CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile
CTI Labs ๐Ÿงช

@ctilabs

๐Ÿ” Cyber Threat Intelligence | OSINT | Dark Web | APT | ICS | Stay updated with latest feeds, tools and insights.

ID: 1652365960341344256

calendar_today29-04-2023 17:36:02

642 Tweet

185 Takipรงi

601 Takip Edilen

CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ Horns & Hooves Campaign Delivers NetSupport RAT ๐Ÿšจ A new phishing campaign, dubbed "Horns & Hooves," is targeting users with malicious scripts disguised as business documents. Here's what you need to know: ๐Ÿ”‘ Key Details: - Campaign active since March 2023, targeting

๐Ÿšจ Horns & Hooves Campaign Delivers NetSupport RAT ๐Ÿšจ  

A new phishing campaign, dubbed "Horns & Hooves," is targeting users with malicious scripts disguised as business documents. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- Campaign active since March 2023, targeting
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ Kimsuky APT Group's Phishing Campaign Analysis ๐Ÿšจ The Kimsuky group, a North Korea-linked APT, continues to target South Korean organizations with phishing campaigns. Here's what you need to know: ๐Ÿ”‘ Key Details: - Targets: Researchers, government, and related

๐Ÿšจ Kimsuky APT Group's Phishing Campaign Analysis ๐Ÿšจ  

The Kimsuky group, a North Korea-linked APT, continues to target South Korean organizations with phishing campaigns. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- Targets: Researchers, government, and related
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ AgentTesla Returns with Updated Loader & Advanced Encryption ๐Ÿšจ The infamous **AgentTesla** infostealer is back, with attackers refining their techniques after a failed campaign. Here's what you need to know: ๐Ÿ”‘ Key Details: - Initial attack failed due to a missing

๐Ÿšจ AgentTesla Returns with Updated Loader & Advanced Encryption ๐Ÿšจ  

The infamous **AgentTesla** infostealer is back, with attackers refining their techniques after a failed campaign. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- Initial attack failed due to a missing
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ SmokeLoader Targets Companies in Taiwan ๐Ÿšจ A sophisticated phishing campaign using **SmokeLoader** malware has been observed targeting industries in Taiwan, including manufacturing, healthcare, and IT. Here's what you need to know: ๐Ÿ”‘ Key Details: - **Delivery

๐Ÿšจ SmokeLoader Targets Companies in Taiwan ๐Ÿšจ  

A sophisticated phishing campaign using **SmokeLoader** malware has been observed targeting industries in Taiwan, including manufacturing, healthcare, and IT. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- **Delivery
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ RevC2 & Venom Loader Campaigns Unveiled ๐Ÿšจ Zscaler ThreatLabz has uncovered two new malware families, **RevC2** and **Venom Loader**, used in sophisticated campaigns by the Venom Spider group. Here's what you need to know: ๐Ÿ”‘ Key Details: - **RevC2**: A backdoor using

๐Ÿšจ RevC2 & Venom Loader Campaigns Unveiled ๐Ÿšจ  

Zscaler ThreatLabz has uncovered two new malware families, **RevC2** and **Venom Loader**, used in sophisticated campaigns by the Venom Spider group. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- **RevC2**: A backdoor using
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ Threat Assessment: Howling Scorpius (Akira Ransomware) ๐Ÿšจ The **Howling Scorpius** group, behind the Akira ransomware, is among the top 5 most active ransomware groups. Here's what you need to know: ๐Ÿ”‘ Key Details: - **Double Extortion**: Exfiltrates data before

๐Ÿšจ Threat Assessment: Howling Scorpius (Akira Ransomware) ๐Ÿšจ  

The **Howling Scorpius** group, behind the Akira ransomware, is among the top 5 most active ransomware groups. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- **Double Extortion**: Exfiltrates data before
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ New Andromeda/Gamarue C2 Cluster Discovered ๐Ÿšจ Cybereason has uncovered a new cluster of Andromeda/Gamarue C2 servers targeting manufacturing and logistics companies in the APAC region. Here's what you need to know: ๐Ÿ”‘ Key Details: - Target: APAC manufacturing and

๐Ÿšจ New Andromeda/Gamarue C2 Cluster Discovered ๐Ÿšจ  

Cybereason has uncovered a new cluster of Andromeda/Gamarue C2 servers targeting manufacturing and logistics companies in the APAC region. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- Target: APAC manufacturing and
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ November 2024: Security Issues in the Financial Industry ๐Ÿšจ AhnLab's latest report highlights major cyber threats targeting the financial sector in South Korea and globally. Here's a breakdown: ๐Ÿ”‘ Key Threats: - Database leaks: - Hungarian bank OT*** data leaked on

๐Ÿšจ November 2024: Security Issues in the Financial Industry ๐Ÿšจ  

AhnLab's latest report highlights major cyber threats targeting the financial sector in South Korea and globally. Here's a breakdown:  

๐Ÿ”‘ Key Threats:  
- Database leaks:  
  - Hungarian bank OT*** data leaked on
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ Russian Programmer Wanted by FBI to Stand Trial in Kaliningrad ๐Ÿšจ A programmer accused of creating ransomware is set to face trial in Kaliningrad. Here's what we know: ๐Ÿ”‘ Key Details: - The accused, identified as Mikhail Matveev, is wanted by the FBI, which has offered

๐Ÿšจ Russian Programmer Wanted by FBI to Stand Trial in Kaliningrad ๐Ÿšจ  

A programmer accused of creating ransomware is set to face trial in Kaliningrad. Here's what we know:  

๐Ÿ”‘ Key Details:  
- The accused, identified as Mikhail Matveev, is wanted by the FBI, which has offered
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ Operation Destabilise: NCA Disrupts Multi-Billion Russian Money Laundering Networks ๐Ÿšจ The National Crime Agency (NCA) has dismantled Russian money laundering networks linked to drugs, ransomware, and espionage. Here's what you need to know: ๐Ÿ”‘ Key Details: - Two

๐Ÿšจ Operation Destabilise: NCA Disrupts Multi-Billion Russian Money Laundering Networks ๐Ÿšจ  

The National Crime Agency (NCA) has dismantled Russian money laundering networks linked to drugs, ransomware, and espionage. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- Two
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks ๐Ÿšจ A joint advisory from Australia, Canada, New Zealand, and the U.S. highlights a cyber espionage campaign by **PRC-backed Salt Typhoon** targeting telecom providers. Here's what you need to

๐Ÿšจ Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks ๐Ÿšจ  

A joint advisory from Australia, Canada, New Zealand, and the U.S. highlights a cyber espionage campaign by **PRC-backed Salt Typhoon** targeting telecom providers. Here's what you need to
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware ๐Ÿšจ The Black Basta ransomware group has launched a new social engineering campaign with updated tactics and malware payloads. Here's what you need to know: ๐Ÿ”‘ Key Details: - Initial access: Email

๐Ÿšจ Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware ๐Ÿšจ  

The Black Basta ransomware group has launched a new social engineering campaign with updated tactics and malware payloads. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- Initial access: Email
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ From a Regular Infostealer to an Obfuscated Version ๐Ÿšจ A new analysis reveals how attackers are using advanced obfuscation techniques to bypass security controls and make malware analysis more challenging. Here's what you need to know: ๐Ÿ”‘ Key Details: - Malware:

๐Ÿšจ From a Regular Infostealer to an Obfuscated Version ๐Ÿšจ  

A new analysis reveals how attackers are using advanced obfuscation techniques to bypass security controls and make malware analysis more challenging. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- Malware:
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ Phishing Malware Impersonating the National Tax Service (NTS) ๐Ÿšจ AhnLab has observed a surge in phishing emails impersonating the National Tax Service (NTS), especially during tax filing periods. Here's what you need to know: ๐Ÿ”‘ Key Details: - Delivery methods: 1.

๐Ÿšจ Phishing Malware Impersonating the National Tax Service (NTS) ๐Ÿšจ  

AhnLab has observed a surge in phishing emails impersonating the National Tax Service (NTS), especially during tax filing periods. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- Delivery methods:  
  1.
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ C2 in Browser Isolation Environments: A Novel Attack Technique ๐Ÿšจ Mandiant has uncovered a new method to bypass browser isolation technologies using QR codes for command-and-control (C2). Here's what you need to know: ๐Ÿ”‘ Key Details: - **Browser Isolation Types**:

๐Ÿšจ C2 in Browser Isolation Environments: A Novel Attack Technique ๐Ÿšจ  

Mandiant has uncovered a new method to bypass browser isolation technologies using QR codes for command-and-control (C2). Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- **Browser Isolation Types**:
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ Threat Actor Targets Manufacturing Industry with Lumma Stealer & Amadey Bot ๐Ÿšจ Cyble has uncovered a sophisticated campaign targeting the manufacturing sector. Here's what you need to know: ๐Ÿ”‘ Key Details: - Attack starts with a malicious LNK file disguised as a PDF,

๐Ÿšจ Threat Actor Targets Manufacturing Industry with Lumma Stealer & Amadey Bot ๐Ÿšจ  

Cyble has uncovered a sophisticated campaign targeting the manufacturing sector. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- Attack starts with a malicious LNK file disguised as a PDF,
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ VPN Exploitation in SaaS Environments: Darktrace Detection ๐Ÿšจ Darktrace uncovered a phishing attack leveraging VPNs to exploit SaaS environments. Here's what happened: ๐Ÿ”‘ Key Details: - Attack began with a phishing email compromising an internal account. - Threat

๐Ÿšจ VPN Exploitation in SaaS Environments: Darktrace Detection ๐Ÿšจ  

Darktrace uncovered a phishing attack leveraging VPNs to exploit SaaS environments. Here's what happened:  

๐Ÿ”‘ Key Details:  
- Attack began with a phishing email compromising an internal account.  
- Threat
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ The Growing Threat of DocuSign Phishing Attacks ๐Ÿšจ Cado Security Labs has identified a spearphishing campaign targeting tech executives using fake DocuSign emails. Here's what you need to know: ๐Ÿ”‘ Key Details: - Attackers mimic DocuSign branding to trick users into

๐Ÿšจ The Growing Threat of DocuSign Phishing Attacks ๐Ÿšจ  

Cado Security Labs has identified a spearphishing campaign targeting tech executives using fake DocuSign emails. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- Attackers mimic DocuSign branding to trick users into
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ Payroll Pirates: HR Phishing Campaign Targets Payroll Systems ๐Ÿšจ Silent Push has uncovered a phishing campaign, dubbed "Payroll Pirates," targeting HR payroll systems to redirect employee funds. Here's what you need to know: ๐Ÿ”‘ Key Details: - Attackers use phishing

๐Ÿšจ Payroll Pirates: HR Phishing Campaign Targets Payroll Systems ๐Ÿšจ  

Silent Push has uncovered a phishing campaign, dubbed "Payroll Pirates," targeting HR payroll systems to redirect employee funds. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- Attackers use phishing
CTI Labs ๐Ÿงช (@ctilabs) 's Twitter Profile Photo

๐Ÿšจ German Authorities Shut Down Crimenetwork, Germany's Largest Crime Marketplace ๐Ÿšจ German authorities have dismantled Crimenetwork, a major online crime marketplace. Here's what you need to know: ๐Ÿ”‘ Key Details: - Crimenetwork was a hub for illegal activities, including

๐Ÿšจ German Authorities Shut Down Crimenetwork, Germany's Largest Crime Marketplace ๐Ÿšจ  

German authorities have dismantled Crimenetwork, a major online crime marketplace. Here's what you need to know:  

๐Ÿ”‘ Key Details:  
- Crimenetwork was a hub for illegal activities, including