Hacktivists are broadening their scope beyond political motivation

Kaspersky researchers uncovered interconnected hacktivist campaigns attributed to groups including 4BID, Hakerskii Kit, and C.A.S., targeting organizations primarily in Russia and Belarus, but expanding to Kazakhstan, UAE, Syria, and Egypt. Attackers exploited ProxyShell vulnerabilities in Microsoft Exchange servers to deploy fd.aspx web shells and various post-exploitation frameworks including Sliver, Havoc, Mythic Apollo, AdaptixC2, and a custom BlackSalt backdoor. The campaigns deployed ransomware including ClearWater and updated versions of Blackout Locker, alongside EDR killers using BYOVD techniques. Attackers leveraged legitimate RMM tools like AnyDesk, Panorama9, and Tactical RMM for persistence, with AI-generated scripts showing varying quality. The geographical expansion and increased use of ransomware suggest a shift from purely political motivation toward financial gain.

Pulse ID: 6a2699c629b0ddee8d84e7b6
Pulse Link: https://otx.alienvault.com/pulse/6a2699c629b0ddee8d84e7b6
Pulse Author: AlienVault
Created: 2026-06-08 10:30:30

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#AnyDesk #BackDoor #Belarus #CyberSecurity #EDR #Hacktivist #InfoSec #Kaspersky #Kazakhstan #Microsoft #Mythic #OTX #OpenThreatExchange #Proxy #RAT #RansomWare #Russia #Sliver #Syria #UAE #bot #AlienVault

Roland Warren fliegt mit den Piraten einen Angriff auf einen Frachter und muss schmerzhaft erfahren das hier nichts so ist, wie es aussieht.

#pnpde #solottrpg #pnp #ttrpg #solo #penandpaperde #actualplay #podcast #mythic #ironsworn #starforged

https://ausgewuerfelt.yakamura.de/series/sternenschmiede/season1/5-stardust/

I am setting the brand new #Opus48 on my main #vibecode project. In the first instance I am getting it to do a project review...

...already super impressed with the way its performing, shows a level of reasoning the previous models did not reach. I feel that it has some #Mythic elements to it as its vibecoded responses are impressive.

Roland Warren landet auf den Traumzinnen und um weiterzukommen muss er einen unangenehmen Schwur leisten.
#pnpde #solottrpg #pnp #ttrpg #solo #penandpaperde #actualplay #podcast #mythic #ironsworn #starforged

https://ausgewuerfelt.yakamura.de/series/sternenschmiede/season1/4-unter-piraten/

Roland Warren hat einen Plan und einen Hinweis aber dann läuft nichts mehr so wie erhofft und unversehens befindet er sich in einem Hinterhalt

#pnpde #solottrpg #pnp #ttrpg #solo #penandpaperde #actualplay #podcast #mythic #ironsworn #starforged

https://ausgewuerfelt.yakamura.de/series/sternenschmiede/season1/3-hinterhalt/

New blog post!

This time I talk about my new favorite evasive shellcode loader, Charon. I give a brief overview about what it does, how it works and which techniques it uses.

Also a brief addendum for enjoyers of bloated Implants such as Sliver.

https://ti-kallisti.com/general/ms/descending-into-hades.html

#InfoSec #Malware #Shellcode #RedTeam #RedTeaming #Pentesting #Charon #Sliver #Merlin #Mythic

Frederiks Spur ist unauffindbar und dann tauchen Viktor und Ian tiefer als gedacht.

https://ausgewuerfelt.yakamura.de/series/one-shots/staffel-1/5-die-h%C3%B6hle-der-meerjungfrauen/

#podcast #solorpg #penandpaperde #penandpaper #mythic #abr #alriks #actualplay #pnpde #soloactualplay

Roland Warren trifft auf der Raumstation Last Port seine Kontaktperson und Hehlerin

https://ausgewuerfelt.yakamura.de/series/sternenschmiede/season1/1-neue-horizonte/

#podcast #solorpg #penandpaperde #penandpaper #mythic #starforged #actualplay #pnpde #soloactualplay

Viktor ein notorisch abwesender Vater versucht mit einem Urlaub in Kalifornien die verlorene Zeit mit seinem Sohn gutzumachen. Das ABR trifft auf den Mythic und der Urlaub beginnt.

https://ausgewuerfelt.yakamura.de/series/one-shots/staffel-1/2-fishermans-beach/
#penandpaper #pnpde #solorpg #solo #mythic #podcast #deutsch #abr