-
if the
#darkhotel had a loyalty program,@_clem1 would be a Diamond Globalist Ambassador Elite member. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367 … -
The
#Darkhotel espionage campaign: A story of unusual hospitality https://kas.pr/TJ9G -
Continued Activity by DarkHotel APT against Japan
https://blogs.jpcert.or.jp/ja/2019/05/darkhotel_lnk.html …
IOCs:
https://otx.alienvault.com/pulse/5cee9ffe72473a4c259773b7 … #APT#DarkHotel pic.twitter.com/XscjhzmqRS
-
#darkhotel They bought 0day cyber weapons again?They have used 4 IE vulnerability weapons. https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/ …pic.twitter.com/4tNoaQ8osM
-
Bitdefender investigation on Inexsmar: the
#DarkHotel group is now targeting political figures.#Whitepaper here:https://labs.bitdefender.com/2017/07/inexsmar-an-unusual-darkhotel-campaign/?utm_source=SMGlobal&utm_medium=Twitter&utm_campaign=labs … -
(3/3) More details about features of PoC, here : https://docs.google.com/file/d/0B_oq7opm7im8ZUFQbThhSGEwT3c …
#Darkhotel -
Staying at
#DarkHotel is like having vacation at the DeathStar instead of planet Naboo. Read full story here: http://securelist.com/blog/research/66779/the-darkhotel-apt/ … -
The
@Threatpost team takes a closer look at#darkhotel https://kas.pr/rsL5 pic.twitter.com/a0IiM0nmbM
-
The
#Darkhotel APT targets top executives in their hotel rooms with zero-day exploits, signed malware, keyloggers http://securelist.com/blog/research/66779/the-darkhotel-apt/ … -
#darkhotel#0day#exploit CVE-2020-0674 Microsoft Guidance on Scripting Engine Memory Corruption Vulnerability A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200001 … -
Top dogs become the victims with CEO-targeted spyware. Stay safe when traveling: http://bit.ly/1tV8ffg
#DarkHotel pic.twitter.com/6Mwd12GuJA
-
(1/3) This PoC allows to detect if someone attempted to get an access to your Mac let in your hotel room
#Darkhotel pic.twitter.com/gGMHglWxhG
-
Threat-Hunting - APT IOCs
#APT10#APT28#APT29#APT32#DarkHotel#Iron-Tiger#Turla#sandworm-team Personal compilation of APT malware from whitepaper releases, documents and own researchhttps://github.com/sapphirex00/Threat-Hunting … -
#DarkHotel APT group's recent activities report(Chinese) https://ti.360.net/blog/articles/analysis-of-darkhotel/ … . -
#Darkhotel APT in a single video: http://www.youtube.com/watch?v=HQpGzivvtqg … -
#APT#DarkHotel Operation#Higaisa Targets China and NorthKorean and use Holiday blessing bait. New Report: https://translate.google.com/translate?hl=&sl=zh-CN&tl=en&u=https%3A%2F%2Fmp.weixin.qq.com%2Fs%2FW87E6_v9YCnsmQWDd7NOHw&sandbox=1 … PDF: https://github.com/blackorbird/APT_REPORT/blob/master/Darkhotel/higaisa/higaisa_apt_report.pdf … related https://malware.prevenity.com/2018/03/happy-new-year-wishes-from-china.html …pic.twitter.com/zBExSrUMKL
-
#Hotel#Wi-Fi Attack – Are You Safe from#DarkHotel Threat? http://www.purevpn.com/blog/darkhotel-are-you-safe-from-this-hotel-wi-fi-attack/ … via@purevpn -
CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability Based on my understand, Jscript Engine (jscript.dll) have vulnerability, it’s not equal JavaScript Engine (jscript9.dll). CVE-2018-8373 and CVE-2018-8174 are VBScript Engine.
#DarkHotel https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367 … -
#Darkhotel Old sample but some code now use it ,someone can read it
rstimgr.dll
f1d47270f5f562329a4e10436a3c92fb
pe drop
c27ed7c96380f136ef08744a197e16fd
autocheck.000page.\com/patch/chkupdate.php
automobile.freei.\me/patch/chkupdate.php
autocargo.100gbfreehost.\com
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.