Scammer: Knock, knock 🚪🕵️‍♂️

Revolut Biometrics: Not on my watch 🖐️🚫

New user-agent used by #Raccoon Stealer: 'MrBidenNeverKnow' (as mentioned by the Raccoon operator interviewed by Who said what)

Recent C2 servers:
178.20.41.]15
193.233.132.]15
23.227.196.]198
37.49.230.]54
94.103.93.]70

Top Active #Ransomware Groups November🎯

-Lockbit: 110 🔺
-BlackCat: 44 🔺
-Play: 44 🔺
-Black Basta: 33 🔺
-8Base: 31 🔺
-No Escape: 24 🔻
-Akira: 20 🔺
-INC: 15 🔺
-Hunters: 15 🆕
-Medusa Blog: 14 🔺

Total Victims: 467 💥

More Info: DARKFEED.IO

Hackers breach US govt agencies using Adobe ColdFusion exploit - Bill Toulas
bleepingcomputer.com/news/security/…

bleepingcomputer.com/news/security/…

Microsoft has identified a Russian-based nation-state threat actor tracked as Forest Blizzard (STRONTIUM, APT28, FANCYBEAR) actively exploiting CVE-2023-23397 to provide secret, unauthorized access to email accounts within Exchange servers: msft.it/6018iPOLm

Practical Windows Forensics Cheat Sheet! 🔥

Quick reminder that you can find the cheat sheet of our Practical Windows Forensics course for FREE on Github: github.com/bluecapesecuri…

Furthermore, the full course is now available including in-browser labs! lnkd.in/gpS-ZSfa

OpenAI is nothing without its people

A weaponized #MicrosoftWord doc disguised as talking points to support Ukraine entry into #NATO was employed by pro-Russian APT #Storm -0978. In this article, we analyze the complex exploit chain used — and reveal #CVE202336584 — a new vulnerability. bit.ly/3QTuNze

Phishing attacks are getting smarter! Cybercriminals are now using QR codes, CAPTCHAs, and steganography to trick victims.

Learn how to spot the signs and protect yourself from credential theft.

Read: thehackernews.com/2023/11/how-mu…

#cybersecurity #hacking #infosec

Suspicious #GitHub accounts, #crypto theft, new #malware families and fake jobs — tracking two campaigns linked to North Korean threat actors has uncovered a complex web we detail in full. Read now: bit.ly/3MRYLRT

Tip: Made a little bookmark that will color highlight any keyword of interest on any webpage. Think of it as CTRL+F plus. Useful for getting a quick overview of certain keywords appear on the page you are researching.
Download and usage instructions here: github.com/Dutchosintguy/……

FBI: Ransomware gangs hack casinos via 3rd party gaming vendors - Bill Toulas
bleepingcomputer.com/news/security/…

bleepingcomputer.com/news/security/…

MuddyC2Go – Latest C2 Framework Used by Iranian APT MuddyWater Spotted in Israel
deepinstinct.com/blog/muddyc2go…

🚨Alert🚨QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices
CVE-2023-23368 CVSS score:9.8
CVE-2023-23369 CVSS score:9.0

Hunter: hunter.how/list?searchVal…

Dorks👇👇👇
FOFA : app='QNAP-NAS'
SHODAN: os:'QTS'
📰Refer to thehackernews.com/2023/11/qnap-r…
#infosec #Infosys

Linux and access permissions - Excellent post => Clear diagram for easy understanding 👇👇👇👇

Very nice post for OSINT lovers like me 😅👇👇👇

How I Hacked 1000 + Tesla Cars using OSINT | by Harish SG | Oct, 2023 | InfoSec Write-ups infosecwriteups.com/how-i-hacked-1…

Reverse engineering of USB flash drives with AES hardware encryption
Credits Matthias Deeg

blog.syss.com/posts/hacking-…
blog.syss.com/posts/hacking-…

#embedded #hardware #infosec #cybersecurity

Smart contract vulnerabilities 🧵

#infosec #cybersec #bugbountytips

Very interesting reading on reverse engineering and fuzzing the Starlink's User Terminal runtime internals
Credits Carlo Ramponi (quarkslab)

blog.quarkslab.com//starlink.html

#starlink #cybersecurity