PEGASUS
Los datos adicionales proporcionados por Francia en relación con el caso Pegasus incluyen “indicadores de compromiso” (IOCs), que son una serie de datos que pueden indicar que un sistema ha sido comprometido por un atacante. Estos indicadores pueden incluir direcciones

Chinese hackers using a vast network of compromised devices to conceal their activities.
darkreading.com/cybersecurity-…

🚨 Healthcare & Public Health Sector orgs❗

Review our latest #cybersecurity advisory on #BlackBasta ransomware containing #TTPs & #IOCs developed with FBI, @HHSgov & Center for Internet Security (CIS)'s MS-ISAC. More info at cisa.gov/news-events/cy… #StopRansomware

Day 4:
What is Cyber Threat #Intelligence (CTI) and What It Isn't?

You've often heard CTI described as a collection of feeds, data, streams of Indicators of Compromise (IOCs), and recent breach reports. While these elements are involved, let's explore the true nature of CTI:

#Malware Bancario #Grandoreiro
Fuerte campaña en 🇦🇷

Crea carpetas con nombres aleatorios en:
C:\Users\Public\
C:\ProgramData\

IOCs
p://51.120.240.]117
p://54.233.206.]70:40817/WaveEdgeNRzyoSecureSphereDevice.xml
p://18.230.124.]104:39054/BNceD0ttGfG.txt
C2
18.230.186.]145:36044

Reps Stop Granting Consent To Divesting IOCs

channelstv.com/2024/05/22/rep…

One day to go! Get to connect with top energy investors, Executives from operators, IOCs, NOCs, industry innovators, Independents as well as government officials at the 2nd edition of the Invest in African energy Forum taking place in Paris, France from Tuesday.

The Invest in

#GKP #GENL $DNO $HKN $SNM #Kurdistan APIKUR

#Iraqi Oil Ministry and #KRG have agreed to amend the contracts signed by KRG with IOCs, but have not reached a solution.

peregraf.com/ku/news/6982

Our deep-dive, IOCs, and exploit for CVE-2023-34992, an unauth command injection as root, effecting #Fortinet #FortiSIEM appliances.

horizon3.ai/attack-researc…

#TransparentTribe #APT 36 with a lot of detection opportunities and #IOCs
#India #APT #GoLang #Linux

A new very interesting blogpost on how #TransparentTribe #APT 36 is targeting the aerospace industry in India. There are many IoCs and detection opportunities inside.

blogs.blackberry.com/en/2024/05/tra…

#APT #IOCs
Eoin Healy Ismael Valenzuela

House of Reps blocks oil companies; divestment in Niger Delta over compliance issues guardian.ng/news/house-of-…

After nearly 70 years of reckless exploitation, the IOCs simply want to walk away. Who does that? Who accepts that? Good to see National Assembly waking up to this impunity!

New IOCs thehackernews.com/2024/04/millio… urlscan.io Validin

2024-05-14 (Tuesday): #DarkGate activity. HTML file asks victim to paste script into a run window. Indicators available at bit.ly/4bjvMAC

#TimelyThreatIntel #Unit42ThreatIntel #Wireshark #InfectionTraffic

⚠️TweetFeed⚠️collects Indicators of Compromise (IOCs) shared by the infosec community on Twitter. Here you will find malicious URLs, domains, IPs, & SHA256/MD5 hashes. Link in sub-post.👇

#TweetFeed #OSINT #CTI #Clearnet #DarkWeb #DarkWeb Informer #Cybercrime #Cybersecurity

New #opendir discovery with #RisePro stealer detected.

IP: 194.37.97[.162

🔹BecauseBranch.exe
C2: 37.120.237[.196:50500

🔹UncleLt4.exe #nemesis
IoCs:
retdirectyourman[.eu
supfoundrysettlers[.us
149.248.79[.62

🔍 IoC query Censys:
🌐 services.http.response.html_title='Soon'

(1/7) 💡 Illumination of a large resilient infrastructure distributing #NetSupport RAT using:
- Google Ads (malvertising)
- Traffic Distribution System (TDS)
- Fake websites
- MSIX

40+ IP addresses
70+ domain names

IoCs:
gist.github.com/qbourgue/62cee…

x.com/threat_down/st…

⬇️

Read Part-5 of our Mobile Malware Analysis- 8ksec.io/mobile-malware…, simulate some IOCs and see how to search for them. #MobileSecurity #MobileMalware

The Rapid7 MDR team uncovered a backdoored installer for the Justice AV Solutions (JAVS) Viewer application, that was being served out via the official JAVS website. CISA has assigned this CVE-2024-4978. Full details, timelines, guidance, and IOCs here: rapid7.com/blog/post/2024…

.Volexity Volcano Server & Volcano One v24.05.08 adds 45 new YARA rules, as well as new IOCs for out-of-tree kernel modules, hidden commands and startup scripts, and many more [1/3]