CTI.FYI2h ago

🚨New ransom group blog post!🚨

Group name: nova
Post title: URG OEM
Info: https://cti.fyi/groups/nova.html

#ransomware #cti #threatintelligence #cybersecurity #infosec

ccinfo.nl3h ago

Grafana weigerde losgeld te betalen. Dat is goed nieuws. Het slechte nieuws: hun broncode is al gestolen via een kwetsbaarheid die veel organisaties op dit moment ook hebben.

https://www.ccinfo.nl

#Cybersecurity #SupplyChain #GitHub #DevSecOps #ThreatIntelligence

CTI.FYI3h ago

🚨New ransom group blog post!🚨

Group name: incransom
Post title: metaval.com.au
Info: https://cti.fyi/groups/incransom.html

#ransomware #cti #threatintelligence #cybersecurity #infosec

incransom Ransomware Group | CTI.FYI

Track incransom ransomware group activity and threat intelligence.

CTI.FYI
CTI.FYI5h ago

🚨New ransom group blog posts!🚨

Group name: qilin
Post title: PNSB Insurance Brokers Sdn Bhd
Info: https://cti.fyi/groups/qilin.html

Group name: qilin
Post title: Comercial Echave Turri Limitada
Info: https://cti.fyi/groups/qilin.html

#ransomware #cti #threatintelligence #cybersecurity #infosec

Lobsters6h ago

Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations

https://www.security.com/threat-intelligence/fast16-nuclear-sabotage

#Security #Cybersecurity #ThreatIntelligence

Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations

New analysis confirms the targeted applications and reveals fast16 was tailored to corrupt uranium-compression simulations central to nuclear weapon design.

HackerWorkspace6h ago

HWMonitor Trojanized for STX RAT DLL Sideloading

https://gurucul.com/blog/hwmonitor-trojanized-to-deliver-multi-stage-stx-rat-via-dll-sideloading/

Read on HackerWorkspace: https://hackerworkspace.com/article/hwmonitor-trojanized-for-stx-rat-dll-sideloading

#malware #cybersecurity #threatintelligence

HWMonitor Trojanized for STX RAT DLL Sideloading

Analyze how a trojanized HWMonitor package deployed STX RAT through DLL sideloading, reflective loading, and stealthy memory execution.

Gurucul
CTI.FYI18h ago

🚨New ransom group blog post!🚨

Group name: lamashtu
Post title: Parle Agro
Info: https://cti.fyi/groups/lamashtu.html

#ransomware #cti #threatintelligence #cybersecurity #infosec

CTI.FYI20h ago

🚨New ransom group blog post!🚨

Group name: qilin
Post title: CLINICA AVELLANEDA MEDICAL CENTER
Info: https://cti.fyi/groups/qilin.html

#ransomware #cti #threatintelligence #cybersecurity #infosec

CTI.FYI1d ago

🚨New ransom group blog post!🚨

Group name: dragonforce
Post title: AdvancedHEALTH
Info: https://cti.fyi/groups/dragonforce.html

#ransomware #cti #threatintelligence #cybersecurity #infosec

HackerWorkspace1d ago

Remus 64-bit Stealer: Lumma Successor Using EtherHiding

https://socprime.com/active-threats/remus-unpacking-the-64-bit-evolution-of-the-lumma-stealer/

Read on HackerWorkspace: https://hackerworkspace.com/article/remus-64-bit-stealer-lumma-successor-using-etherhiding

#malware #databreach #threatintelligence

Remus 64-bit Stealer: Lumma Successor Using EtherHiding

Remus, a 64-bit Lumma successor, steals browser creds/cookies and crypto wallets, using direct syscalls, Chrome injection, and EtherHiding C2 via Ethereum

SOC Prime