bolsolulabr → makita.ai
1.2K posts
@thirdagen
17y Sr. Devlpr faço 30k por mês aprenda como → https://t.co/rmHOfXK04Q
demonstro aqui meu TOTAL APOIO ao bruno c# @enrichthesoil na luta contra dev jr poser que fica "criando conteudinho" voltado pra iniciantes "ah mas ajuda a comunidade" AJUDA O CARAIO cria canalzinho só pra satisfazer seu ego jovem com o conteúdo mais low effort e inútil possível
🇧🇷 A threat actor on an underground forum is claiming to be selling access to 100 Brazilian government email accounts allegedly associated with the State of Acre. According to the post: • the actor claims the accounts belong to Brazilian government entities • access is being advertised privately through Session messenger • pricing and volume are reportedly negotiable • the actor shared limited “proof” material to validate the claim At this stage: • the authenticity of the accounts has NOT been independently verified • there is no confirmation that the accounts are currently active • it is unclear whether the access involves: • credential theft • phishing compromise • infostealer infections • reused passwords • session/token hijacking • mailbox forwarding abuse • OAuth compromise Even a relatively small number of government email accounts can present significant operational and security risks if legitimate. Potential risks may include: • spear-phishing against government personnel • internal impersonation attacks • password reset abuse • access to sensitive communications • procurement and invoice fraud • intelligence collection • malware distribution through trusted domains • lateral movement into government infrastructure Government email compromises are frequently leveraged for: • social engineering campaigns • trusted-domain phishing • business email compromise (BEC) • credential harvesting • access expansion into cloud environments Particularly concerning is the use of: • encrypted messaging platforms for negotiation • direct sale models rather than public leaks • selective targeting of governmental entities This can indicate: • financially motivated operators • access brokers • initial access marketplace activity • possible pre-ransomware ecosystem involvement Organizations should: • force password resets for affected users • review MFA enforcement • audit suspicious login activity • monitor mailbox forwarding rules • inspect OAuth application permissions • review impossible-travel and anomalous login alerts • check for credential exposure in stealer logs and underground markets Public sector organizations should also: • monitor for impersonation campaigns • increase phishing awareness internally • review privileged account exposure • validate security controls around government cloud tenants At this time, the underground post alone should be treated as an unverified claim until corroborated through technical evidence or official disclosure. DDW is continuing to monitor: • actor credibility • additional proof releases • possible credential samples • related access sales • broader targeting activity against Brazilian public sector entities #Brazil #CyberSecurity #Government #ThreatIntelligence #DarkWeb #CyberCrime #BEC #Infosec #DDW #Intelligence
Isso é imperdoável. É preciso ter credibilidade pra mudar o Brasil.
Wuhan Railway Station in China is bigger than many airport terminals in the West and has more bullet train lines than many countries have altogether
Ela tá chegando! Vem, Shakira 🐺✨ O Brasil tá pronto pra bailar... y cambiar.
Provavelmente isto seja a máxima felicidade masculina:
It's my request to Windows and Mac users - Switch to Linux, you'll never regret it ! Btw, Have a look at my FEDORA !!!
“7 Taskbar Belt” Available Now!
