Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @kyleehmke
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @kyleehmke
-
Suspicious domain casewithwillingprocess[.]com was registered through Njalla on 1/29 and is hosted on a probable dedicated server at 80.255.3[.]90.pic.twitter.com/ydyLnWyEzi
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Possible APT34 domain lebanonbuilder[.]com was registered on 2/2 through THCservers using cd.redel@protonmail[.]com and is hosted on a probable dedicated server at 23.106.160[.]127. In
@ThreatConnect: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=2989360197 …pic.twitter.com/vokwbytFai
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kyle Ehmke proslijedio/la je Tweet
@kyleehmke The following recently registered domains also have similar registration & hosting patterns with apt34 infrastructure. Of course, this is just for awareness and does not imply attribution: - wastedsituation[.]com - godoycrus[.]comhttps://twitter.com/kyleehmke/status/1151944337598668801 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
As of late January, domain renodesmart[.]com is now hosted at 88.80.148[.]26. Was previously hosted at 81.17.20[.]6. https://twitter.com/kyleehmke/status/1113085089909440513 …pic.twitter.com/AD0wPosOk2
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kyle Ehmke proslijedio/la je Tweet
Suspicious domain hr-westat\.com was registered on 1/25 by george.kayak@yandex\.com. One to watch considering the
@IntezerLabs report on#apt34.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
A couple other recent, possible APT34 domains, based on findings in the below
@IntezerLabs report: - westat-hr[.]com (ili.olanas@protonmail[.]com, 142.234.157[.]131) - hr-westat[.]com (george.kayak@yandex[.]com) In@ThreatConnect: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=2980436792 … https://twitter.com/IntezerLabs/status/1222943551467794432 …pic.twitter.com/7OgiqhccWY
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Windows-spoofing domain windowsupdateassistant[.]com was registered on 12/20 through Njalla and, as of 1/30, is hosted on a probable dedicated server at 185.193.127[.]81.pic.twitter.com/GBGWsI7mL6
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Another possibly related domain, tide30mcsoft[.]com, was registered on 1/28 through THCservers using superanimal_1802@inbox[.]lv. Domain is hosted on a probable dedicated server at 193.29.187[.]82.pic.twitter.com/JTqlgS9Nij
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious domain logisticamazon[.]org was registered through ITitch on 1/28 using melangeur1923@inbox[.]lv and is hosted on a probable dedicated server at 185.82.126[.]180.pic.twitter.com/Gzc0SJEAPs
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious domain digitalscube[.]com was registered through Aminserve on 1/29 using rosariodeluca@mail[.]ee and is hosted on a probable dedicated server at M247 IP 185.244.213[.]7.pic.twitter.com/9Mln936Cev
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Another similar domain, wwwco4testmcsoft[.]com, was registered on 1/28 through Njalla. Domain is also hosted at 185.82.126[.]210.pic.twitter.com/wBY4YCz0HA
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious domains wwwco2testmcsoft[.]org and ubuntuget[.]com (80.255.3[.]98) registered through Aminserve using stancaliv@outlook[.]com. A similar domain, wwco4testmcsoft[.]com (185.82.126[.]210), was created on 1/27 through Njalla. In
@ThreatConnect: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=2968678007 …pic.twitter.com/DDosFaj7G1
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Another domain, onedrive-live[.]tel (registered on 1/24 through Njalla), is now hosted at 198.211.122[.]103 along with the same subdomains as the previous domains.pic.twitter.com/t98bFtzwzp
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kyle Ehmke proslijedio/la je Tweet
Here’s another one from our fury friends in apartment 28: atasuitsec[.]com => 88.80.148.38 SOA: you@can-get-no[.]info
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Two suspicious domains registered through NameCheap at essentially the same time on 1/16/20 and hosted on dedicated servers in M247 IP space: - ms6-upload-serv3[.]com (185.236.202[.]248) - state-awe3-apt[.]com (185.236.203[.]247) In
@ThreatConnect: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=2968522487 …pic.twitter.com/KeNQ5gts2h
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious domain winsmartdisc[.]com was registered on 1/22 through Njalla and is hosted on a dedicated server at 78.24.219[.]78.pic.twitter.com/N7i2UWf8yy
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This infrastructure possibly is related to another set of subdomains that spoofed the Moldovan Army and Parliament:https://twitter.com/kyleehmke/status/1209116896332779521 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Identified subdomains: mail[.]parliament[.]bg[.]flrewall-production[].org mail[.]armf[.]bg[.]flrewall-production[.]org IP also currently hosts userdefendings[.]net.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Domain flrewall-production[.]org was registered through THCservers on 1/21 using ifannrusan@protonmail[.]com and is hosted at 89.37.226[.]119 along with subdomains spoofing Bulgarian Army and Parliament. In
@ThreatConnect: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=2964884736 …pic.twitter.com/9VnNM0K2Xv
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The office365eu1[.]com domain has again switched to another probable dedicated server at 185.245.85[.]182.pic.twitter.com/KdR0tMYXgd
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.