PEGASUS
Los datos adicionales proporcionados por Francia en relación con el caso Pegasus incluyen “indicadores de compromiso” (IOCs), que son una serie de datos que pueden indicar que un sistema ha sido comprometido por un atacante. Estos indicadores pueden incluir direcciones

New #opendir discovery with #RisePro stealer detected.

IP: 194.37.97[.162

🔹BecauseBranch.exe
C2: 37.120.237[.196:50500

🔹UncleLt4.exe #nemesis
IoCs:
retdirectyourman[.eu
supfoundrysettlers[.us
149.248.79[.62

🔍 IoC query Censys:
🌐 services.http.response.html_title='Soon'

Read more! This report includes substantive mitigations, SolarMarker detections, MITRE ATT&CK mapping, IOCs, and more!

PDF: go.recordedfuture.com/hubfs/reports/…

🚨 Beware of #XenoRAT , a #malware that's now being used by dozens of threat actors. And check twice before loading an 'educational' RAT on GitHub 👾

Learn about the #RAT and collect its samples & #IOCs ⤵️
any.run/malware-trends…

🚨 Healthcare & Public Health Sector orgs❗

Review our latest #cybersecurity advisory on #BlackBasta ransomware containing #TTPs & #IOCs developed with FBI, @HHSgov & Center for Internet Security (CIS)'s MS-ISAC. More info at cisa.gov/news-events/cy… #StopRansomware

👀 🚨- New Recorded Future report! This report, from my colleague Julian-Ferdinand, leverages Recorded Future Network Intelligence to examine the layered infrastructure and evasion techniques employed by SolarMarker. And yes, there are IOCs! recordedfuture.com/exploring-the-…

Our monthly IOC report has arrived, totaling 3,486 #DIB and #USG sourced IOCs in April. This is vital for staying ahead in cyber defense allowing you timely insights into emerging threats, enabling proactive measures to safeguard your systems and data.
#CyberSecurity #InfoSec

#Fin7 Apart from google meet, They masquerading/using SAP, HubSpot and more.

here is Censys/Fofa qury to find more

IOCs: pastebin.com/HpK8WDz7

Michael Koczwara thansk for brainstorming 🙏

search.censys.io/search?resourc…

en.fofa.info/result?qbase64…

#apk #opendir #malware

202.79.165.160:9080
202.79.165.162:9080
202.79.165.170:9080
#AS152194 CTG Server Limited

Detection: Trojan-Banker.AndroidOS

All IOCs: paste.ee/r/eBZXH/0

Hello everyone,

We are happy to share with you fresh #Darkgate IOCs.

eml > pdf > geofenced URL > jar > ps > zip > autoit3.exe & malicious a3x script

#IOCs :
- afarm[.]net
- adventsales[.]co[.]uk

#malware #threatintel #emailsecurity

Ready to create detection/hunt rule for Sublime Security as soon as there is more info / IOCs.

IOC’s leaving mature African basins for ‘frontiers like Namibia and Guyana’ - S&P | OilNOW…only one company has prime assets across both basins… ⁦Eco Atlantic Oil & Gas⁩ #Eco $eco $eog.v oilnow.gy/featured/iocs-…

🚨 Phishing PDF File Evaded Nearly All the AV Solutions 🚨

📌 VT Detection: 7 / 65

📁 Filename: Fnb Payment.pdf
🔐 MD5: ba6039f82e0f08711279adc9f4e9f92a
🕵️‍♂️ IOCs:
- https[:]//wearned.com/

DOCGuard Report: app.docguard.io/65d070b5c2e867…

999 protected folders + 2 rar containing same configuration related files

Opendir http[:]//173[.]232[.]109[.]208[.]host[.]secureserver[.]net/entrada/ used to scam/phishing companies in name of Banco Bradesco.

GoDaddy.com, LLC
AS26496

More IOCs below & images.

🚨 Phishing PDF File Evaded All the AV Solutions 🚨

📌 VT Detection: 1 / 63

📁 Filename: EFT-Payment.pdf
🔐 MD5: 12d4c4978092229073cf4d4d57729f2e
🕵️‍♂️ IOCs:
- https[:]//bafkreig6e4hmlnuktybscumout2n4ntbka34db5vtscvx5tknmzs3h5bsu.ipfs.cf-ipfs.com/

DOCGuard Report:

⚠️TweetFeed⚠️collects Indicators of Compromise (IOCs) shared by the infosec community on Twitter. Here you will find malicious URLs, domains, IPs, & SHA256/MD5 hashes. Link in sub-post.👇

#TweetFeed #OSINT #CTI #Clearnet #DarkWeb #DarkWeb Informer #Cybercrime #Cybersecurity

🚨 Phishing HTML File Evaded Most of the AV Solutions 🚨

📌 VT Detection: 2 / 60

📁 Filename: Attach.html
🔐 MD5: 50bb75d6e28550c7639975d5d3d56d61
🕵️‍♂️ IOCs:
- https[:]//bc1q7syczyekazugzppa6kcse4n.com/

DOCGuard Report: app.docguard.io/d2f166b0669a67…

🚨 Pakistan Prime Minister's Office Themed Phishing PDF File Evaded All the AV Solutions 🚨

📌 VT Detection: 0 / 63

📁 Filename: Outstanding Payment of Tender upload fee - PPRA.pdf
🔐 MD5: d4eb4cee8aeb6f2ea36afadeda9dbb23
🕵️‍♂️ IOCs:
- http[:]//docs.mofa-services-server.top/
-

めんどくさいことすなよ

Further Clarifications on The Circular on Cash Pooling of Repatriated Oil And Gas Export Proceeds by International Oil Companies (IOCS)

ow.ly/Yk8k50RyPpJ