New feature now available to premium AND community users! Per popular request, Validin now supports pivoting of certificate SHA256 hashes in addition to SHA1. This pivot makes it easier to continue searches from or on other platforms that favor SHA256.

This one is a good example how infrastructure is reused by different actors. 216.189.159[.]34 - BianLian Ransomware💰 216.189.159[.]34 - North Korean APT 🇰🇵 Intel-Ops

Cybersecurity "experts" be like... APTs in 2024 will be using Artificial Intelligence to create undetectable malware, payloads, zero-day exploits, cyber weapons, and probably some cyber nuclear bombs too🥱 Meanwhile, APTs (Muddy Water 🇮🇷)in 2024 🙃

We are pleased to announce a new partnership between Intel-Ops and Hunt.io🤝 This partnership will provide all current and new IntelOps students with access to the Hunt.io platform. Students will learn to use the platform effectively for exploring new

Hunting Cobalt Strike C2 with Validin🎯 Initial node acquired by Intel-Ops 213.148.25.161 (0/90 VT)

APT43/Kimsuky (Black Banshee)🇰🇵 /141.11.95.135 /67.217.60.68 /67.217.62.219 /185.141.171.31 /185.203.119.14 /note.iiiii.info /share-defence.uberlingen.com /imagedownload.ignorelist.com /signin-ym.quest /mnlp.quest /oso-usps.com /drives.youramys.com /www.uidlogin.o-r.kr

Interesting recently created (2024-05-22) domain impersonating GE HealthCare. Resolving to 46.101.212[.]131, running #CobaltStrike server. Using Hunt.io we can see: ➡️the DNS record, ➡️Hoster: DigitalOcean, ➡️Watermark: 987654321 (cracked version).