❗Together with the Military Counterintelligence Service we've detected an ongoing espionage campaign linked to the APT29/NOBELIUM group. We're publishing detailed technical analysis of their latest tools, mostly never publicly described before. Read more: gov.pl/web/baza-wiedz…

From our #IronRadar collections, let’s take a look at some of the domains recently mentioned by Michael Rumple in their #RoyalRansomware post unit42.paloaltonetworks.com/royal-ransomwa… such as kasperslkyupdate[.]com and kasperskyupdates[.]com

#TrueBot is indeed back! First reported by Group-IB: x.com/GroupIB_TI/sta… #IronRadar is tracking active c2.http.listener(s): 45.182.189.91:80 45.182.189.91:443 45.227.253.100:80 Silence: attack.mitre.org/groups/G0091/

📰 #IronRadar April Update 🎯 6 new detections (e.g. sliver: c2.http.listener) 📈 Stealc (+32%) Viper (+19%) 🕵️ Detected Bl00dy Ransomware Gang

oof you know it's bad when you have to replace the appliance

Really exciting to see other brands parter with Tesla to adopt NACS and to utilize the supercharging network! The other charging networks just cannot compete. Who’s next? 🔌

📰 #IronRadar May Update 🎯 10 new detections (e.g. #Havoc: c2.http.listener) 📈 #Qakbot (+72%) #DcRat (+66%) 🕵️ Detected Black Basta & ALPHV #threatintel

#IronRadar has been tracking 44 indicators of #c2 🕹️infra observed internally and through public reporting leading to #ALPHV/#BlackCat #ransomware. Let's take a look at how we got here via our research below with IOCs on GitHub ⬇️

👏It’s really amazing to see all of the work that the Filigran team has put into OpenCTI over the past few years and to see the community of connectors grow. If you're looking to change TIPs, check them out: github.com/OpenCTI-Platfo… Check out our latest connector update ⤵️

All of JA4+ in Wireshark! The JA4+ Plugin is now available! github.com/FoxIO-LLC/ja4/…

I mean… he’s not wrong 🤷‍♂️

After infiltrating LockBit's systems, we gathered a lot of information about their criminal activity and those who worked with them. Including their network of 194 hackers or 'affiliates' who we'll be in touch with very soon. Until then, we hope they have a nice day 🙂 #Cronos

A leader of what was once the world’s most harmful cyber crime group has been unmasked and sanctioned by the UK, US and Australia, following an NCA-led international disruption campaign. #Cronos FBI Europol Full story ➡️ nationalcrimeagency.gov.uk/news/lockbit-l…

Mechazilla has caught the Super Heavy booster!