ςεяβεяμs - gμαяδιαη οƒ мαℓωαяε нεℓℓ

@c3rb3ru5d3d53c

μηςεηsοяεδ мαℓωαяε яεsεαяςнεя sταηδιηg gμαяδ ατ τнε gατεs οƒ мαℓωαяε нεℓℓ ςεηsοяεδ мαℓωαяε яεsεαяςн ιsη'τ мαℓωαяε яεsεαяςн. ιƒ λομ δοη'τ ℓικε ιτ, ƒμςκ . 😇

66.66.66.66
Vrijeme pridruživanja: kolovoz 2015.

Tweetovi

Blokirali ste korisnika/cu @c3rb3ru5d3d53c

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @c3rb3ru5d3d53c

  1. prije 9 sati

    interesting sample maybe upload from itw:1d53c2a16a049c7340e31a603ccd95dc like

    Prikaži ovu nit
    Poništi
  2. prije 19 sati
    Poništi
  3. prije 22 sata

    [webapps] Cisco Data Center Network Manager 11.2 - Remote Code Execution

    Poništi
  4. Prikaži ovu nit
    Poništi
  5. operation uses mshta dl/exec HTA w/ VBScript from C2 mail[.]googleupload[.]info, persistence w/ Xbox.lnk in startup w/ mshta to ac-2501[.]amazonaws1[.]info. Backdoor dropped in %TEMP%/uvanqvw.vbs w/ C2 103.205.179.4. Analysis/IOCs:

    Prikaži ovu nit
    Poništi
  6. A new security flaw (CVE-2020-6007) in Philips Smart Light Bulbs 💡 could let remote attackers gain access to your entire WiFi network (over-the-air without cracking password) & launch further attacks against other devices connected to the same. Details:

    Poništi
  7. prije 22 sata
    Odgovor korisniku/ci

    Sample mentioned MD5 e0eb6840da0a24f8f67102417bfdf408 Variant f79ae6e6154e939f6bcb1549a49ec400 9dbb399cbcb16d6a70c8b3094528c638 48c941d7c37f27a2fe515e7f16bdbff5 8bccd61526beb42459a67c0355cea36b

    Poništi
  8. 5. velj
    Poništi
  9. IMG-INVOICE-88766675.exe (bbd89e19c05ce1155c118a5cad937809) -> AutoIT -> w/ stolen data in %AppData% as ZIP then exfil to C2 mail[.]perrymaintenance[.]com w/ log[at]perrymaintenance[.]com. industrial cleaning company w/ compromised email server/account. 🤦‍♀️

    Poništi
  10. Obfuscated JScript (4b7e316815b22642ba212ba9dd5bb810) w/ 3 stages of obfuscation -> ActiveXObject Shell.Application -> cmd -> dl/exec hxxp://news-medias[.]ru/report[.]exe w/ powershell -> %temp%RJF67.exe. Invalid UA: 'Google Chrome' 🤣 Deobfuscated code:

    Poništi
  11. Poništi
  12. 5. velj

    [remote] HiSilicon DVR/NVR hi3520d firmware - Remote Backdoor Account

    Poništi
  13. 5. velj

    [webapps] Wago PFC200 - Authenticated Remote Code Execution (Metasploit)

    Poništi
  14. 5. velj

    [webapps] Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation

    Poništi
  15. 5. velj
    Odgovor korisniku/ci

    Samples http://45.153.184[.67/window.sct http://185.193.38[.24/windows.sct http://45.153.184.[67/window.jpeg https://185.193.[38.24/cnc/register tasks/request tasks/result

    Poništi
  16. 5. velj

    The Group use name as bait, targets China to launch attack.😡 VT has sample,search it by this ip:45.153.184.67 other name see here:

    Poništi
  17. 4. velj
    Poništi
  18. Obfuscated vbs (71538ce4da90b5748f18860a312eaf26) if argc < 25 exec args w/ ShellExec else if isolate.ini in %WinDir% smokescreen w/ live[.]com 191 times, C2 server fiffaslslslld[.]xyz w/ ExecuteGlobal C2 response. ? 😅 Deobfuscated:

    Poništi
  19. 4. velj

    via at: https://bitly[.]com/31r0api c2: barclaysb[.]wm01[.]to hash 8a53427e1c76b904ef0daacf7c8a6ec1 on cc

    Prikaži ovu nit
    Poništi
  20. 3. velj

    Holy shit. Researcher discovers that TeamViewer stores user passwords encrypted and finds the encryption key and initialization vector in the windows registry

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·