somedieyoungZZ

162 posts

somedieyoungZZ

@IdaNotPro

butterfly effect

Subroutine شامل ہوئے Şubat 2024

391 فالونگ392 فالوورز

پن کیا گیا ٹویٹ

somedieyoungZZ@IdaNotPro·17 Eyl

🚨 New Blog: *Kimsuky: A Gift That Keeps on Giving* 🎁 Explore Kimsuky APT's multi-stage infection chain using LNK files, VBS scripts, and C2 communication. See how this DPRK threat actor evolves. 🔗 somedieyoungzz.github.io/posts/kimsuky-… #Kimsuky #APT #Malware #DPRK

English

7.8K

somedieyoungZZ ری ٹویٹ کیا

allisx86@allisx86·5d

ZXX

180

3.1K

56.8K

somedieyoungZZ ری ٹویٹ کیا

J. A. Guerrero-Saade@juanandres_gs·16 Mar

Sergey Mineev was the greatest APT hunter of all time. He sought no glory, he just loved the hunt. And his discoveries repeatedly redefined our collective knowledge of global cyberespionage.

Boris Larin@oct0xor

Heartbroken to hear about the passing of @Skvern0. He was one of the best threat hunters in the industry - even APTs were afraid of him. I’m grateful for the time we worked together and for everything I learned from him. Rest in peace.

English

201

29.7K

somedieyoungZZ@IdaNotPro·17 Mar

@oct0xor @Skvern0 RIP

371

Boris Larin@oct0xor·16 Mar

English

556

77.1K

somedieyoungZZ ری ٹویٹ کیا

Ben@polygonben·4 Mar

🚨Recent MuddyWater APT campaign, linked to Iranian intelligence, exposed by Ctrl-Alt-Intel 😬 - 10+ CVEs used - Custom-developed C2s - EtherHiding malware - Sensitive data stolen ctrlaltintel.com/threat%20resea… Super fun collab-ing with @ice_wzl_cyber to get this published 🔥

English

210

42.3K

somedieyoungZZ@IdaNotPro·28 Şub

@cyberwar_15

GIF

QME

CyberWar - 싸워@cyberwar_15·27 Şub

#JinHyok #NorthKorea #ThreatActor 박진혁? ID : kingtiger1970

한국어

5.6K

somedieyoungZZ ری ٹویٹ کیا

Seongsu Park@unpacker·27 Şub

Excited to share my latest research on APT37 (aka ScarCruft) and their evolving campaign targeting so-called "isolated" networks through a carefully orchestrated multi-stage infection chain. Key findings: ▶️Ruby-based loader: APT37 is deploying full Ruby runtimes with trojanized script to blend execution within legitimate environments. ▶️USB dead-drop technique: A refined removable media workflow bridges air-gapped segments, leveraging hidden directories to stage tasking and exfiltrate data. ▶️Cloud C2 evolution: The group has expanded its cloud abuse playbook, incorporating Zoho WorkDrive as an operational command-and-control channel. In this research, I detail the full intrusion lifecycle from the initial LNK lure to the deployment of the surveillance backdoors with technical breakdowns. Blog: zscaler.com/blogs/security…

English

136

9.1K

somedieyoungZZ ری ٹویٹ کیا

NetAskari@NetAskari·23 Şub

Chinese SEO's are apparently also scared of "Silver Fox", which is supposed to be a Chinese APT: 防止银狐等病毒群发诈骗领导和同事 ( "Prevent silver fox and other viruses from sending out mass fraud to defraud leaders and colleagues" ).

English

5.4K

somedieyoungZZ ری ٹویٹ کیا

CIA@CIA·12 Şub

挺身而出的原因：为拯救未来 youtube.com/playlist?list=…

中文

879

1.4K

5.1K

580.8K

somedieyoungZZ@IdaNotPro·11 Şub

@goldenjackel12 @PrakkiSathwik @500mk500 @ElementalX2 @smica83 @polygonben 8a7fd76f466762490154f25a067a2eec08e41346074181548fcc43ebac269fc4 One more Protokol_KUAP_121_3.1_0915-2026.pdf.lnk

Indonesia

130

R3BELF0X@goldenjackel12·10 Şub

#Found Documents.vhdx (fdc778715530dbbe552828edb2571ce4) drops Protokol_KUAP_121_3.1_0915-2026.pdf.lnk (72b3c03d84ff2b0585f1866807396bf0), decoy pdf, etc.. probably targeting #Ukrainian @PrakkiSathwik @500mk500 @ElementalX2 @smica83 @polygonben @IdaNotPro

R3BELF0X@goldenjackel12

1. #found Documents.vhdx (4bef3830a8e5252a7a3f1566970ccd9d) drop containing a malicious lnk(povidomlennia_kameralna_perevirka_DPSU.pdf.lnk)(4587075fd6a5d417278b368a92fee749) alongside a decoy pdf (povidomlennia_kameralna_perevirka_DPSU.pdf) probably targeting #Ukrainian

English

2.3K

somedieyoungZZ ری ٹویٹ کیا

Sh4dowExe@Sh4dow3x3·28 Oca

⚠️⚠️RAMP FORUM SEIZED !!!⚠️⚠️

English

188

28.4K

somedieyoungZZ ری ٹویٹ کیا

Abdulkadir | Cybersecurity@cyber_razz·27 Oca

A cybersecurity beginner trying to choose a career path

English

118

1.1K

29.3K

somedieyoungZZ ری ٹویٹ کیا

IRIS C2@C2IRIS·19 Oca

The average “cyber threat intel” blogger

English

239

11.2K

somedieyoungZZ ری ٹویٹ کیا

BlueEye@BlueEye46572843·13 Oca

[1/3] I retro hunted and identified more relevant samples on VT: - e7b2cc236af9edbe44307d293a7d7fcbb199a286f7eec864f363fcb725c7ef70 -4b795cf2352971f470db2e451ae62dc8c859ed7c4148be48c66a723062fed7a8 -4e1873f43c7c72625e627faa349e454ab81c15fc36d9c7dec1a422b4042b9407

ThreatBook@ThreatBookLabs

Threat Alert: #CharmingKitten — LNK-Based Loader Campaign with GitLab Payload Lure Filename: Bang_Tinh_Thue_2025.xlsx.lnk Payload Download: gitlab[.]com/zaahen/Zaahen/-/raw/main/i[.]zip ThreatBook Intelligence: na2.hubs.ly/H02-yBl0 [1/3]

394

somedieyoungZZ ری ٹویٹ کیا

780th Military Intelligence Brigade (Cyber)@780thC·12 Oca

CloudSEK’s TRIAD recently identified a spearphishing campaign attributed to the Muddy Water APT group targeting multiple sectors across the Middle East @cloudsek cloudsek.com/blog/reborn-in…

English

1.4K

somedieyoungZZ@IdaNotPro·11 Oca

ZXX

286

somedieyoungZZ ری ٹویٹ کیا

NtAlertThread@ElementalX2·10 Oca

Suspected APT(?) targets Portuguese speaking individuals at Macao 🇲🇴 abuses DLL Sideloading but forgets to deliver loader DLL, ends up pasting the shellcode alone with decoy, idk? 😂🤷‍♂️

English

5.2K

somedieyoungZZ ری ٹویٹ کیا

blackorbird@blackorbird·10 Oca

#Muddywater attempts to detect a wide range of antivirus and EDR tools by scanning for agent files, service names, and installation paths of more than 25 AV products. cloudsek.com/blog/reborn-in…

English

175

23.6K

somedieyoungZZ ری ٹویٹ کیا

The Hacker News@TheHackersNews·10 Oca

Iran-linked MuddyWater is running a new spear-phishing campaign using a Rust-based implant called RustyWater. The activity hits diplomatic, maritime, finance, and telecom targets in the Middle East, delivered via Word files that push victims to enable macros. 🔗 Details → thehackernews.com/2026/01/muddyw…

English

125

14.1K

somedieyoungZZ ری ٹویٹ کیا

J⩜⃝mie Williams@jamieantisocial·9 Oca

"all in."

CloudSEK@cloudsek

CloudSEK TRIAD identifies #MuddyWater leveraging spearphishing & icon spoofing to deliver #RustyWater—a new Rust-based implant targeting Middle East diplomatic & industrial sectors. Sustained activity seen across financial & maritime sectors. Report: cloudsek.com/blog/reborn-in…

English

4.1K

somedieyoungZZ ری ٹویٹ کیا

somedieyoungZZ@IdaNotPro·9 Oca

Hi guys did a small blog on new Rust implant used by Muddy Water check it out

Virus Bulletin@virusbtn

CloudSEK TRIAD reports a MuddyWater spear-phishing campaign targeting Middle Eastern diplomatic, maritime, financial and telecom sectors. The chain uses icon spoofing and malicious Word documents to deliver RustyWater. cloudsek.com/blog/reborn-in…

English

261

دریافت کریں

@oct0xor @Skvern0 @ice_wzl_cyber @cyberwar_15 @goldenjackel12 @PrakkiSathwik @500mk500 @ElementalX2