Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @MBThreatIntel
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @MBThreatIntel
-
Prikvačeni tweet
Interested in threat hunting and making the internet a safer place? We are looking for a threat intelligence analyst to join our team. Apply here: https://jobs.malwarebytes.com/job/2035502
#infosecjobs#ThreatIntelHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Seeing lots of
#malspam distributing#AgentTesla via Word/Excel combo, followed by PowerShell -> fake image Subject: eFAX Message from #[0-9]{8} Payload URL: 107.189.10[.]150/ui/10357780.jpg Payload hash: 7ca62123dabe70a6419aec5cbb2244a5be224789beaf4f4356b6cea9b29df7a7pic.twitter.com/hYi5sKyMBq
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Malvertising into
#RIGEK dropping#Dridex. * IoCs * RIG EK: 193.168.3[.]92 Dridex: 9b0635de1bb4a3ae883c514150fb8f8bf5a24bc1b6b1d627435cd886f7397d46pic.twitter.com/4OxFT9FAcp
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Malpam with
#Dridex VBS loader fingerprinting the system. * IoCs * Dridex: 635ded83b8e1be3fea6e8899627164f0f983831ce59bb37ddf4a89f86b86b46dpic.twitter.com/RVRNrRikms
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#Malspam pushing#AgentTesla via CVE-2017-11882 (Equation Editor exploit). * IoCs * f440a587d49886b52586d9dfa8f9a17226b612e10e17cb5b09851ee6abdfdf82 windowsfirewallsecurityauthorise.duckdns[.]org/lvc/svch.exe 7984f74486d3ea0408c80b7474d555b4a2fe5cc9982d8468bd3887a8dbef22b7pic.twitter.com/Yg6NZMmQi5
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Submissions to
@urlscanio show that this browlock was active for over 2 years. This query allows you to go back to December 2017: https://urlscan.io/search/#%22%26list%3D200000%22%20OR%20%22%26list%3D600000%22%20OR%20%22%2Fen%2Freport.php%3F%22 …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Following our investigation into the most sophisticated browser locker campaign to date, a large part of the infrastructure (including the stegano server) was taken down. No new browlock observed since 01/23. Ref: https://blog.malwarebytes.com/threat-analysis/2020/01/woof-locker-stealthy-browser-locker-tech-support-scam/ …
#WOOFlocker#browlock#TechSupportScamspic.twitter.com/SIurLCSlSv
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
IOCs from this campaign can be downloaded in STIX2 format here:https://github.com/MBThreatIntel/TSS/blob/master/woof.stix2 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Amazingly, this browlock campaign has been around for over 2 years. The use of more advanced traffic deception techniques are one of the reasons why it has been active for that long.pic.twitter.com/KnmYhBoXIs
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This browlock also shows how tech support scam operations involve different threat actors who specialize in their area of expertise.pic.twitter.com/bu3NP6q2p6
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
If victims call the toll-free number they will be sold bogus support packages for hundreds of dollars.pic.twitter.com/9uSN3yALNV
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The browlock itself currently locks up the latest version of Firefox (and is barely handled by Chrome).pic.twitter.com/JGmKSKrIwf
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Attempts to replay the browlock chain via a traffic capture are foiled because of server-issued session keys. To be served the browlock, a series of conditions must be fulfilled.pic.twitter.com/0sNnCaT8Ge
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Machines are fingerprinted before being served a fake PNG image (steganography). It hides encrypted data that only a unique key can decrypt on the fly.pic.twitter.com/bIK3ulXrYZ
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The infamous browlock produces unique and time sensitive URLs, resulting in 404s by the time you investigate them.pic.twitter.com/g9JEIVtIjY
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This
#browlock has it all: advanced traffic filtering, steganography and anti-reply techniques.https://twitter.com/jeromesegura/status/1220017472046125057 …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MB Threat Intel proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Apple
#phish * IOCs * peanutallergymom[.]com/.well-known/acme-challenge/ maternidadeluizacoelho[.]com[.]br/Writeable/default/pic.twitter.com/xfxA4Ui0bl
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
As seen by others,
#Emotet is back in business after the holiday break. Emotet binary: c79c0b2ce7fa6546ef76ca240ec643c4138071109de3adc3859c778e1a90d351 C2s: 99.252.27[.]6 152.231.89[.]226 86.123.138[.]76 51.159.23[.]217pic.twitter.com/x1Y5FqVWTA
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.