🐣
764 posts
🐣
@sysgoblin
principal threat researcher and professional pleb
🗿 เข้าร่วม Ocak 2016
516 กำลังติดตาม794 ผู้ติดตาม
dear Jesus, please give my fence the strength to remain rigid and upright #StormEunice
English
🐣 รีทวีตแล้ว
Sad that I got beat to posting about this publicly after looking at it on and off since October, but there are a lot of great details in here about a previously unknown botnet written in Go! Here are some screenshots (including the operator's desktop) I had as well!
sysopfb@sysopfb
Following up on @Intel471Inc recentl report on PrivateLoader we also found another loader being leveraged - Calls itself "Anubis" Loader and is written in GoLang medium.com/walmartglobalt…
English
I think you should read the ICANN regs you’re attempting to hide behind more thoroughly—both the black letter text and the policy objectives that undergird them—instead of using them to justify your extremely inefficient and harmful business operations. 1/?
name.com@namedotcom
@idclickthat @cex_io @phishgalore @malwrhunterteam @dubstard @Sync_Pundit @nullcookies @JCyberSec_ @dubstard @nullcookies Thank you for reaching out with your concerns. We're sorry but we must act in accordance to industry standards as we are specifically governed by ICANN. We'll follow up with a DM with more details on industry standard guidelines. -JS
English
🐣 รีทวีตแล้ว
A few hours ago, a promising token called $YEAR was airdropped. It was set up as a "year in review" of your Ethereum transaction history.
Less than an hour ago, this turned into a painful experience for buyers of the token.
Here's how $YEAR pulled the rug in under 6 hours🧵 1/
English
🐣 รีทวีตแล้ว
🐣 รีทวีตแล้ว
@Sega__JEANAsis If this ever happens to you or anybody you know, there’s an option in that alert to view more details which tells you to bring the AirTag close or to bring it to the police
English
just pushed a quick update to emulate apache/elastic, process query params, and accept POST data with a fake login form. have at it! 🍯
🐣@sysgoblin
here take this 🤲🍯 #log4shell #log4j github.com/sysgoblin/log4…
English
🐣 รีทวีตแล้ว
I promised I would write a report covering my phishing research in 2021.
That report is now live:
steved3.io/data/Phishing-…
Shout out to @AmandaFGoedde for helping me edit, as well as @ninoseki for making Miteru, and @urlscanio for creating an awesome tool to help defenders.
English
🐣 รีทวีตแล้ว
#log4j thread
Detection Ideas + Yara by @cyb3rops - gist.github.com/Neo23x0/e4c8b0…
Hashes for vulnerable LOG4J versions by @mubix - github.com/mubix/CVE-2021…
SIGMA by @SOC_Prime - tdm.socprime.com/tdm/info/XY2Ej…
tdm.socprime.com/tdm/info/4SiOs…
Payloads list by @GreyNoiseIO - gist.github.com/nathanqthai/01…
English
🐣 รีทวีตแล้ว
How can you identify the plane, location, and mission commander in this image?
With the intelligence cycle and a little automation!
This @quiztime challenge from @fiete_stegers is the hardest one I've tried so far.
New #geolocation blog post: nixintel.info/osint/planes-a…
English