Kevin

@GoCyberYourself

Threat intelligence researcher.

Vrijeme pridruživanja: studeni 2019.

Tweetovi

Blokirali ste korisnika/cu @GoCyberYourself

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @GoCyberYourself

  1. proslijedio/la je Tweet
    3. velj

    Possible APT34 domain lebanonbuilder[.]com was registered on 2/2 through THCservers using cd.redel@protonmail[.]com and is hosted on a probable dedicated server at 23.106.160[.]127. In :

    Poništi
  2. proslijedio/la je Tweet
    31. sij

    Want to see how the red team weaponizes threat intel for R&D and TTP development? Check out some research I did with and . Also includes some new executables that can be used for DLL abuse.

    Poništi
  3. 30. sij

    Suspicious domain hr-westat\.com was registered on 1/25 by george.kayak@yandex\.com. One to watch considering the report on .

    Poništi
  4. proslijedio/la je Tweet
    30. sij

    New campaign from . The Iranian-backed group is using an updated toolset tailored to US-based companies to evade detection. Technical analysis by & :

    Poništi
  5. proslijedio/la je Tweet
    27. sij

    NEW: a cyber-espionage campaign that has attacked organisations across Europe and the Middle East for the last two years is believed to be the work of hackers acting in the interests of the Turkish government, sources tell me, and

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    24. sij

    Two suspicious domains registered through NameCheap at essentially the same time on 1/16/20 and hosted on dedicated servers in M247 IP space: - ms6-upload-serv3[.]com (185.236.202[.]248) - state-awe3-apt[.]com (185.236.203[.]247) In :

    Poništi
  7. proslijedio/la je Tweet
    22. sij

    Here is the link to the SpecterOps Adversary Tactics: PowerShell course material: Enjoy! For information about our current training offerings, information can be found here: (4/4)

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet

    Here’s the first (new) 2020 IP from our Russian friends in apartment 28: 184.95.51.172 Using an older known domain but the first server we saw being setup in 2020, around January 13th to be exact.

    Poništi
  9. proslijedio/la je Tweet
    15. sij

    Looks like the x64 variant hit VTI: becb74a8a71a324c78625aa589e77631633d0f15af1473dfe34eca06e7ec6b86

    Poništi
  10. proslijedio/la je Tweet
    15. sij

    Hainan Xiandun Technology Company is APT40. They recruited Hainan based Cambodian linguists three months before APT40 conducted their Cambodia campaign.

    Poništi
  11. 15. sij

    Suspicious domain defenseisrael[.]com was registered through Njalla on 1/14 and is currently hosted at 185.10.68[.]221.

    Poništi
  12. proslijedio/la je Tweet
    14. sij

    So just to be explicit about our research , we initially came across the cubenergy-my-sharepoint[.]com by exploiting some consistencies that we've seen in previous Fancy Bear infrastructure.

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    13. sij

    Check our new post: APT27 ZxShell RootKit module updates

    Poništi
  14. proslijedio/la je Tweet
    13. sij

    We aren't the only people to be suspicious of the Hainan front companies: "How can you find this company on the Internet, can I trust this job advert?" asks one Chinese netizen.

    Poništi
  15. 11. sij

    Suspicious domains verifyacount[.]com and venifyaccount[.]com were recently registered through Njalla and are hosted at 145.239.41[.]166

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·