📢I recently investigated a campaign targeting the cryptocurrency industry. I wrote a detailed report that includes TTP, IOC and more. Here is a thread about this attack! 🧵👇 Microsoft Threat Intelligence @MicrosoftAU #infosec #cryptocurrency #threatintelligence #apt microsoft.com/en-us/security…

#APT32 #OceanLotus #Torii #APT #IoT C&C: top.haletteompson[.]com threatbook.io/domain/top.hal… eu-draytek[.]com threatbook.io/domain/eu-dray… #CyberAttack #Trojans #malware #threatintelligence #threatintelligence

Cybercrime (and Security) Predictions for 2023 thehackernews.com/2022/12/cyberc… via The Hacker News #cyberattacks #cybercrime

#APT #Gamaredon #threatintel #threatintelligence #ThreatHunting

enjoy. #threatintelligence

Oracle updated Critical Patch for CVE-2023-21839 #Vulnerability: oracle.com/security-alert…

1/ In 2022, ransomware attackers extorted at least $457M from victims, down from $766M the year before—a huge drop of 40.3%. In this blog, we break down this phenomenon and explore some key ransomware trends from the past year. 🧵bit.ly/3HcFjM7

ThreatBook captured two new lures of #SideWinder #APT aimed at Pakistan, titled "Overview of Flood Situation in Pakistan" and "Guidelines for Beacon Journal: 2023 Pakistan Navy War College (PNWC)." C2: mofs-gov.]org:threatbook.io/domain/mofs-go… sinacn[.co:threatbook.io/domain/sinacn.…

ThreatBook discovered a new #phishing gang with a certain scale that aims to target Universities, Governments, etc.  This gang registered a batch of domains for phishing purposes centrally in December 2022 and January 2023.  IOCs: threatbook.io/ip/103.143.159… threatbook.io/domain/ansteei…

Quick update on #APT29: discovering a parent sample of the previous one. filename: Instructions.html md5:68fd2c59b770ab7bef3c5dc8d2b43e94 drop file:Instructions.iso67a6774fbc01eb838db364d4aa946a98 domain intelligence: threatbook.io/domain/literat… #ThreatHunting #Threat #APT

New #C2 related to #APT #Donot was discovered from our cyberspace mapping. mfglogged[.]buzz Check it out: threatbook.io/domain/mfglogg… #threatintelligence

"Do you provide API access for community members?" 👊Sure thing. Community API will be available soon! We care about every piece of feedback from our members. Welcome to register an account to explore our #cyber #threat #intelligence at threatbook.io.

According to the data statistics on global ransomware monitoring in January by ThreatBook, we observed 18 ransomware-initiated 186 attack activities. Welcome to check out our special research on the Dual Trap of "#Royal #Ransomware" and "Encrypter": threatbook.io/blog/Unveiling…

An IOC associated with the #Sidewinder #APT was discovered on March 20, 2023. hope this sharing will be helpful for you and your organization's security team in further investigation or response. pak-govt[.]net threatbook.io/domain/pak-gov… #ThreatHunting #ThreatIntelligence

We discovered a New IOC related to #APT32 #OceanLotus: 185.82.126.4:8888 threatbook.io/ip/185.82.126.4 APT32 is known for using a variety of sophisticated hacking techniques, including custom malware, spear-phishing attacks, etc, to gain access to its targets' systems. #ThreatIntel

Our intelligence API is now out! It is easy to get the API key under your account to explore. If you love it, please keep sharing, recommend it to your friends. 😉😉😉 Here is our documentation: threatbook.io/api/ip-report Any questions, just DM ME! #threatintel #ThreatHunting

#threatintel #CTI Recently, we captured a batch of samples with the topic of the #OnlyFans platform video leaks. Attackers used pornographic images to lure users into executing Trojan files disguised as videos, suspected of stealing user #Facebook tokens. threatbook.io/blog/id/1087

We are excited to announce that we have launched a Free 30-day trial for our Premium API service! We would like to invite all ThreatBook CTI users to explore our comprehensive threat intelligence. Quick apply： threatbook.io/contactus?sour… #ThreatIntelligence #SOC #CTI