Definitely worth it 🍜

Since the apparition of the #Interlock ransomware, the Sekoia #TDR team observed its operators evolving, improving their toolset (#LummaStealer #BerserkStealer), and leveraging new techniques such as #ClickFix to deploy the ransomware payload. blog.sekoia.io/interlock-rans…

I’m so proud on all the folks at XINTRA - They work incredibly hard to put out quality content! If you’re looking for useful courses or training. Xintra is a great choice!

Introducing 🚀Eventlog Compendium 🚀 A new Streamlit app, that aims to be the go-to resource for understanding and playing with Windows Event Logs. Explore it 👉 eventlog-compendium.streamlit.app Includes the following utilities and docs ⚙️ Build your own Advanced Audit Policy based on

This is really bad. We’re not talking home users or mom-and-pop shops here - the systems affected are the backbone of major companies and orgs. People started scanning for helper.jsp and cache.jsp and found almost 600 compromised servers within hours. Big names among them. Tried

Check this out! #APT34 XINTRA

😂👀

🫶🏻

Fortinet dropped an APT34 report just days after we launched our APT34/OilRig lab: fortinet.com/content/dam/fo… Our emulation covers the exact TTPs: ✔️ Kernel elevation ✔️ Malicious JS payloads ✔️ Password Filter DLL ✔️ In-memory keyloggers Try it yourself 👉

Unit 42 researchers uncovered a Lampion malware campaign targeting Portuguese government, finance & transport sectors. The threat actor aims to steal sensitive banking info, has impacted dozens of organizations & now has added ClickFix lures to its arsenal unit42.paloaltonetworks.com/lampion-malwar…

👀

The Active Directory Project 2.0 is fully released! For those wanting to get some hands on practice, feel free to follow along and learn how to setup your own AD/Splunk environment and create an automation & response workflow in Shuffle. Cybersecurity Project: Active Directory

🍽️

🌟New report out today!🌟 Another Confluence Bites the Dust: Falling to ELPACO-team Ransomware Analysis and reporting completed by @pcsc0ut.bsky.social, @irishdeath.bsky.social & Tornado 🔊Audio: Available on Spotify, Apple, YouTube and more! thedfirreport.com/2025/05/19/ano…

AMAZING keynote coming up at the SANS Institute | SANS DFIR #RansomwareSummit 2025! The DFIR Report's Pete & Angelo Violetti are presenting "Adapting Tradecraft: Examining #Ransomware Attacks in 2024 - Insights from The DFIR Report"! FREE reg @: sans.org/u/1yCa

BSides Pyongyang when??? The North Korean Computer Emergency Response Team

Classic #ransomhub execution baked into the encryptor itself. Check out the latest report here and learn how that exposed RDP on your network can trigger a massive ransomware attack. #dfir thedfirreport.com/2025/06/30/hid… The DFIR Report

Become a contributor at XINTRA XINTRA 🔎 We're looking for RED and BLUE team contributors 🔴Red Team – Emulate real APT groups 🔵Blue Team – Investigate & respond to emulations What you get: - Challenging, realistic emulations - Hack & forensicate vendor devices -

Fantastic project that can be used to visualize your SOD!! Great stuff Jinto Antony! 🔥