linkcabin

445 posts

linkcabin

@LinkCabin

Works in Security. Social Democracy. Change the World or Nothing. Personal Account not my employers, my own views!

UK Inscrit le Ağustos 2012

94 Abonnements2.8K Abonnés

Tweet épinglé

linkcabin@LinkCabin·16 Kas

I'm on bsky with the same name.

English

134

linkcabin@LinkCabin·19 Eki

Indicators: github.com/ext-jack/threa…

Italiano

142

linkcabin@LinkCabin·19 Eki

The cluster is related to this activity - blog.nviso.eu/2024/10/02/all…

English

155

linkcabin@LinkCabin·19 Eki

Today I have posted over 500+ additional domain indicators on a phishing cluster which has targeted organisations across the world utilising CloudFront, Amazon S3, CloudFlare and gCaptcha. The targeting is wide and I recommend all defenders to query their org.

English

261

linkcabin@LinkCabin·14 Eki

Analysis coming soon

English

109

linkcabin@LinkCabin·14 Eki

High signal phishing cluster IoCs released - github.com/ext-jack/threa…

English

2.2K

linkcabin@LinkCabin·5 Eki

@struppigel @gynvael The problem is none of them compare to the breadth of VirusTotals sample size

English

105

Karsten Hahn@struppigel·5 Eki

@LinkCabin @gynvael I do not think this has anything to do with VirusTotal specifically. There are many more samples providers, some of them have more than VT (e.g. ReversingLabs).

English

125

Karsten Hahn@struppigel·3 Eki

I have looked at 2024 malware research papers in academia and found that none of them used today's relevant malware. Families they used were old worms and viruses that had been relevant decades ago and nowadays only thrive on sandbox systems.

English

206

34.3K

linkcabin retweeté

Thijs Alkemade@xnyhps·27 Eyl

We had a short look at the buffer overflow found by fuzzing `process_browse_data` to determine its exploitability. Conclusion: this bug alone won't give you RCE, or even an info leak.

Simone Margaritelli@evilsocket

Attacking UNIX Systems via CUPS, Part I evilsocket.net/2024/09/26/Att…

English

167

46.2K

linkcabin@LinkCabin·26 Eyl

This is actively harmful for defenders and gives attackers an advantage. Why put indicators like this into an image?

Will@BushidoToken

Seriously @Cloudflare? IOCs in a image 🤦🏻‍♂️

English

255

linkcabin@LinkCabin·24 Eyl

I did some new research. Enjoy! Detecting a business email compromise (BEC) threat actor - threatintelligence.substack.com/p/detecting-a-…

English

297

linkcabin retweeté

Jaron Bradley@jbradley89·16 Eyl

The FBI recently sent a warning out regarding DPRK activity against the crypto industry. Today, we documented attacks we've seen on macOS. Attacks start with social engineering and deliver a piece of malware that we call ThiefBucket. jamf.com/blog/jamf-thre… #malware

English

124

14.3K

linkcabin@LinkCabin·15 Eyl

Or alternatively give me this sample virustotal.com/gui/file/7c62c…

English

174

linkcabin@LinkCabin·15 Eyl

Can anyone share the Amadey v4.03 panel leak with me 🤞 I missed it

English

255

linkcabin@LinkCabin·3 Eyl

@Andrew___Morris @jfslowik 😭😭😭😭

QME

170

Andrew Morris (afk)@Andrew___Morris·3 Eyl

Norse ran so the rest of Threat Intel could crawl

English

linkcabin retweeté

0xor0ne@0xor0ne·19 Ağu

Exploiting an object corruption bug in v8 Javascript engine (CVE-2024-3833) github.blog/2024-06-26-att… Credits @mmolgtm #chrome #cybersecurity

English

135

9.5K

linkcabin retweeté

L0Psec@L0Psec·17 Ağu

New macOS malware. :) DPRK. Spent some time reversing the dropper written in Swift/SwiftUI. Here’s the deep dive: kandji.io/blog/todoswift…

English

226

23.4K

linkcabin@LinkCabin·14 Ağu

Happy birthday to me I guess as citizenlab reference my Blue Callisto research from my PwC days

The Citizen Lab@citizenlab

🚨 NEW REPORT by @citizenlab in collaboration with @accessnow, @DeptFirst, Arjuna Team and RESIDENT.ngo uncovers a sophisticated and highly-personalized #phishing campaign targeting civil society members in the US and Europe, including Russian opposition in exile, NGOs, and media outlets. Report led by @jsrailton & @PDXbek with @edok_lotosov and @RonDeibert: citizenlab.ca/2024/08/sophis…