The #SavvySeahorse threat actor initially reported by Infoblox in February has used CNAME records for their TDS in over 2,000 domains (and at least 80,000 FQDNs). Validin's PDNS database makes this detection trivial.

2,143 domains here:
pastebin.com/pza2BkRF

#belarus #kgb got hacked by Belarusian Cyber-Partisans. The KGB website is down for 2months. KGB database leaked on our tg channel t.me/cpartisans_by/…

OPEN SECRET: the same legislators & officials calling on companies to weaken encryption...

...are avid Signal users.

So are the staffers that write their bills.

Because, despite what they say, they can't do their jobs without the privacy protections of strong encryption.

Seems Sekoia.io sinkholed a #PlugX C2 and observed around 100.000 devices from 127 countries connecting.
Good job on this investigation 👍
blog.sekoia.io/unplugging-plu…

❗ Researchers at Spamhaus have identified an abuse problem for Internet Backbone and Colocation Provider, Hurricane Electric (Hurricane Electric) relating to AS394711, allocated to New Hampshire-based Limenet LLC.

Spamhaus currently assesses that Limenet is a bulletproof hosting operation;

⚠️ Cisco ASA & FTD Zero Day Vulnerabilities are now tracked as CVE-2024-20353 and CVE-2024-20359

sec.cloudapps.cisco.com/security/cente…

Hey ., sorry to disappoint but I am not going to help you hack #Halopesa Tanzania.
You should have flirted instead 😒🤣

cc:
Viettel Global
Viettel Group
VIETTEL CORPORATION

We expand a single domain reported by the FBI as part of a recent toll road smishing campaign into hundreds of phishing campaigns, including dozens related to 'unpaid toll' smishing scams.

Check out our latest blog post here:
validin.com/blog/hunting-f…

The United States FTC has banned non-compete agreements. We look forward to all of you creating a cyber security startup

ftc.gov/news-events/ne…

Maybe useful to some out here. No passwords shown, but domains of victim login data given.

Example search: .gov

Today Avast unveiled 'GuptiMiner'.

tl;dr eScan AV, out of India, used HTTP for AV updates, not HTTPS, North Korea man-in-the-middle'd updates to large networks to deliver malware

We give this APT campaign an A+ because it's absurdly well executed

decoded.avast.io/janrubin/gupti…

Yeah, commercial spyware and non-restricted government surveillance is definetly no issue...