OSINT Shepherd

907 posts

OSINT Shepherd

@Automatron_

I like to find things. Blue team freak TI nerd. Happy Hunting, PSY-Op connoisseur

Katılım Mart 2010

4.1K Takip Edilen666 Takipçiler

OSINT Shepherd@Automatron_·1d

@MosheTov @abh1sek @safedepio Dude yall are on fire with the discovery of this stuff!

English

250

Moshe Siman Tov Bustan@MosheTov·1d

I analyzed the latest Megalodon campaign spreading on GitHub, big thanks to @abh1sek from @safedepio for uncovering and originally reporting it! Attackers spray-attack GitHub with fake pull requests targeting CI workflows, if the victim accepts the pull request, his CI/CD environment is directly compromised. The malware has a Base64 encoded bash payload, which steal cloud configurations, keys, credentials and tokens, and sends them to 216[.]126[.]225[.]129 It seems that threat actors would use any trick to infect developers and steal sensitive information. Complete analysis - ox.security/blog/megalodon…

English

137

13.7K

OSINT Shepherd@Automatron_·3d

@xploitrsturtle2 @DevianceLe Bonkers

Nederlands

3.9K

box turtle / shai-huturtle@xploitrsturtle2·3d

Github knew for hours, they delayed telling you and they wont be honest in the future. what an amazing run, its been an honor to play around with the cats over the past few months. #teamPCP #github

English

236

1.7K

269.5K

OSINT Shepherd@Automatron_·9 May

@kurakovictor @DarkWebInformer I mean it comes from their website lol

English

543

Victor Kurako@kurakovictor·8 May

@DarkWebInformer How do you know this statement actually comes from instructure

English

5.6K

Dark Web Informer@DarkWebInformer·8 May

‼️ Instructure has updated their security incident page with further information. instructure.com/incident_update They state ShinyHunters exploited an issue related to their Free-For-Teacher accounts and have shut it down temporarily.

English

132

74.3K

OSINT Shepherd@Automatron_·8 May

@JATetro @grok Try again @grok

English

OSINT Shepherd@Automatron_·8 May

@JATetro @grok this edited?

English

152

Jason 𝑻𝒉𝒆 𝑮𝒆𝒓𝒎 𝑮𝒖𝒚 Tetro 🇨🇦@JATetro·1 May

Overheard behind me while watching #H5N1 NAS workshop today: "You want to really make a pandemic, make hantavirus human transmissible"

English

3.4K

15.4K

66.5K

OSINT Shepherd@Automatron_·8 May

@vxunderground @AustinLarsen_ Have to wonder how some of those being military bases effects a response from @DeptofWar

English

2.3K

vx-underground@vxunderground·8 May

ShinyHunters has successfully hit the big leagues. ShinyHunters successfully disrupting exams, schooling, grading, government funded research projects, dissertation work, graduations, financial aid, financial loss, potentially immigration complications, and more, has elevated this from "a silly shenanigan" to "major national security incident" and being labeled as an attack on United States critical infrastructure. If I had to guess, the FBI, NSA, CIA, DIA, CISA, ICE, and DOE are all involved due to the disruption of this. This isn't the largest extortion campaign I've seen, but this is definitely in the top ten. This is what the kids call a "Certified Hood Classic".

English

319

4.4K

238.1K

OSINT Shepherd@Automatron_·27 Nis

@Dinosn Where is that tom guy

English

Nicolas Krassas@Dinosn·26 Nis

Critical bug in CrowdStrike LogScale let attackers access files securityaffairs.com/191343/hacking…

English

165

20.9K

Keşfet

@MosheTov @abh1sek @safedepio @xploitrsturtle2 @DevianceLe @kurakovictor @DarkWebInformer @JATetro