Wanna join the team?

proofpoint.wd5.myworkdayjobs.com/en-US/Proofpoi…

Day to day:
Write intrusion detection rules for the Snort and Suricata platforms

Answer support questions about rule guidance and false positives

Work with the open source community to maintain and optimize the ETOpen ruleset

Some fresh encoded #formbook in an #opendir at:

http://dianomefs .cfd/Ajai/

From IcedID to Dagon Locker Ransomware in 29 Days

🌟Analysis & reporting completed by Renzon, Angelo Violetti & UC1

🎵Audio: Available on Spotify, Apple, YouTube and more!

🏹Services: thedfirreport.com/services/

📚Report: thedfirreport.com/2024/04/29/fro…

If you've been monitoring that #phorpiex 'Your Document' with document\.zip from Jenny @ gsd . com, it's now dropping #lockbit hosted at:

http:// 193.233 .132 .177/lbb.exe

app.any.run/tasks/206f3ae9…

Come join the hunt! Looking for a Senior threat Hunter in the UK
careers.dragos.com/jobs/2059?lang…

#redditdown

'Sharpil RAT/SL RAT' (but really #echelon )

app.any.run/tasks/52ceb9e9…

Regarding change control, does a reboot of a device constitute a change?

Have Elastic and security experience? Why not work with me in protecting Thought Machine against threats! Apply below, DMs open - thoughtmachine.avature.net/careers/JobDet…

Hello everyone! If you remember - 3 weeks ago I twitted twitter.com/naumovax/statu… about the interesting infection chain 🧐
Today I and my teammate posted great research about the #SteganoAmor campaign of #TA558 mass-attacking all around the world 🌐⬇️
ptsecurity.com/ww-en/analytic…

Crazy world we live in..

Microsoft: Free updates for the life of the OS!

Ubuntu: Pay us or you don't get an update for ntp (widely used on the perimeter).

🤷

(yes, I'm aware about the 5 free)

A Snap tale in four parts 🙃🤷‍♂️

Useful blog post for beginners approaching ghidra for the first time by Omar

byte.how/posts/what-are…

#ghidra #cybersecurity

Some fresh #rustystealer :

app.any.run/tasks/12ebfc62…

Dear Reddit

The new interface change is ghastly. That is all.

Linux forensic cheatsheet

fareedfauzi.github.io/2024/03/29/Lin…

Protip: Probably time to drop cloudflare-ipfs . com at the perimeter/proxy level.

A (late again :( ) csv formatted list of #malspam campaigns that crossed my path in March to include subjects, malware, hashes, c2's, and email exfil addresses. Side note; #phorpiex campaign at 35K+ is the largest I've seen and ongoing:

gist.github.com/silence-is-bes…

#retrohunt

More #hagga via booking . com #malspam pdf -> js -> #originlogger

app.any.run/tasks/6e0e4947…

🚨New research reveals a cyber espionage campaign targeting Indian government, including agencies responsible for electronic communications, IT governance, and national defense. Full details on the tactics and implications are here: blog.eclecticiq.com/operation-flig… #CyberSecurity #Malware