Latest posts tagged with #threatintel on Bluesky
U.S. Treasury Sanctions Entities Linked to $800 Million North Korean Crypto Heist - Falcon News
Sanctions? After $800M is gone? Brilliant strategy. 🔥
Smart money tracks the money BEFORE it vanishes.
Real ones know the drill: verify, then ape. That bot everyone whispers about? Yeah, that one. Use it.
🔗 news.falconcyber.online/en/news/20260314-12e2c35...
#crypto #OSINT #threatintel
Latest Threat Profile on the dangerous CyberAv3ngers. #iran #cybersecurity #ThreatIntel #cyberattacks
CyberAv3ngers IRGC-CEC Affiliated ICS/OT Advanced Persistent Threat Modus Operandi Analysis open.substack.com/pub/cyberwar...
Revenue: $0. Customers: 18. IOCs: 1,009,231. Epstein docs: 400,713. Blog posts: 685.
Not retired. But the snake is definitely eating.
Full post: www.dugganusa.com/post/pi-day-the-snake-eats-its-tail
#cybersecurity #threatintel #AIPM
All 23 IOCs are live in our free STIX feed and OPNsense blocklists. 1,009,231 indicators and counting.
Search any of them: analytics.dugganusa.com/epstein/
Register for API access: epstein.dugganusa.com/register
#STIX #OPNsense #threatintel
Pi Day Threat Intel Drop: 23 IOCs indexed in 60 seconds.
9 Chinese military espionage C2 IPs (CL-STA-1087). 7 malware hashes. AppleChris + MemFun backdoors targeting SE Asian military.
Source: Unit 42. Now in our STIX feed + OPNsense blocklists.
#threatintel #cybersecurity
For all the unrelated (with varying degrees of validity) screetching, this is one hell of an oopsie by Companies House:
https://x.com/DanNeidle/status/2032506756786511908
#threatintel, #ukplcltd
I'll add more information on my blog this weekend, but reckoned what with the recent filestamps and lack of VT detections, I should put this out sooner rather than later. MSI upload to VT in progress.
#malware #threatintel #soceng
~Socket~
Six malicious Packagist themes deploy trojanized jQuery to exfiltrate URLs and redirect to FUNNULL infrastructure.
-
IOCs: union. macoms. la, userstat. net, 23. 225. 52. 67
-
#Malware #PHP #SupplyChain #ThreatIntel
~Akamai~
Akamai reports a 245% spike in cyberattacks targeting global critical sectors amid 2026 geopolitical conflicts, with Handala claiming data-wiping attacks.
-
IOCs: (None identified)
-
#CyberSecurity #Hacktivism #ThreatIntel
~Akamai~
AI-generated false positives are overwhelming bug bounty programs and CVE databases, requiring strict human oversight.
-
IOCs: (None identified)
-
#AI #BugBounty #ThreatIntel
~Sophos~
Iranian threat groups favor phishing, password spraying, RMM abuse, and exploiting public vulnerabilities for initial access.
-
IOCs: CVE-2021-44228, CVE-2021-34473, CVE-2018-13379
-
#Iran #TTPs #ThreatIntel
~Sophos~
Microsoft patched 84 CVEs, including 8 Critical flaws and 2 publicly disclosed issues.
-
IOCs: CVE-2026-21536, CVE-2026-21262, CVE-2026-23668
-
#PatchTuesday #ThreatIntel #Vulnerability
~Cisa~
CISA added two actively exploited Google vulnerabilities (Skia and Chromium V8) to its KEV catalog, urging immediate patching.
-
IOCs: CVE-2026-3909, CVE-2026-3910
-
#CISA #KEV #ThreatIntel
500k+ threat actor usernames atm and quickly growing.
Should be able to hit 1M+ in 2026 :)
#cti #threatintel #osint #infosec #cybersecurity #hacking #threatactors #usernames #darkforums #hackforums #dread #oguser #xss #darknetarmy #ogu #leakbase #breachstars
github.com/spmedia/Thre...
Iran-linked MuddyWater hackers are deploying a new Dindoor backdoor targeting sectors like banking, aviation, and software.
Nation-state cyber campaigns increasingly touch private companies too.
thehackernews.com/2026/03/iran...
#CyberSecurity #ThreatIntel #APT
Hive0163 Uses AI Malware For Ransomware
Read More: buff.ly/BMLssgq
#Hive0163 #Slopoly #AIgeneratedMalware #RansomwareThreat #LLMAbuse #CyberExtortion #ThreatIntel #Infosec
~Akamai~
Akamai highlights the shift toward AI-driven threats and the need for Zero Trust frameworks ahead of RSAC 2026.
-
IOCs: (None identified)
-
#AISecurity #RSAC2026 #ThreatIntel
Read the full analysis:
www.technadu.com/xworm-rat-do...
💬 What strategies should security teams adopt to detect malware that operates primarily in memory?
#Cybersecurity #Malware #Infosec #ThreatIntel #MaaS
Originally from Red Canary: Moving up the Assemblyline: Exposing malicious code in browser extensions ( :-{ı▓ #threatintel #redcanary #cyberresearch
There are a lot of articles and discussions concerning the Handala Hack Team, and especially the recent attack on Stryker.
Multiple articles have been published regarding this threat actor and I have put together a "Threat Actor Profile" for Handala. It's as always reasonably well attributed to […]
One infostealer infection exposed a massive cyber operation.
• DPRK-linked actor inside crypto exchange
• Linked to Polyfill. io attack(100K+ sites)
• Automated crypto laundering
• Espionage targeting research infrastructure
Follow TechNadu for cybersecurity news
#CyberSecurity #ThreatIntel #InfoSec
~Zscaler~
A China-nexus group, likely Mustang Panda, is using Middle East conflict lures to deploy the PlugX backdoor in the Persian Gulf.
-
IOCs: 91. 193. 17. 117, www. 360printsol. com
-
#MustangPanda #PlugX #ThreatIntel
~Paloalto~
Suspected Chinese state actors (CL-STA-1087) are targeting SE Asian military entities using custom AppleChris and MemFun backdoors.
-
IOCs: 154. 39. 142. 177, 154. 39. 137. 203, 8. 212. 169. 27
-
#APT #Malware #ThreatIntel
LockBit got Cronos’d. BlackCat caught a DOJ wrench to the teeth. Cl0p is still hanging around the enterprise software aisle like it owns the place. So… is it really next, or are we just recycling takedown fan fiction? 🧨👀📉
Read: blog.alphahunt.io/forecast-upd...
#AlphaHunt #Ransomware #ThreatIntel
Public permit data is now phishing fuel.
Attackers are impersonating local US officials to demand fake fees.
Learn more: fablesecurity.com/resources/bl...
#Cybersecurity #Phishing #Fraud #ThreatIntel #HumanRisk
Not every breach headline needs an all-staff alert.
The Stryker incident is a good reminder to brief with facts, not fear… because we don’t HAVE facts yet.
#Cybersecurity #ThreatIntel #SecurityAwareness #HumanRisk
fablesecurity.com/resources/bl...
~Withsecure~
CaaS evolves with IABs selling live session tokens, AI-driven malware like LAMEHUG, and a shift toward data exfiltration.
-
IOCs: LAMEHUG
-
#CaaS #Malware #ThreatIntel
~Microsoft~
Storm-2561 uses SEO poisoning to push fake VPN clients, deploying Hyrax malware to steal credentials.
-
IOCs: 194. 76. 226. 93, vpn-fortinet. com, ivanti-vpn. org
-
#Phishing #Storm2561 #ThreatIntel
Iran-Linked Hackers Hit Albania Parliament
Read More: buff.ly/EAyswwn
#AlbaniaCyber #HomelandJustice #IranCyber #GovernmentBreach #DataWiper #GeopoliticalCyber #ParliamentHack #ThreatIntel
Pro-Iran hackers reportedly disrupted global systems at medical device giant Stryker, impacting its environment and thousands of employees. Reminder that geopolitical tensions increasingly play out inside your networks.
www.cnn.com/2026/03/11/p...
#CyberSecurity #ThreatIntel
