[Threatview.io] ⚡ Our Oneview Platform provides an active view of the c2 activity pattern for all major high impact c2 infrastructure to enable defenders with additional context ✉️ Email us to experience it yourself ⚙️ MCP Support available #threatintel #ransomware

[Threatview.io] ⚡ Latest publication: How Cybercriminals Are Hijacking YouTube Channels via Fake Copyright Claims. threatview.io/#post/hacked-y… #threatintel #phishing #youtube #dmca cc: @TeamYouTube

[Threatview.io] ⚡ Actionable cyber threat intelligence delivered through our community feeds and through our Oneview platform #threatintel

🚨 DEFACEMENT ALERT 🚨 Group: BROTHEROOD CAPUNG INDONESIA Targets: • 123.xwdsh.tk/ • HACKED BY ALIXPLOIT #threatintel #defacement #indonesia

We identified a new DPRK North Korea linked malware in npm - terminal-logger-utils. The username that uploaded the malware has uploaded a similarly named terminal-logger npm package last month which was classified as a DPRK malware. The malware downloads a 2nd stage payload according to the current OS, which contains a Node packaged executable with JavaScript code inside, which contains a full RAT behaviour, information stealing logic, targeting crypto, cloud, environment variables, SSH keys and anything it can get its hands on. The malware has also 3 dependant packages that import it which causes direct execution on the machine. - pretty-logger-utils - ts-logger-pack - pinno-loggers Read the full research: ox.security/blog/north-korea…

New Titan #Ransomware Leak Site 7 Victims Clearnet: titanblog[.]org Onion: /x4bccxlsmjsxlnnf3ocvndlshgfkagzytpqmsjnlfykceumnw6i4hkqd[.]onion h/t: @MediaSnorkeling

[Threatview.io]🌀 Our proactive hunters observed a growing pattern in domains hosting #clickfix ⚡️In the last 7 days - we observed about 200 domains hosting clickfix #threatintel

🚨 We recently discovered that an unauthorized party obtained a token with access to the Grafana Labs GitHub environment, enabling the threat actor to download our codebase. (1/6)

Cyber threats have are growing at an unprecedented rate - Organisations MUST augment their existing processes with threat intelligence to gain visibility of adversary actions, enhance situational awareness & detections 📨us for Oneview Platform access #threatintel #dfir

🚨 DEFACEMENT ALERT 🚨 Group: BABAYO EROR SYSTEM Targets: • pelaporan.komdigi.go.id/lko_… #threatintel #defacement #indonesia

🚨 DEFACEMENT ALERT 🚨 Group: JAX7 Targets: • pelaporan.komdigi.go.id #threatintel #defacement #indonesia

🚨 DEFACEMENT ALERT 🚨 Group: BABAYO EROR SYSTEM Targets: • enviro.itk.ac.id • foodtech.itk.ac.id/profile/s… • haxor.id/archive/mirror/2488… #threatintel #defacement #indonesia

🚨 DDOS ALERT 🚨 Group: ZxS3C🪬 Targets: • SCB (scb.co.th/) #threatintel #ddos #thailand

🚨 DDOS ALERT 🚨 Group: RuskiNet Group Target: Multiple Israeli organizations including healthcare providers, industries, and retail sites were targeted. #threatintel #ddos #israel

🚨 DDOS ALERT 🚨 Group: RuskiNet Group Targets: • edulog.co.il/ #threatintel #ddos #israel

🚨 DDOS ALERT 🚨 Group: RuskiNet Group Targets: • Haifa Port #threatintel #ddos #israel

🚨 DEFACEMENT ALERT 🚨 Group: BABAYO EROR SYSTEM Targets: • Babayo Eror System #threatintel #defacement #indonesia

🚨 DEFACEMENT ALERT 🚨 Group: BABAYO EROR SYSTEM Targets: • empresas.elloagencia.com.br • Babayo Eror System #threatintel #defacement #brazil

🚨 DEFACEMENT ALERT 🚨 Group: BABAYO EROR SYSTEM Target: Victims located across multiple industries including digital marketing agencies, e-commerce sites, and media platforms. #threatintel #defacement #multiplecountries

🚨 DEFACEMENT ALERT 🚨 Group: JAX7 Target: Victims located across multiple countries including India, Brazil, and possibly others, operating in various industries such as digital marketing, e-commerce, and media. #threatintel #defacement #multiple