog/2021/06/t…
ProxyLogon stats: 250k uniq IPs scanned, 29796 vulnerable, 97827 shells across 15150 unique IPs. This data has been loaded into Telltale (telltale.kryptoslogic.com). Please patch and run Microsoft's MSERT tool to clean up any webshells
Out of the 237496 exchange servers we just scanned, 31454 were vulnerable to ProxyLogon/CVE-2021-26855. This list has been loaded into Telltale (telltale.kryptoslogic.com). Please patch and run Microsoft's MSERT tool to clean up any webshells
Second run of yesterday's Special Report containing data from a later (2021-03-14 23:30:00 UTC) run of @kryptoslogic's potentially vulnerable MS #Exchange server Internet-wide scan just sent out. Increases data from 59142 to 73555 unique IPs, in 6501 to 7254 ASNS, 211 to 212 geos
Another Special Report just sent, using Internet-wide scan data to detect vulnerable MS Exchange servers from @kryptoslogic (hat tip!). Blog provides a comparison of coverage between that and our previous Special Report: shadowserver.org/news/shadowser… Report: shadowserver.org/what-we-do/net…
Special Report just re-run containing updated data on web shells dropped on compromised MS #Exchange servers, again courtesy of @kryptoslogic. 2021-03-15 edition covers 22731 easily found web shells exposed on 20437 unique IP addresses - all requiring urgent remediation
With many un-patched MS #Exchange Servers still being rapidly compromised, we have partnered with @kryptoslogic to provide another Special Report covering 6720 exposed webshells that could be used to deploy ransomware, etc. Please remediate urgently! shadowserver.org/news/shadowser…
We just finished another scan for webshells. This time we looked at double the number of paths and found 22731 shells across 12861 unique source IPs. This list has been loaded into Telltale (telltale.kryptoslogic.com).
Out of the 231084 exchange servers we just scanned, 62018 were vulnerable to ProxyLogon/CVE-2021-26855. Once again this list has been loaded into Telltale (telltale.kryptoslogic.com). Please patch and run Microsoft's MSERT tool to clean up any webshells
With many un-patched MS #Exchange Servers still being rapidly compromised, we have partnered with @kryptoslogic to provide another Special Report covering 6720 exposed webshells that could be used to deploy ransomware, etc. Please remediate urgently! shadowserver.org/news/shadowser…
We've just discovered 6970 exposed webshells which are publicly exposed and were placed by actors exploiting the Exchange vulnerability. These shells are being used to deploy ransomware. If you're signed up to Telltale (telltale.kryptoslogic.com) you can check you're not affected
We came across a new Trickbot module used for network reconnaissance - read more here: kryptoslogic.com/blog/2021/02/t…
As a result of the law enforcement takedown of Emotet we're able to distribute alerts to victims via our platform: telltale.kryptoslogic.com Read more about the takedown here: europol.europa.eu/newsroom/news/…
Faster Poly1305 key multicollisions kryptoslogic.com/blog/2021/01/f…
Huge thanks to @kryptoslogic for our new #GO bindings! 🥳 github.com/kryptoslogic/u…
United States Trends
- 1. $BNKK N/A
- 2. Pond 192K posts
- 3. Good Monday 36.8K posts
- 4. #MondayMotivation 35.8K posts
- 5. Happy 250th 3,782 posts
- 6. Semper Fi 4,784 posts
- 7. Obamacare 215K posts
- 8. Rudy Giuliani 23.3K posts
- 9. #Talus_Labs N/A
- 10. Go Birds 3,148 posts
- 11. #SoloLaUniónNosHaráLibres N/A
- 12. Victory Monday 1,334 posts
- 13. #MondayVibes 2,531 posts
- 14. #LingHerHynessTiktokLive 452K posts
- 15. LINGLING BA HERHYNESS 452K posts
- 16. The BBC 476K posts
- 17. Mark Meadows 21.2K posts
- 18. Edmund Fitzgerald 4,265 posts
- 19. 8 Democrats 13.5K posts
- 20. Devil Dogs 1,427 posts
You might like
-
Steve YARA Synapse Miller
@stvemillertime -
SpecterOps
@SpecterOps -
Arkbird
@Arkbird_SOLG -
Red Canary, a Zscaler company
@redcanary -
Thomas Roccia 🤘
@fr0gger_ -
Patrick Wardle
@patrickwardle -
Christopher Glyer
@cglyer -
GreyNoise
@GreyNoiseIO -
Roberto Rodriguez 🇵🇪
@Cyb3rWard0g -
Tommy M (TheAnalyst)
@ffforward -
kmkz
@kmkz_security -
Panos Gkatziroulis 🦄
@netbiosX -
Paul Melson
@pmelson -
Vess
@VessOnSecurity -
ExecuteMalware
@executemalware
Something went wrong.
Something went wrong.