threatintel

osint

CISA warns of cyberespionage by Iranian APT “MuddyWater”

February 25, 2022

Cybersecurity agencies in the US and UK have issued a joint cybersecurity advisory (CSA) on MuddyWater, a government-sponsored Iranian advanced...

Read More

cuba

Cuba Ransomware Victim: Ids97

February 25, 2022

Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...

Read More

26a0-1

Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing

February 25, 2022

The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel. The Computer Emergency Response Team...

Read More

osint

Anonymous launched its offensive on Russia in response to the invasion of Ukraine

February 25, 2022

The popular collective Anonymous declared war on Russia for the illegitimate invasion of Ukraine and announced a series of cyber...

Read More

duckduckgo-ads-for-depression-600x324-1

Google and Microsoft accused of feeding smaller search engines spam ads

February 25, 2022

Google and Microsoft appear to have been flooding their smaller search engine rivals with spam ads, to limit the number...

Read More

lockbit_logo

LockBit 2.0 Ransomware Victim: fehrs[.]com

February 25, 2022

LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...

Read More

JNDI-Injection-Exploit_1_1-731466

JNDI-Injection-Exploit – A Tool Which Generates JNDI Links Can Start Several Servers To Exploit JNDI Injection Vulnerability

February 25, 2022

JNDI-Injection-Exploit is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP...

Read More

conti

Conti Ransomware Victim: https-www-spinediagnostic-co

February 25, 2022

continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...

Read More

osint

US and UK details a new Python backdoor used by MuddyWater APT group

February 25, 2022

US and UK cybersecurity agencies provided details of a new malware used by Iran-linked MuddyWater APT. CISA, the FBI, the...

Read More

conti

Conti Ransomware Victim: https-www-collisoligo-co

February 25, 2022

continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...

Read More

conti

Conti Ransomware Victim: https-www-job-ag-co

February 25, 2022

continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...

Read More

conti

Conti Ransomware Victim: https-www-midas-pharma-com

February 25, 2022

continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...

Read More

conti

Conti Ransomware Victim: https-www-primex-co

February 25, 2022

continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...

Read More

conti

Conti Ransomware Victim: https-www-kracht-e

February 25, 2022

continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 47[.]93[.]63[.]179:80

February 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 8[.]140[.]150[.]177:443

February 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 121[.]5[.]154[.]138:80

February 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 81[.]70[.]162[.]112:6666

February 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 116[.]204[.]211[.]148:80

February 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 46[.]34[.]189[.]44:8000

February 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 34[.]125[.]128[.]76:81

February 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 89[.]238[.]185[.]13:443

February 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 101[.]43[.]18[.]87:443

February 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 143[.]198[.]110[.]248:443

February 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

CISA_Logo

CISA: CISA Releases Six Industrial Control Systems Advisories

January 23, 2025

[AKIRA] – Ransomware Victim: Enghouse (ex[.] Navita)

January 23, 2025

[INCRANSOM] – Ransomware Victim: starkaerospace[.]com

January 23, 2025

[AKIRA] – Ransomware Victim: WorldNet Telecommunications LLC

January 23, 2025

CVE Alert: CVE-2025-23811

January 23, 2025