Silent Push

1.7K posts

Silent Push banner
Silent Push

Silent Push

@silentpush

Preemptive cyber defense with Indicators of Future Attack™ (IOFA™). Neutralize before compromise. 💪

Reston, Virginia Katılım Nisan 2020
383 Takip Edilen2.2K Takipçiler
Silent Push
Silent Push@silentpush·
"This might be malicious" isn't enough. Analysts need the reasoning chain. If an #AI agent is going to make autonomous decisions, it can’t rely on vague probability scores. By mapping the "Internet's DNA”, Silent Push moves the intelligence from guessing to knowing.
English
0
0
2
215
Silent Push retweetledi
CyberScoop - @cyberscoop.bsky.social
What does it actually take to dismantle an industrial-scale scam operation running bulletproof hosting, distributed ASNs, and crypto laundering across multiple countries? On the latest episode of the Safe Mode podcast, Mike Sweeney of @silentpush joins host @gregotto to discuss Operation Disruption Week and how it went down — the intelligence, the coordination, and why this public-private model could be a blueprint for future cyber disruption efforts. youtube.com/watch?v=z-AsI9… Watch the full episode: youtube.com/watch?v=6Lb_O3…
YouTube video
YouTube
YouTube video
YouTube
English
0
1
4
626
Silent Push retweetledi
Steven Lim
Steven Lim@0x534c·
🔍𝗣𝗿𝗲𝗲𝗺𝗽𝘁𝗶𝘃𝗲 𝗦𝗲𝗮𝗿𝗰𝗵 𝗳𝗼𝗿 𝗔𝗥𝗧𝗼𝗸𝗲𝗻 𝗣𝗵𝗮𝗮𝗦 𝗗𝗼𝗺𝗮𝗶𝗻 𝗟𝘂𝗿𝗲𝘀 The ARToken Phishing-as-a-Service (PhaaS) platform utilizes a specific naming convention for its Cloudflare-hosted lures: {𝚞𝚞𝚒𝚍}-𝚍𝚘𝚌𝚟𝚒𝚎𝚠𝚎𝚛*.𝚠𝚘𝚛𝚔𝚎𝚛𝚜.𝚍𝚎𝚟. Utilizing @silentpush Passive DNS (PDNS) lookups, I queried this pattern and discovered that these infrastructure deployments began as early as April 2026. Leveraging these newly identified domains, I have crafted a KQL query to run against Microsoft Defender for Endpoint (𝗗𝗲𝘃𝗶𝗰𝗲𝗡𝗲𝘁𝘄𝗼𝗿𝗸𝗘𝘃𝗲𝗻𝘁𝘀) telemetry. This will allow us to proactively check if any tenant endpoints have interacted with these malicious lures over the past 30 days.🫡 detections.ai/share/rule/CD7… #ARToken #PhaaS #CloudflareLures #ThreatDetection
Steven Lim tweet media
English
0
7
19
2.1K
Silent Push
Silent Push@silentpush·
"US IP address" doesn't mean US traffic. #TrafficOrigin shows #CISOs what's really behind a connection before it becomes a board conversation.
GIF
English
1
3
5
294
Silent Push
Silent Push@silentpush·
Your #IOC queue is always late. The attack was staged and tested before it ever landed there: hubs.ly/Q04nly0B0 #TheContextGraph gives you 104 days average early detection (300+ for advanced APT infra) so you can disrupt threats before they hit your perimeter.
English
0
1
2
312
Silent Push
Silent Push@silentpush·
If you're headed to Black Hat #BHUSA, our analysts will be at booth 8105. Grab a walkthrough of the platform if you're interested: hubs.ly/Q04mWGQg0 P.S. Feel free to bring your own indicators for a quick hunt. #blackhatusa #cti #soc
Silent Push tweet media
English
1
0
6
440
Silent Push retweetledi
Steven Lim
Steven Lim@0x534c·
🚨 𝘏𝘦𝘭𝘱𝘥𝘦𝘴𝘬‑𝘵𝘩𝘦𝘮𝘦𝘥 𝘥𝘰𝘮𝘢𝘪𝘯𝘴 impersonating major corporate brands I am seeing a surge of 𝘩𝘦𝘭𝘱𝘥𝘦𝘴𝘬‑𝘵𝘩𝘦𝘮𝘦𝘥 𝘥𝘰𝘮𝘢𝘪𝘯𝘴 impersonating major corporate brands — each flagged with 𝗿𝗶𝘀𝗸 𝘀𝗰𝗼𝗿𝗲 𝟭𝟬𝟬 (𝗰𝗿𝗶𝘁𝗶𝗰𝗮𝗹). These domains are not legitimate and are being weaponized in 𝗽𝗵𝗶𝘀𝗵𝗶𝗻𝗴 + 𝘀𝗼𝗰𝗶𝗮𝗹 𝗲𝗻𝗴𝗶𝗻𝗲𝗲𝗿𝗶𝗻𝗴 𝗰𝗮𝗺𝗽𝗮𝗶𝗴𝗻𝘀. 𝗗𝗼𝗺𝗮𝗶𝗻𝘀 𝗼𝗯𝘀𝗲𝗿𝘃𝗲𝗱: • helpdesk‑blackrock.com • helpdesk‑uber.com • helpdesk‑nike.com • helpdesk‑affirm.com • helpdesk‑westernunion.com • helpdesk‑x.com • helpdesk‑optus‑au.com ⚠️ 𝗔𝘁𝘁𝗮𝗰𝗸𝗲𝗿𝘀 𝗮𝗿𝗲𝗻’𝘁 𝘀𝘁𝗼𝗽𝗽𝗶𝗻𝗴 𝗮𝘁 𝗱𝗼𝗺𝗮𝗶𝗻𝘀. They’re pairing these lookalikes with 𝗧𝗲𝗮𝗺𝘀 𝗶𝗺𝗽𝗲𝗿𝘀𝗼𝗻𝗮𝘁𝗶𝗼𝗻 and other social engineering tactics — tricking users into believing they’re talking to internal IT or helpdesk staff. Once trust is gained, attackers push malicious links, request credentials, or pivot into 𝗱𝗮𝘁𝗮 𝗲𝘅𝗳𝗶𝗹𝘁𝗿𝗮𝘁𝗶𝗼𝗻 𝘃𝗶𝗮 𝗥𝗠𝗠 𝘁𝗼𝗼𝗹𝘀. Sharing is caring 🫡 #Cybersecurity #SilentPush #Phishing #SocialEngineeringAttack
Steven Lim tweet media
English
5
13
55
4.7K