🆕 Last week's #CobaltStrike #beacon configs and Team Servers are out now 👇 github.com/IronNetCyberse… Insights from our Cobalt Strike dashboard 🔍

========= Master XSS ========= Share this with your friends 😀 Tags: #cybersecurity #hacking #bugbounty #xss #masterXSS #infosec #offsec #labs Check :🧵0/n 👇

Tracking Cobalt Strike Servers Used in Cyberattacks on Ukraine | One of the ways Cobalt Strike operators obfuscate communications between a beacon planted on a victim system and the C2 server is through the use of a malleable profile. ironnet.com/blog/tracking-… IronNet Threat Research

At the beginning of May, IronNet’s Threat Research Team discovered a #cyberattack campaign by MUMMY SPIDER and #Emotet designed to test TTPs for future campaigns. Read more about our findings here ⤵️ ironnet.com/blog/detecting…

This is so disappointing.

Ridiculous vulnerability disclosure process with CrowdStrike Falcon Sensor modzero.com/modlog/archive…

For LastPass folks: blog.lastpass.com/2022/08/notice…

Pivoting off of one of the IPs in the TAG report, #IronNetTR found 6 other suspected HYPERSCRAPE servers associated with Iranian #APT35: 136.243.108[.]9 136.243.108[.]10 136.243.108[.]11 136.243.108[.]12 136.243.108[.]13 195.201.46[.]42

I'm excited to announce the release of #IronRadar! I’m incredibly proud of this team for the countless number of hours that they have put in to getting this over the finish line. Brett Fitzpatrick Peter Rydzynski Morgan Demboski Myl raymond lynch ironnet.com/news/ironnet-l…

This is stolen from the vx-underground GitHub malware collection. They moved some categories around - but this is it verbatim. You're welcome for the malware source code, nerds. That is years of hard work on our end collecting them and curating them.

2022 TOP Malware Families

From our #IronRadar collections, let’s take a look at some of the domains recently mentioned by Michael Rumple in their #RoyalRansomware post unit42.paloaltonetworks.com/royal-ransomwa… such as kasperslkyupdate[.]com and kasperskyupdates[.]com

Can you quickly tell which of the URLs below is legitimate and which one is a malicious phish that drops evil.exe? I walk through a few of the dangers of Google's new .zip TLD in my blog post here: medium.com/@bobbyrsec/the… Appreciate all the likes/retweets I've seen already!

📰 #IronRadar April Update 🎯 6 new detections (e.g. sliver: c2.http.listener) 📈 Stealc (+32%) Viper (+19%) 🕵️ Detected Bl00dy Ransomware Gang

Excited to present my first article with Sophos X-Ops! In this blog, we introduce a new initial access #malware campaign called Nitrogen that uses malvertising & impersonates popular software to compromise enterprise networks & drop #CobaltStrike news.sophos.com/en-us/2023/07/…

📰New blog is out discussing new Adload C2, the resurfacing of UpdateAgent, and more MacOS #Malware discovered by our threat hunters SneakyHedgehog and Austin Tippett in the 🍏Education Sector of IronDome Check it out ⤵️ ironnet.com/blog/back-to-s… #CollectiveDefense

Since October, we've not only seen an uptick in Akira #ransomware attacks, but also a new trend of Akira actors stealing data without deploying ransomware for extortion. Check out my latest article for more info on Akira's latest tactics ⤵️ news.sophos.com/en-us/2023/12/…

Still observing this as of today. Now using share[.]google for the initial redirect.