العربية
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#iocs نتائج البحث

blackorbird's profile picture. Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit #CTI Need Job
blackorbird
@blackorbird
١٨ يونيوم

#GlassCage zero-click attack IOS Once triggered, the chain escalates to full root access via a combination of WebKit RCE (CVE-2025-24201) and Core Media kernel exploitation (CVE-2025-24085).#IOCs weareapartyof1.substack.com/p/glass-cage-z…

blackorbird's tweet image. #GlassCage zero-click attack IOS Once triggered, the chain escalates to full root access via a combination of WebKit RCE (CVE-2025-24201) and Core Media kernel exploitation (CVE-2025-24085).#IOCs weareapartyof1.substack.com/p/glass-cage-z…
blackorbird's tweet image. #GlassCage zero-click attack IOS Once triggered, the chain escalates to full root access via a combination of WebKit RCE (CVE-2025-24201) and Core Media kernel exploitation (CVE-2025-24085).#IOCs weareapartyof1.substack.com/p/glass-cage-z…
2
22
50
20
12ألف
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
٩ ديسمبرم

#botnet #iocs! 430 duplicates which means they have been online for a while. and 49 new malware urls! Malware urls/IOC's can be found here: pastebin.com/0QTEJvkX urlhaus.abuse.ch/browse/

banthisguy9349's tweet image. #botnet #iocs! 430 duplicates which means they have been online for a while. and 49 new malware urls! Malware urls/IOC's can be found here: pastebin.com/0QTEJvkX urlhaus.abuse.ch/browse/
1
2
10
7
4ألف
anyrun_app's profile picture. Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
ANY.RUN
@anyrun_app
٢٥ أغسطسم

🚨 DragonForce is a ruthless #ransomware built to paralyze organizations. It wipes backups, disables recovery, spreads across networks, and encrypts everything with no way back. Victims are left facing multimillion-dollar ransom demands 💰 See analysis & gather #IOCs:…

anyrun_app's tweet image. 🚨 DragonForce is a ruthless #ransomware built to paralyze organizations. It wipes backups, disables recovery, spreads across networks, and encrypts everything with no way back. Victims are left facing multimillion-dollar ransom demands 💰 See analysis & gather #IOCs:…
1
9
20
3
3ألف
abuse_ch's profile picture. Fighting malware and botnets
abuse.ch
@abuse_ch
٣٠ سبتمبرم

Over the last 30 days, the community shared 26,575 #IOCs on ThreatFox 🦊. That's a 83% jump on the previous month. 🚀 And topping the charts: XtremeRAT, with 6,640 IOCs 💀 Find more ThreatFox statistics here: 👉 threatfox.abuse.ch/statistics #SharingIsCaring #XtremeRAT #Malware

abuse_ch's tweet image. Over the last 30 days, the community shared 26,575 #IOCs on ThreatFox 🦊. That's a 83% jump on the previous month. 🚀 And topping the charts: XtremeRAT, with 6,640 IOCs 💀 Find more ThreatFox statistics here: 👉 threatfox.abuse.ch/statistics #SharingIsCaring #XtremeRAT #Malware…
0
5
17
1
2ألف
BlueEye46572843's profile picture. Reverse engineer & malware researcher @FitsecLtd . Interested in #APT research and targeted #malware
BlueEye
 @BlueEye46572843
٩ سبتمبر ٢٠٢٤ م

In the new #Latrodecuts version, the authors switched to AES-256 for string encryption and decryption. I provide this #IDAPython script, which you can use to extract and decrypt the strings, quickly get up to speed, and get #IOCs. github.com/Blu3Eye/Malwar…

BlueEye46572843's tweet image. In the new #Latrodecuts version, the authors switched to AES-256 for string encryption and decryption. I provide this #IDAPython script, which you can use to extract and decrypt the strings, quickly get up to speed, and get #IOCs. github.com/Blu3Eye/Malwar…
3
7
11
1
931
SpiderLabs's profile picture. The elite security team at @Trustwave. Response & Investigations. Analysis & Testing. Research & Development. Follow for info on the latest #infosec threats.
SpiderLabs
@SpiderLabs
١٧ فبرايرم

🚨 Phishing Alert: We’ve spotted fake timesheet report emails leading to the Tycoon 2FA phishing kit—now abusing Pinterest visual bookmarks as intermediaries. Stay vigilant! 🔍   #IoCs: pin[.]it/7FwOYIHSO 8a[.]nextwavxe[.]ru/zz4bnhS7UpYZhbV4xqA/ #CyberSecurity #Phishing

SpiderLabs's tweet image. 🚨 Phishing Alert: We’ve spotted fake timesheet report emails leading to the Tycoon 2FA phishing kit—now abusing Pinterest visual bookmarks as intermediaries. Stay vigilant! 🔍   #IoCs: pin[.]it/7FwOYIHSO 8a[.]nextwavxe[.]ru/zz4bnhS7UpYZhbV4xqA/ #CyberSecurity #Phishing…
1
21
85
39
7ألف
soursec_'s profile picture. Security Researcher @cloudsek, All views personal
Sourajeet
 @soursec_
١١ يوليوم

Possible Scattered Spider Infra Targeting @KennedyWilson 🕷️ /18.117.173[.]7 /kennedywilsoninc[.]com #IoCs #ScatteredSpider | #ThreatHunting #Censys @500mk500 @MichalKoczwara @malwrhunterteam @skocherhan @1ZRR4H

soursec_'s tweet image. Possible Scattered Spider Infra Targeting @KennedyWilson 🕷️ /18.117.173[.]7 /kennedywilsoninc[.]com #IoCs #ScatteredSpider | #ThreatHunting #Censys @500mk500 @MichalKoczwara @malwrhunterteam @skocherhan @1ZRR4H
soursec_'s tweet image. Possible Scattered Spider Infra Targeting @KennedyWilson 🕷️ /18.117.173[.]7 /kennedywilsoninc[.]com #IoCs #ScatteredSpider | #ThreatHunting #Censys @500mk500 @MichalKoczwara @malwrhunterteam @skocherhan @1ZRR4H
soursec_'s tweet image. Possible Scattered Spider Infra Targeting @KennedyWilson 🕷️ /18.117.173[.]7 /kennedywilsoninc[.]com #IoCs #ScatteredSpider | #ThreatHunting #Censys @500mk500 @MichalKoczwara @malwrhunterteam @skocherhan @1ZRR4H
soursec_'s tweet image. Possible Scattered Spider Infra Targeting @KennedyWilson 🕷️ /18.117.173[.]7 /kennedywilsoninc[.]com #IoCs #ScatteredSpider | #ThreatHunting #Censys @500mk500 @MichalKoczwara @malwrhunterteam @skocherhan @1ZRR4H
1
7
43
11
3ألف
TLP_R3D's profile picture. Author - The Intent Model (Kindle Books) | Malware Geek | Curated Intel Member | Threat Intelligence Expert Extraordinaire
Chris Duggan
@TLP_R3D
٣ سبتمبر ٢٠٢٤ م

🚨 Hunt Alert 🚨 Pivoted from the #SlowTempest #IOCs and uncovered a peculiar HTML page—only ~140 results globally, mainly in Hong Kong/China 🇭🇰🇨🇳. Most common port: 8888, potentially a admin/login panel. Thanks @MichalKoczwara for your input! Notably, the HTML page pivots…

TLP_R3D's tweet image. 🚨 Hunt Alert 🚨 Pivoted from the #SlowTempest #IOCs and uncovered a peculiar HTML page—only ~140 results globally, mainly in Hong Kong/China 🇭🇰🇨🇳. Most common port: 8888, potentially a admin/login panel. Thanks @MichalKoczwara for your input! Notably, the HTML page pivots…
1
18
85
29
8ألف
anyrun_app's profile picture. Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
ANY.RUN
@anyrun_app
٤ سبتمبرم

🚨 #DarkVision is a low-cost RAT used for corporate espionage and data theft, recently spread via multi-stage loaders in targeted campaigns against organizations of all sizes. 👾 See detailed analysis & gather #IOCs: any.run/malware-trends…

anyrun_app's tweet image. 🚨 #DarkVision is a low-cost RAT used for corporate espionage and data theft, recently spread via multi-stage loaders in targeted campaigns against organizations of all sizes. 👾 See detailed analysis & gather #IOCs: any.run/malware-trends…
0
11
23
7
3ألف
anyrun_app's profile picture. Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
ANY.RUN
@anyrun_app
٣٠ سبتمبرم

🚨 Meet Crocodilus! A new Android banking #trojan that's stealthily hijacking devices for full remote control and crypto seed phrase theft. Don't let it compromise your business. Discover TTPs, gather #IOCs, see analysis: any.run/malware-trends…

anyrun_app's tweet image. 🚨 Meet Crocodilus! A new Android banking #trojan that's stealthily hijacking devices for full remote control and crypto seed phrase theft. Don't let it compromise your business. Discover TTPs, gather #IOCs, see analysis: any.run/malware-trends…
2
3
13
3
2ألف
anyrun_app's profile picture. Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
ANY.RUN
@anyrun_app
٢٤ سبتمبرم

🚨 #DragonForce #ransomware is built to paralyze organizations It wipes backups, disables recovery, spreads across networks, and encrypts everything with no way back. Victims are left facing multimillion-dollar ransom demands See analysis & gather #IOCs: any.run/malware-trends…

anyrun_app's tweet image. 🚨 #DragonForce #ransomware is built to paralyze organizations It wipes backups, disables recovery, spreads across networks, and encrypts everything with no way back. Victims are left facing multimillion-dollar ransom demands See analysis & gather #IOCs: any.run/malware-trends…
0
5
20
7
2ألف
enelpc's profile picture. Hola! soy Germán Sánchez Garcés y les traigo mi blog, el cual trata temas relativos a la seguridad informática e investigaciones propias. Ocasionalmente canto.
Germán Sánchez
 @enelpc
٣ يوليو ٢٠٢٤ م

La próxima versión de #4n4lDetector será la herramienta que más nos ayudará en la recolección de #IOCs de #malware... no tengo dudas. Se han revisado y mejorado todos los módulos que la componen. Gracias a Sandra Badia Gimeno por la realización del nuevo logo de la herramienta.😘

enelpc's tweet image. La próxima versión de #4n4lDetector será la herramienta que más nos ayudará en la recolección de #IOCs de #malware... no tengo dudas. Se han revisado y mejorado todos los módulos que la componen. Gracias a Sandra Badia Gimeno por la realización del nuevo logo de la herramienta.😘
0
12
17
5
1ألف
MrSimonMargolis's profile picture. associate cto @sada
Simon
 @MrSimonMargolis
٧ ديسمبر ٢٠٢٣ م

I had a blast at the @Gartner_inc #iocs event this week! Thanks to the whole @SADA crew and shout out to @milesward for the awesome tag team presentation on what we’re seeing in the #genai space!

MrSimonMargolis's tweet image. I had a blast at the @Gartner_inc #iocs event this week! Thanks to the whole @SADA crew and shout out to @milesward for the awesome tag team presentation on what we’re seeing in the #genai space!
3
1
14
0
1ألف
anyrun_app's profile picture. Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
ANY.RUN
@anyrun_app
١٨ أغسطسم

🚨 BlackMatter is a stealthy #ransomware that hit 50+ organizations in just 4 months. From agriculture to manufacturing, it has already disrupted several critical supply chains. Ransom demands reach $30M in some cases 💰 ️See analysis & gather #IOCs: any.run/malware-trends…

anyrun_app's tweet image. 🚨 BlackMatter is a stealthy #ransomware that hit 50+ organizations in just 4 months. From agriculture to manufacturing, it has already disrupted several critical supply chains. Ransom demands reach $30M in some cases 💰 ️See analysis & gather #IOCs: any.run/malware-trends…
1
24
58
23
5ألف
soursec_'s profile picture. Security Researcher @cloudsek, All views personal
Sourajeet
 @soursec_
١٢ يوليوم

More of these #ScatteredSpider 🕷️ /146.70.87[.]184 /www-mlcrosoft[.]com /account.www-mlcrosoft[.]com /sso.www-mlcrosoft[.]com /ssoo.www-mlcrosoft[.]com #IoCs | #ThreatHunting #Censys cc : @500mk500 @malwrhunterteam @MichalKoczwara @skocherhan @1ZRR4H

soursec_'s tweet image. More of these #ScatteredSpider 🕷️ /146.70.87[.]184 /www-mlcrosoft[.]com /account.www-mlcrosoft[.]com /sso.www-mlcrosoft[.]com /ssoo.www-mlcrosoft[.]com #IoCs | #ThreatHunting #Censys cc : @500mk500 @malwrhunterteam @MichalKoczwara @skocherhan @1ZRR4H
MichalKoczwara's profile picture. Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
Michael Koczwara
@MichalKoczwara
٢٥ مايوم

Possible Scattered Spider Evilginx 🕷️🪝 /23[.]227.202.254 /mlcrosofft[.]com /ads[.]mlcrosofft[.]com /sso[.]mlcrosofft[.]com /ssoo[.]mlcrosofft[.]com Authentication systems impersonated 🥷

MichalKoczwara's tweet image. Possible Scattered Spider Evilginx 🕷️🪝 /23[.]227.202.254 /mlcrosofft[.]com /ads[.]mlcrosofft[.]com /sso[.]mlcrosofft[.]com /ssoo[.]mlcrosofft[.]com Authentication systems impersonated 🥷
MichalKoczwara's tweet image. Possible Scattered Spider Evilginx 🕷️🪝 /23[.]227.202.254 /mlcrosofft[.]com /ads[.]mlcrosofft[.]com /sso[.]mlcrosofft[.]com /ssoo[.]mlcrosofft[.]com Authentication systems impersonated 🥷
4
59
295
130
35ألف
2
27
87
51
7ألف
soursec_'s profile picture. Security Researcher @cloudsek, All views personal
Sourajeet
 @soursec_
١٣ يوليوم

Fresh IoCs for #ClickFix impersonating @bookingcom - 77.105.164[.]95/s/59ed1342-898f-4455-a521-dc4b737b6aea - booking.extranethelpid612[.]com - admin.extra-book3[.]com #IoCs | #Censys #ThreatHunting cc : @500mk500 @malwrhunterteam @MichalKoczwara @skocherhan @1ZRR4H

soursec_'s tweet image. Fresh IoCs for #ClickFix impersonating @bookingcom - 77.105.164[.]95/s/59ed1342-898f-4455-a521-dc4b737b6aea - booking.extranethelpid612[.]com - admin.extra-book3[.]com #IoCs | #Censys #ThreatHunting cc : @500mk500 @malwrhunterteam @MichalKoczwara @skocherhan @1ZRR4H
soursec_'s tweet image. Fresh IoCs for #ClickFix impersonating @bookingcom - 77.105.164[.]95/s/59ed1342-898f-4455-a521-dc4b737b6aea - booking.extranethelpid612[.]com - admin.extra-book3[.]com #IoCs | #Censys #ThreatHunting cc : @500mk500 @malwrhunterteam @MichalKoczwara @skocherhan @1ZRR4H
soursec_'s tweet image. Fresh IoCs for #ClickFix impersonating @bookingcom - 77.105.164[.]95/s/59ed1342-898f-4455-a521-dc4b737b6aea - booking.extranethelpid612[.]com - admin.extra-book3[.]com #IoCs | #Censys #ThreatHunting cc : @500mk500 @malwrhunterteam @MichalKoczwara @skocherhan @1ZRR4H
2
12
42
14
2ألف
PRODAFT's profile picture. Proactive Defense Against Future Threats | Pioneering #CyberSec and #ThreatIntelligence in Europe & MENA since ’12. CTI Platform: #USTA Risk Intel: #BLINDSPOT
PRODAFT
@PRODAFT
٢٤ يوليوم

Catch the unknowns. 🕵️‍♂️ Understand the attackers. Be ready. 🛡️ CATALYST delivers fresh IOCs & never-before-seen TTPs, linked to threat clusters. Level up your threat intel! 👉 Try it: catalyst.prodaft.com/welcome #ThreatIntel #Malware #IOCs #TTPs

PRODAFT's tweet image. Catch the unknowns. 🕵️‍♂️ Understand the attackers. Be ready. 🛡️ CATALYST delivers fresh IOCs & never-before-seen TTPs, linked to threat clusters. Level up your threat intel! 👉 Try it: catalyst.prodaft.com/welcome #ThreatIntel #Malware #IOCs #TTPs
4
3
18
6
2ألف
Udoma_Favour007's profile picture. Journalist | Media, Publicity and Public Relations Consultant | Energy, Oil & Gas Enthusiast | Media Coach | Development Advocate |Environmentalist |Arsenal fan
Mkpoikana Udoma
 @Udoma_Favour007
٦ أكتوبرم

Nigeria’s oil and gas industry is undergoing a generational shift, with international oil companies, #IOCs, gradually retreating from onshore operations while indigenous producers and #deepwater projects emerge as the drivers of growth. Read more: 👇🏾 sweetcrudereports.com/nigerias-oil-i…

Udoma_Favour007's tweet card. Nigeria's oil industry in generational shift as IOCs exit, indigenous firms rise
Nigeria's oil industry in generational shift as IOCs exit, indigenous firms rise
المصدر: sweetcrudereports.com
0
0
1
0
35
blackorbird's profile picture. Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit #CTI Need Job
blackorbird
@blackorbird
١٨ يونيوم

#GlassCage zero-click attack IOS Once triggered, the chain escalates to full root access via a combination of WebKit RCE (CVE-2025-24201) and Core Media kernel exploitation (CVE-2025-24085).#IOCs weareapartyof1.substack.com/p/glass-cage-z…

blackorbird's tweet image. #GlassCage zero-click attack IOS Once triggered, the chain escalates to full root access via a combination of WebKit RCE (CVE-2025-24201) and Core Media kernel exploitation (CVE-2025-24085).#IOCs weareapartyof1.substack.com/p/glass-cage-z…
blackorbird's tweet image. #GlassCage zero-click attack IOS Once triggered, the chain escalates to full root access via a combination of WebKit RCE (CVE-2025-24201) and Core Media kernel exploitation (CVE-2025-24085).#IOCs weareapartyof1.substack.com/p/glass-cage-z…
2
22
50
20
12ألف
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
٩ ديسمبرم

#botnet #iocs! 430 duplicates which means they have been online for a while. and 49 new malware urls! Malware urls/IOC's can be found here: pastebin.com/0QTEJvkX urlhaus.abuse.ch/browse/

banthisguy9349's tweet image. #botnet #iocs! 430 duplicates which means they have been online for a while. and 49 new malware urls! Malware urls/IOC's can be found here: pastebin.com/0QTEJvkX urlhaus.abuse.ch/browse/
1
2
10
7
4ألف
ShanHolo's profile picture. Another blue team member…..#CSIRT #DFIR #Malware #4n6 #ThreatIntel and following the white rabbit...
Shanholo
 @ShanHolo
٤ ديسمبرم

🚨#BianLian #Ransomware #IOCs #ThreatIntel🚨 🧅:hxxp://bianlivemqbawcco4cx4a672k2fip3guyxudzurfqvdszafam3ofqgqd.onion/ ⚠️#Backdoor ☣️ad5fbd52096e8bdc76d4052a5d8975a2 📡64.52.80.120 📡13.107.4.50 📡152.195.19.97 📡172.64.149.23

ShanHolo's tweet image. 🚨#BianLian #Ransomware #IOCs #ThreatIntel🚨 🧅:hxxp://bianlivemqbawcco4cx4a672k2fip3guyxudzurfqvdszafam3ofqgqd.onion/ ⚠️#Backdoor ☣️ad5fbd52096e8bdc76d4052a5d8975a2 📡64.52.80.120 📡13.107.4.50 📡152.195.19.97 📡172.64.149.23
2
4
20
6
3ألف
BlueEye46572843's profile picture. Reverse engineer & malware researcher @FitsecLtd . Interested in #APT research and targeted #malware
BlueEye
 @BlueEye46572843
٩ سبتمبر ٢٠٢٤ م

In the new #Latrodecuts version, the authors switched to AES-256 for string encryption and decryption. I provide this #IDAPython script, which you can use to extract and decrypt the strings, quickly get up to speed, and get #IOCs. github.com/Blu3Eye/Malwar…

BlueEye46572843's tweet image. In the new #Latrodecuts version, the authors switched to AES-256 for string encryption and decryption. I provide this #IDAPython script, which you can use to extract and decrypt the strings, quickly get up to speed, and get #IOCs. github.com/Blu3Eye/Malwar…
3
7
11
1
931
TLP_R3D's profile picture. Author - The Intent Model (Kindle Books) | Malware Geek | Curated Intel Member | Threat Intelligence Expert Extraordinaire
Chris Duggan
@TLP_R3D
٣ سبتمبر ٢٠٢٤ م

🚨 Hunt Alert 🚨 Pivoted from the #SlowTempest #IOCs and uncovered a peculiar HTML page—only ~140 results globally, mainly in Hong Kong/China 🇭🇰🇨🇳. Most common port: 8888, potentially a admin/login panel. Thanks @MichalKoczwara for your input! Notably, the HTML page pivots…

TLP_R3D's tweet image. 🚨 Hunt Alert 🚨 Pivoted from the #SlowTempest #IOCs and uncovered a peculiar HTML page—only ~140 results globally, mainly in Hong Kong/China 🇭🇰🇨🇳. Most common port: 8888, potentially a admin/login panel. Thanks @MichalKoczwara for your input! Notably, the HTML page pivots…
1
18
85
29
8ألف
soursec_'s profile picture. Security Researcher @cloudsek, All views personal
Sourajeet
 @soursec_
١١ يوليوم

Possible Scattered Spider Infra Targeting @KennedyWilson 🕷️ /18.117.173[.]7 /kennedywilsoninc[.]com #IoCs #ScatteredSpider | #ThreatHunting #Censys @500mk500 @MichalKoczwara @malwrhunterteam @skocherhan @1ZRR4H

soursec_'s tweet image. Possible Scattered Spider Infra Targeting @KennedyWilson 🕷️ /18.117.173[.]7 /kennedywilsoninc[.]com #IoCs #ScatteredSpider | #ThreatHunting #Censys @500mk500 @MichalKoczwara @malwrhunterteam @skocherhan @1ZRR4H
soursec_'s tweet image. Possible Scattered Spider Infra Targeting @KennedyWilson 🕷️ /18.117.173[.]7 /kennedywilsoninc[.]com #IoCs #ScatteredSpider | #ThreatHunting #Censys @500mk500 @MichalKoczwara @malwrhunterteam @skocherhan @1ZRR4H
soursec_'s tweet image. Possible Scattered Spider Infra Targeting @KennedyWilson 🕷️ /18.117.173[.]7 /kennedywilsoninc[.]com #IoCs #ScatteredSpider | #ThreatHunting #Censys @500mk500 @MichalKoczwara @malwrhunterteam @skocherhan @1ZRR4H
soursec_'s tweet image. Possible Scattered Spider Infra Targeting @KennedyWilson 🕷️ /18.117.173[.]7 /kennedywilsoninc[.]com #IoCs #ScatteredSpider | #ThreatHunting #Censys @500mk500 @MichalKoczwara @malwrhunterteam @skocherhan @1ZRR4H
1
7
43
11
3ألف
SpiderLabs's profile picture. The elite security team at @Trustwave. Response & Investigations. Analysis & Testing. Research & Development. Follow for info on the latest #infosec threats.
SpiderLabs
@SpiderLabs
١٧ فبرايرم

🚨 Phishing Alert: We’ve spotted fake timesheet report emails leading to the Tycoon 2FA phishing kit—now abusing Pinterest visual bookmarks as intermediaries. Stay vigilant! 🔍   #IoCs: pin[.]it/7FwOYIHSO 8a[.]nextwavxe[.]ru/zz4bnhS7UpYZhbV4xqA/ #CyberSecurity #Phishing

SpiderLabs's tweet image. 🚨 Phishing Alert: We’ve spotted fake timesheet report emails leading to the Tycoon 2FA phishing kit—now abusing Pinterest visual bookmarks as intermediaries. Stay vigilant! 🔍   #IoCs: pin[.]it/7FwOYIHSO 8a[.]nextwavxe[.]ru/zz4bnhS7UpYZhbV4xqA/ #CyberSecurity #Phishing…
1
21
85
39
7ألف
DmitriyMelikov's profile picture. Threat Researcher @AWNetworks #cti #apt Former Threat Researcher @BlackBerry, @InQuest
Dmitry Melikov
@DmitriyMelikov
٧ فبراير ٢٠٢٤ م

Very interesting sample. Targeting IR. b11a32e53602ea984a8608bead21c301c1bc3f2482b4cc9c69bf6876afbdb266 2 Stage > hxxps://networking.s3.ir-thr-at1[.]arvanstorage[.]ir/Payload.bat #maldoc #IoCs

DmitriyMelikov's tweet image. Very interesting sample. Targeting IR. b11a32e53602ea984a8608bead21c301c1bc3f2482b4cc9c69bf6876afbdb266 2 Stage > hxxps://networking.s3.ir-thr-at1[.]arvanstorage[.]ir/Payload.bat #maldoc #IoCs
DmitriyMelikov's tweet image. Very interesting sample. Targeting IR. b11a32e53602ea984a8608bead21c301c1bc3f2482b4cc9c69bf6876afbdb266 2 Stage > hxxps://networking.s3.ir-thr-at1[.]arvanstorage[.]ir/Payload.bat #maldoc #IoCs
2
5
20
3
2ألف
anyrun_app's profile picture. Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
ANY.RUN
@anyrun_app
٤ سبتمبرم

🚨 #DarkVision is a low-cost RAT used for corporate espionage and data theft, recently spread via multi-stage loaders in targeted campaigns against organizations of all sizes. 👾 See detailed analysis & gather #IOCs: any.run/malware-trends…

anyrun_app's tweet image. 🚨 #DarkVision is a low-cost RAT used for corporate espionage and data theft, recently spread via multi-stage loaders in targeted campaigns against organizations of all sizes. 👾 See detailed analysis & gather #IOCs: any.run/malware-trends…
0
11
23
7
3ألف
craiu's profile picture. Cybersecurity researcher focused on threat intel & APTs. Breaking down attacks, hunting threats, and crafting YARA rules. 🛡️💻 #ThreatIntel #CTI #Crypto #YARA
Costin Raiu
@craiu
٣١ ينايرم

In case you are a medical institution, it may be worth blocking this in your firewall or if you're using the CMS features, at least search internet traffic logs for the IP 202.114.4[.]119 #iocs

craiu's tweet image. In case you are a medical institution, it may be worth blocking this in your firewall or if you're using the CMS features, at least search internet traffic logs for the IP 202.114.4[.]119 #iocs
craiu's tweet image. In case you are a medical institution, it may be worth blocking this in your firewall or if you're using the CMS features, at least search internet traffic logs for the IP 202.114.4[.]119 #iocs
9
68
275
123
37ألف
CISAgov's profile picture. NOTICE: This account will not be actively managed during the lapse in federal funding. Read more: https://t.co/eHLA3OMW6h
Cybersecurity and Infrastructure Security Agency
 @CISAgov
٥ ديسمبر ٢٠٢٣ م

Our latest advisory has #TTPs, #IOCs, and recommended mitigations to protect against exploitation of CVE-2023-26360, a vulnerability in Adobe ColdFusion that was exploited for initial access to fed gov’t servers. Read advisory: go.dhs.gov/oCD

CISAgov's tweet image. Our latest advisory has #TTPs, #IOCs, and recommended mitigations to protect against exploitation of CVE-2023-26360, a vulnerability in Adobe ColdFusion that was exploited for initial access to fed gov’t servers. Read advisory: go.dhs.gov/oCD
4
32
62
4
8ألف
soursec_'s profile picture. Security Researcher @cloudsek, All views personal
Sourajeet
 @soursec_
١٢ يوليوم

More of these #ScatteredSpider 🕷️ /146.70.87[.]184 /www-mlcrosoft[.]com /account.www-mlcrosoft[.]com /sso.www-mlcrosoft[.]com /ssoo.www-mlcrosoft[.]com #IoCs | #ThreatHunting #Censys cc : @500mk500 @malwrhunterteam @MichalKoczwara @skocherhan @1ZRR4H

soursec_'s tweet image. More of these #ScatteredSpider 🕷️ /146.70.87[.]184 /www-mlcrosoft[.]com /account.www-mlcrosoft[.]com /sso.www-mlcrosoft[.]com /ssoo.www-mlcrosoft[.]com #IoCs | #ThreatHunting #Censys cc : @500mk500 @malwrhunterteam @MichalKoczwara @skocherhan @1ZRR4H
MichalKoczwara's profile picture. Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
Michael Koczwara
@MichalKoczwara
٢٥ مايوم

Possible Scattered Spider Evilginx 🕷️🪝 /23[.]227.202.254 /mlcrosofft[.]com /ads[.]mlcrosofft[.]com /sso[.]mlcrosofft[.]com /ssoo[.]mlcrosofft[.]com Authentication systems impersonated 🥷

MichalKoczwara's tweet image. Possible Scattered Spider Evilginx 🕷️🪝 /23[.]227.202.254 /mlcrosofft[.]com /ads[.]mlcrosofft[.]com /sso[.]mlcrosofft[.]com /ssoo[.]mlcrosofft[.]com Authentication systems impersonated 🥷
MichalKoczwara's tweet image. Possible Scattered Spider Evilginx 🕷️🪝 /23[.]227.202.254 /mlcrosofft[.]com /ads[.]mlcrosofft[.]com /sso[.]mlcrosofft[.]com /ssoo[.]mlcrosofft[.]com Authentication systems impersonated 🥷
4
59
295
130
35ألف
2
27
87
51
7ألف
anyrun_app's profile picture. Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
ANY.RUN
@anyrun_app
٢٥ أغسطسم

🚨 DragonForce is a ruthless #ransomware built to paralyze organizations. It wipes backups, disables recovery, spreads across networks, and encrypts everything with no way back. Victims are left facing multimillion-dollar ransom demands 💰 See analysis & gather #IOCs:…

anyrun_app's tweet image. 🚨 DragonForce is a ruthless #ransomware built to paralyze organizations. It wipes backups, disables recovery, spreads across networks, and encrypts everything with no way back. Victims are left facing multimillion-dollar ransom demands 💰 See analysis & gather #IOCs:…
1
9
20
3
3ألف
abuse_ch's profile picture. Fighting malware and botnets
abuse.ch
@abuse_ch
٣٠ سبتمبرم

Over the last 30 days, the community shared 26,575 #IOCs on ThreatFox 🦊. That's a 83% jump on the previous month. 🚀 And topping the charts: XtremeRAT, with 6,640 IOCs 💀 Find more ThreatFox statistics here: 👉 threatfox.abuse.ch/statistics #SharingIsCaring #XtremeRAT #Malware

abuse_ch's tweet image. Over the last 30 days, the community shared 26,575 #IOCs on ThreatFox 🦊. That's a 83% jump on the previous month. 🚀 And topping the charts: XtremeRAT, with 6,640 IOCs 💀 Find more ThreatFox statistics here: 👉 threatfox.abuse.ch/statistics #SharingIsCaring #XtremeRAT #Malware…
0
5
17
1
2ألف
MrSimonMargolis's profile picture. associate cto @sada
Simon
 @MrSimonMargolis
٧ ديسمبر ٢٠٢٣ م

I had a blast at the @Gartner_inc #iocs event this week! Thanks to the whole @SADA crew and shout out to @milesward for the awesome tag team presentation on what we’re seeing in the #genai space!

MrSimonMargolis's tweet image. I had a blast at the @Gartner_inc #iocs event this week! Thanks to the whole @SADA crew and shout out to @milesward for the awesome tag team presentation on what we’re seeing in the #genai space!
3
1
14
0
1ألف
soursec_'s profile picture. Security Researcher @cloudsek, All views personal
Sourajeet
 @soursec_
١٣ يوليوم

Fresh IoCs for #ClickFix impersonating @bookingcom - 77.105.164[.]95/s/59ed1342-898f-4455-a521-dc4b737b6aea - booking.extranethelpid612[.]com - admin.extra-book3[.]com #IoCs | #Censys #ThreatHunting cc : @500mk500 @malwrhunterteam @MichalKoczwara @skocherhan @1ZRR4H

soursec_'s tweet image. Fresh IoCs for #ClickFix impersonating @bookingcom - 77.105.164[.]95/s/59ed1342-898f-4455-a521-dc4b737b6aea - booking.extranethelpid612[.]com - admin.extra-book3[.]com #IoCs | #Censys #ThreatHunting cc : @500mk500 @malwrhunterteam @MichalKoczwara @skocherhan @1ZRR4H
soursec_'s tweet image. Fresh IoCs for #ClickFix impersonating @bookingcom - 77.105.164[.]95/s/59ed1342-898f-4455-a521-dc4b737b6aea - booking.extranethelpid612[.]com - admin.extra-book3[.]com #IoCs | #Censys #ThreatHunting cc : @500mk500 @malwrhunterteam @MichalKoczwara @skocherhan @1ZRR4H
soursec_'s tweet image. Fresh IoCs for #ClickFix impersonating @bookingcom - 77.105.164[.]95/s/59ed1342-898f-4455-a521-dc4b737b6aea - booking.extranethelpid612[.]com - admin.extra-book3[.]com #IoCs | #Censys #ThreatHunting cc : @500mk500 @malwrhunterteam @MichalKoczwara @skocherhan @1ZRR4H
2
12
42
14
2ألف
Max_Mal_'s profile picture. Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
Max_Malyutin
 @Max_Mal_
٢٤ مايو ٢٠٢٣ م

#Pikabot Loader #TTPs Exec Flow & #IOCs ⚡️ [+] Rundll32 [+] Process Hollowing [+] System Owner/User Discovery [+] System Network Configuration Discovery C2 servers: 192.9.135[.]73:1194 185.87.148[.]132:1194 45.85.235[.]39:2078 38.54.33[.]239:2222 129.213.54[.]49:2078

Max_Mal_'s tweet image. #Pikabot Loader #TTPs Exec Flow & #IOCs ⚡️ [+] Rundll32 [+] Process Hollowing [+] System Owner/User Discovery [+] System Network Configuration Discovery C2 servers: 192.9.135[.]73:1194 185.87.148[.]132:1194 45.85.235[.]39:2078 38.54.33[.]239:2222 129.213.54[.]49:2078
2
45
111
11
13ألف
soursec_'s profile picture. Security Researcher @cloudsek, All views personal
Sourajeet
 @soursec_
١٦ يوليوم

ClickFix IoC : generali-fx[.]com generali-fx[.]com/cloudfare #IoCs #ClickFix | #Censys #ThreatHunting cc : @500mk500 @skocherhan @MichalKoczwara @malwrhunterteam @1ZRR4H

soursec_'s tweet image. ClickFix IoC : generali-fx[.]com generali-fx[.]com/cloudfare #IoCs #ClickFix | #Censys #ThreatHunting cc : @500mk500 @skocherhan @MichalKoczwara @malwrhunterteam @1ZRR4H
soursec_'s tweet image. ClickFix IoC : generali-fx[.]com generali-fx[.]com/cloudfare #IoCs #ClickFix | #Censys #ThreatHunting cc : @500mk500 @skocherhan @MichalKoczwara @malwrhunterteam @1ZRR4H
3
1
11
2
646
RedDrip7's profile picture. Technical Twitter of QiAnXin Technology, leading Chinese security vendor. It is operated by RedDrip Team which focuses on malware, APT and threat intelligence.
RedDrip Team
 @RedDrip7
٣ يوليوم

At the recently held CYDES 2025, we disclosed #APT group #NightEagle (APT-Q-95). This threat group has been targeting high-tech industries for a long time, including chip semiconductors, AI/GPT and other fields. Actors used an unknown Exchange exploit chain. PPT: #IOCs #APT

RedDrip7's tweet image. At the recently held CYDES 2025, we disclosed #APT group #NightEagle (APT-Q-95). This threat group has been targeting high-tech industries for a long time, including chip semiconductors, AI/GPT and other fields. Actors used an unknown Exchange exploit chain. PPT: #IOCs #APT
RedDrip7's tweet image. At the recently held CYDES 2025, we disclosed #APT group #NightEagle (APT-Q-95). This threat group has been targeting high-tech industries for a long time, including chip semiconductors, AI/GPT and other fields. Actors used an unknown Exchange exploit chain. PPT: #IOCs #APT
RedDrip7's tweet image. At the recently held CYDES 2025, we disclosed #APT group #NightEagle (APT-Q-95). This threat group has been targeting high-tech industries for a long time, including chip semiconductors, AI/GPT and other fields. Actors used an unknown Exchange exploit chain. PPT: #IOCs #APT
RedDrip7's tweet image. At the recently held CYDES 2025, we disclosed #APT group #NightEagle (APT-Q-95). This threat group has been targeting high-tech industries for a long time, including chip semiconductors, AI/GPT and other fields. Actors used an unknown Exchange exploit chain. PPT: #IOCs #APT
7
24
66
22
28ألف

Something went wrong.


Something went wrong.


United States Trends