POKÉMANIAC SIPH wants to fight! @Siphonay

1 post1 participant0 posts today

FunesYo <a href="https://infosec.exchange/tags/HijackLoader" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HijackLoader</a> to <a href="https://infosec.exchange/tags/RedLineStealer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RedLineStealer</a> incidents all over the place today. Make sure you're blocking 92.255.85[.]36 at the fw and bitly[.]cx unless you need to use that specific url shortening service for some strange reason.<a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threatintel</a> <a href="https://infosec.exchange/tags/iocs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iocs</a>

Infoblox Threat IntelThe banking trojan, Octo2, now employs a Domain Generation Algorithm (DGA)! The new variant of the Octo (ExobotCompact) banking trojan, Octo2, is targeting mobile users with several new advanced features. This malware is known for disguising itself as legitimate apps, taking control of the victim’s device to steal sensitive information and commit on-device fraud. For now, the malware has been seen in the wild in Italy, Poland, Moldova, and Hungary, masquerading as apps like NordVPN and Google Chrome. Unfortunately, given its history, it is expected to become global soon. This new variant, investigated by ThreatFabric, features enhanced functionalities, including a Domain Generation Algorithm (DGA) that dynamically changes its command-and-control (C2) server addresses, making it significantly harder to detect. Here are some domains associated with this new variant that we have in our collection: 5106c5dbc9e0d004489af35abec41027[.]info 7729f264dc01834757c9f06f2d313e28[.]com a414602e421935fd057be3c06a3d080c[.]info 53cd7bfaebd095ad083c34f007469ff5[.]biz 5fa5009fb05a5cee1abd7a2dbb6eb948[.]net 8921267492331aabcb4394c801d4e490[.]shop bbad1dcadd801af41da97ecf292b147f[.]xyz c80530d100da2e953c21c55d7cb4b86a[.]info ffce9e39ccdfbe3f1e88806545321ad7[.]org ThreatFabric report: <a href="https://www.threatfabric.com/blogs/octo2-european-banks-already-under-attack-by-new-malware-variant" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.threatfabric.com/blogs/octo2-european-banks-already-under-attack-by-new-malware-variant</a><a href="https://infosec.exchange/tags/dns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dns</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/InfobloxThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfobloxThreatIntel</a> <a href="https://infosec.exchange/tags/Infoblox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infoblox</a> <a href="https://infosec.exchange/tags/Octo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Octo</a> <a href="https://infosec.exchange/tags/Octo2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Octo2</a> <a href="https://infosec.exchange/tags/ExobotCompact" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ExobotCompact</a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://infosec.exchange/tags/IOCs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IOCs</a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threatintel</a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybercrime</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/dga" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dga</a> <a href="https://infosec.exchange/tags/c2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#c2</a> <a href="https://infosec.exchange/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a>

Nnubes256Hello infosec.exchange! Here's an <a href="https://infosec.exchange/tags/introduction" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#introduction</a>. I am currently an <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> student on <a href="https://infosec.exchange/tags/europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#europe</a> starting research on <a href="https://infosec.exchange/tags/obd2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#obd2</a> dongles, but sometimes I also do <a href="https://infosec.exchange/tags/threathunting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threathunting</a>, <a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a> and <a href="https://infosec.exchange/tags/ctf" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ctf</a> for the thrill.I wanna use this account to talk and ask questions to the wider community. I may also share <a href="https://infosec.exchange/tags/iocs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iocs</a> of ongoing campaigns from time to time. I also have a main account (<a href="https://mas.to/@Nnubes256" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Nnubes256@mas.to</a>) for more general stuff; I'm just moving my <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> presence where the action is :D

log4jmI've been enjoying infosec.exchange for the last month or so but have been putting off an <a href="https://infosec.exchange/tags/Introduction" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Introduction</a> because I'm awkward and anxious (<a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> am I right?). I feel more comfortable talking about my cat than myself or my work on social media, so you'll probably mostly see him amongst my boosts and replies. He's a little hacker who tricks me into FaceID unlocking my iPad for him or hides my pouch of physical security keys to remind me not to be careless with them.See how I just went on about the cat? Yeah... I feel imposter syndrome about belonging in <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a>. I'm an IT <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> and <a href="https://infosec.exchange/tags/operations" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#operations</a> focused <a href="https://infosec.exchange/tags/SysAdmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SysAdmin</a> (<a href="https://infosec.exchange/tags/BlueTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BlueTeam</a>) whose been fascinated/working with computers since I was 3, and have been doing it professionally for over 10 years now. Does that make me <a href="https://infosec.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecOps</a>? I honestly don't know. I love this community though and want to make an effort to share what I do know more often besides the cat pics or conversations or boosting <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatIntel</a> and news I think to share.If I had to sum up in a few hashtags and such, I know securing <a href="https://infosec.exchange/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a> and <a href="https://infosec.exchange/tags/ActiveDirectory" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ActiveDirectory</a> best but I use/protect <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> and <a href="https://infosec.exchange/tags/macOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#macOS</a> if you'll forgive me for using <a href="https://infosec.exchange/tags/PowerShell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PowerShell</a> there too. I love <a href="https://infosec.exchange/tags/scripting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#scripting</a> and <a href="https://infosec.exchange/tags/automation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#automation</a>, the <a href="https://infosec.exchange/tags/OSINT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSINT</a> and <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatIntel</a> and <a href="https://infosec.exchange/tags/IOCs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IOCs</a> we share, <a href="https://infosec.exchange/tags/infrastructure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infrastructure</a> and <a href="https://infosec.exchange/tags/firewall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#firewall</a> stuff, <a href="https://infosec.exchange/tags/logging" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#logging</a> and <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DFIR</a>, and reading/writing reports just as much as code. I'm not super passionate about the <a href="https://infosec.exchange/tags/cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloud</a> but that's not a hill I'd die on and <a href="https://infosec.exchange/tags/Azure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Azure</a> is pretty cool.Did I mention I have one of the best <a href="https://infosec.exchange/tags/CatsOfInfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CatsOfInfoSec</a> ever?Anyway, "it's me, hi!"

Lesley Carhart :unverified:I think we really need to agree on one or two clear, deconflicted hashtags for technical <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> alerts and <a href="https://infosec.exchange/tags/IOCs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IOCs</a> given the lack of string search and algorithm.

Recent searches

Search options

Administered by:

Server stats:

#iocs