𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕Mar 8

«Takedown von MFA-Bypass-Plattform Tycoon2FA
[…] Die Zerschlagung unterstreicht eine klare Botschaft: MFA allein reicht gegen Adversary-in-the-Middle-Phishing nicht aus. […]»

Ich ärgere mich darüber immer wider, dass die betroffene Konzerne darüber sehr still kommunizieren.

🔓 https://borncity.com/blog/2026/03/08/takedown-von-mfa-bypass-plattform-tycoon2fa/

#mfa #login #web #websicherheit #2fa #internet #tycoon2fa #europol #Cloudflare #Coinbase #Crowell #eSentire #HealthISAC #Intel471 #Microsoft #Proofpoint #Resecurity #Shadowserver #SpyCloud #bypass

Takedown von MFA-Bypass-Plattform Tycoon2FA

Kürzlich wurde die MFA-Bypass-Plattform Tycoon2FA beschlagnahmt und offline genommen. Die als führend bezeichnete Phishing-as-a-Service-Plattform war darauf ausgelegt…

Borns IT- und Windows-Blog
securityaffairsJan 27
#Shadowserver finds 6,000+ likely vulnerable #SmarterMail servers exposed online
https://securityaffairs.com/187394/hacking/shadowserver-finds-6000-likely-vulnerable-smartermail-servers-exposed-online.html
#securityaffairs #hacking
Shadowserver finds 6,000+ likely vulnerable SmarterMail servers exposed online

Shadowserver researchers found 6,000+ SmarterMail servers exposed online and likely vulnerable to a critical auth bypass flaw.

Security Affairs
🆘Bill Cole 🇺🇦Sep 12, 2025

Oh #ShadowServer, now you're just being silly...

#InfoSec #Scanners

Max ResingJul 17, 2025

Here is #Shadowserver's announcement on the global #OperationEastwood which aimed for the #NoName05716 #APT.

https://infosec.exchange/@shadowserver/114863740047451178

There are various public statements, including Europol's post linked here. The members are also listed on Europe's most wanted list. Likewise, the #German #BKA published a multi-lingual statement on the #DDoSia operators and members.

#Eastwood #DDoSia #DDoS #infosec

The Shadowserver Foundation (@[email protected])

Proud to support our international LE partners in Europe/Eurojust coordinated Operation Eastwood - another successful public/private partnership cyber threat disruption! https://www.europol.europa.eu/media-press/newsroom/news/global-operation-targets-noname05716-pro-russian-cybercrime-network

Infosec Exchange
ccinfo.nlJun 7, 2025

Hoe de sluiting van BidenCash de wereld van carding marktplaatsen verandert

Artikel Cybercrimeinfo: https://www.ccinfo.nl/menu-nieuws-trends/darkweb/2548908_hoe-de-sluiting-van-bidencash-de-wereld-van-carding-marktplaatsen-verandert

Podcast Spotify: https://open.spotify.com/episode/6tLnBUOe7pv45jySLVdV4n?si=7744c9cfb31640d6

Podcast Youtube: https://youtu.be/OOr4dH6LUm8?si=cRM3CNnW_JCSjPG-

#BidenCash #Carding #Darkweb #Cybercrime #Cybersecurity #InternationalCooperation #DigitalCrimes #FBI #NHTCU #Cryptocurrency #Ransomware #DataTheft #DomainSeizure #DigitalFraud #CyberThreats #MultifactorAuthentication #Shadowserver #CybercrimePrevention #CyberWar #TechCrime

Hoe de sluiting van BidenCash de wereld van carding marktplaatsen verandert / Darkweb / Menu Nieuws & Trends | Cybercrimeinfo.nl

De sluiting van BidenCash verandert de wereld van carding marktplaatsen op het darkweb. Lees hoe internationale samenwerking de strijd tegen cybercriminaliteit versterkt en wat dit betekent voor de toekomst van digitale misdrijven.

JdeBPJun 2, 2025

I just found these people in the logs of a new server that I just set up today. They hit it within minutes. So I had a shufti around their dashboard, and found this.

What is a reasonable explanation for #Shropshire's love of #TELNET?

https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/region/?date_range=1&host_type=src&port=23&geo_country=GB&scale=log&auto_update=off

It's Brother Jerome's secret BBS habit, isn't it? (-:

#ShadowServer #Cadfael

Region map · Exploited vulnerabilities · The Shadowserver Foundation

Tech Cybersecurity NieuwsFeb 8, 2025
Grootschalige brute-force aanval richt zich op vpn-apparaten met 2,8 miljoen ip-adressen https://www.trendingtech.news/trending-news/2025/02/53880/grootschalige-brute-force-aanval-richt-zich-op-vpn-apparaten-met-2-8-miljoen-ip-adressen #brute-force aanval #VPN-apparaten #Shadowserver Foundation #netwerkbeveiliging #malware-botnets #Trending #News #Nieuws
Grootschalige brute-force aanval richt zich op vpn-apparaten met 2,8 miljoen ip-adressen

Een omvangrijke brute-force aanval, gebruikmakend van bijna 2,8 miljoen IP-adressen, is momenteel gaande. De aanval probeert inloggegevens te bemachtigen van d

Tech Nieuws
CedricJan 23, 2025

New post from the #VulnerabilityLookup project about #Shadowserver and Sightings:

https://www.vulnerability-lookup.org/2025/01/22/shadowserver-sightings-in-vulnerability-lookup/

You can subscribe to the blog:
https://www.vulnerability-lookup.org/news/index.xml !

#opensource #cybersecurity #vulnerability #VulnerabilityLookup #TheShadowserverFoundation

The Shadowserver Foundation Honeypot Feed is now integrated as a source of sightings in Vulnerability-Lookup

We are glad to announce the immediate availability of vulnerability-related observations from The Shadowserver Foundation within Vulnerability-Lookup. This milestone wouldn’t have been possible without Piotr Kijewski. We developed a new sighting client, ShadowSight. This new client gathers vulnerability-related data directly from The Shadowserver Foundation, then reports the collected data to the Vulnerability-Lookup API as sightings. ShadowSight leverages insights on common vulnerabilities and exploited vulnerabilities from Shadowserver’s honeypot source. The source code of ShadowSight is available:

Stuart Longland (VK4MSL)Aug 3, 2023
```
2023-08-03T15:04:36.217026+10:00 gapmx postfix/smtpd[5301]: improper command pipelining after CONNECT from scan-50b.shadowserver.org[64.62.197.198]: GET / HTTP/1.1\r\nHost: 150.101.176.226:25\r\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7
```
Err no, #shadowserver.org -- I do not run a HTTP server on port 25/tcp!
securityaffairsJul 23, 2023
#Shadowserver reported that +15K Citrix servers are likely vulnerable to attacks exploiting the flaw CVE-2023-3519
https://securityaffairs.com/148735/hacking/15k-citrix-servers-vulnerable-cve-2023-3519.html
#securityaffairs #hacking #malware
Shadowserver reported that +15K Citrix servers are likely vulnerable to attacks exploiting the flaw CVE-2023-3519

Researchers reported that more than 15000 Citrix servers exposed online are likely vulnerable to attacks exploiting the vulnerability CVE-2023-3519. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week warned of cyber attacks against Citrix NetScaler Application Delivery Controller (ADC) and Gateway devices exploiting recently discovered zero-day CVE-2023-3519. The Agency states that threat actors targeted a NetScaler […]

Security Affairs