Finally published #ChartingTheIOCs - a blog post to: - help #SysAdmins defend their networks 🛡️ - explain how SarlackLab’s mapping works - … and share my wisdom (rant) on hunting #C2 servers medium.com/@the_abjuri5t/… Let us know what your thoughts are! #OneTeamOneFight

⚠️PSA: Curated Intel DFIR has noticed a new trend among Akira Ransomware cases in Summer 2024. For a while, Akira has been exploiting Cisco ASA devices. ➡️ They are now targeting SonicWall SSL-VPNs for access with no MFA (!) and weak passwords (!). Other TTPs remain the same 🔍

Hello Namecheap.com, These domains are used by Lumma stealer: https://teachherwjw[.]shop/api https://condedqpwqm[.]shop/api Sample: tria.ge/240907-yqxbrav… The domains are registered at Namecheap. Thanks!

Phishing FakeTech at https://porzopornpedia[.]online/004/index.html #Phishing #namecheap Namecheap.com

Hi Namecheap.com Can you check these domains (linked to Lumma Stealer) and registered at Namecheap: deepymouthi[.]sbs consumeroo[.]sbs ferrycheatyk[.]sbs captaitwik[.]sbs snailyeductyi[.]sbs monstourtu[.]sbs

🌟New report out today!🌟 Navigating Through The Fog Analysis and reporting completed by Angelo Violetti, and reviewed by Zach. Audio: Available on Spotify, Apple, YouTube and more! thedfirreport.com/2025/04/28/nav…

Phishing ABN AMRO at https://abnmroinvestments[.]com/nl/ #Phishing #namecheap Namecheap.com ABN AMRO

Hi Namecheap.com Can you check this #mythic c2 panel on https://159[.]198[.]36[.]237 urlscan.io/result/0199c48… See also: docs.mythic-c2.net/home

Hi Namecheap.com Can you check https://69[.]57[.]163[.]151/ #clickfix See: urlscan.io/result/019afe8…