Spending a Keysight to the spectrum measure of a microwave oven? Waste! For this, a penny TinySA is completely enough :)
#SIGINT
| Work in: | https://ioc.exchange/@gsc |
Kir a/k/a Dober 
- 42 Followers
- 26 Following
- 127 Posts
AmtelSvyaz (Dozor - Teleport) said that they do not work with MoD RU. But @herm1t published actual screenshot which clearly shows that's not the case. "МО РФ" in the stations list (highlighted) means "MoD RU", btw, they confirmed the attack, they also serve occupied territories
CyberNews: Russian satellite telecom Dozor allegedly hit by hackers
https://cybernews.com/cyber-war/dozor-russian-satellite-telecom-hacked/
https://cybernews.com/cyber-war/dozor-russian-satellite-telecom-hacked/
"According to monitoring, Dozor is still down, and among their clients are Northern Fleet ships, a nuclear power plant, military units of the Ministry of Defense and the FSB in very remote locations. It is nice to see russians fighting amongst themselves."
(by @herm1t )
(by @herm1t )
To all my foreign friends.
This is #Kyiv. The capital of #Ukraine.
Today a war criminals strikes from the air at civilian building.
I call to your memory of 9/11, now Ukrainians have their own one.
I ask you to demand from your Government:
Close Ukrainian Sky Immediately!
This is #Kyiv. The capital of #Ukraine.
Today a war criminals strikes from the air at civilian building.
I call to your memory of 9/11, now Ukrainians have their own one.
I ask you to demand from your Government:
Close Ukrainian Sky Immediately!
Currently, there is no official patch or workaround for this #vulnerability.
#0day #XSS in #Zimbra 8.8.15 (P29 & P30), that has been used in (Chinese?) targeted spear-phishing campaigns against EU gov. Threat actor currently tracked by the Volexity as #TEMP_Heretic and attributed as Chinese-based by indirect evidence without linked to previously known #APT`s. Tech report with IOCs by Volexity: https://www.volexity.com/blog/2022/02/03/operation-emailthief-active-exploitation-of-zero-day-xss-vulnerability-in-zimbra/
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra
[UPDATE] On February 4, 2022, Zimbra provided an update regarding this zero-day exploit vulnerability and reported that a hotfix for 8.8.15 P30 would be available on February 5, 2022. This vulnerability was later assigned CVE-2022-24682 and was fixed in version 8.8.15P30 Update 2 of Zimbra Collaboration Suite. In December 2021, through its Network Security Monitoring service, Volexity identified a series of targeted spear-phishing campaigns against one of its customers from a threat actor it tracks as TEMP_Heretic. Analysis of the emails from these spear phishing campaigns led to a discovery: the attacker was attempting to exploit a zero-day cross-site scripting (XSS) vulnerability in the Zimbra email platform. Zimbra is an open source email platform often used by organizations as an alternative to Microsoft Exchange. The campaigns came in multiple waves across two attack phases. The initial phase was aimed at reconnaissance and involved emails designed to simply track if a target […]
CVE in #Log4j 1.2.x Especially for #Zimbra who keep sticking your head in the sand. https://logging.apache.org/log4j/1.2/