Media is too big
VIEW IN TELEGRAM
Leaked footage of Russian ransomware operators in action
๐46๐คฃ23๐ฑ5๐2๐คฉ1๐ฉ1
Media is too big
VIEW IN TELEGRAM
We've been busy. Updates on what we are doing and whats in queue:
- Malware Database hash daily upload listings
- Bug fixes, enhancements, and additions to VX-API
- More malware samples
- More APT samples and papers
- Russian papers from forums such as XSS
- Malware Database hash daily upload listings
- Bug fixes, enhancements, and additions to VX-API
- More malware samples
- More APT samples and papers
- Russian papers from forums such as XSS
๐7๐4๐3๐ฅ2
This media is not supported in your browser
VIEW IN TELEGRAM
When a company is breached and their public relations representative begins answering questions
๐คฃ20๐9๐7๐ฅ2
Yesterday SOCRadar disclosed a misconfiguration in "olyympusv2", a Microsoft Azure blob storage domain containing data from 2014 - present
The data leak is confirmed by Microsoft, however Microsoft claims SOCRadar is exaggerating impact
More info: https://socradar.io/sensitive-data-of-65000-entities-in-111-countries-leaked-due-to-a-single-misconfigured-data-bucket/
The data leak is confirmed by Microsoft, however Microsoft claims SOCRadar is exaggerating impact
More info: https://socradar.io/sensitive-data-of-65000-entities-in-111-countries-leaked-due-to-a-single-misconfigured-data-bucket/
SOCRadarยฎ Cyber Intelligence Inc.
Sensitive Data of 65,000+ Entities in 111 Countries Leaked due to a Single Misconfigured Data Bucket
SOCRadar has detected that sensitive data of 65,000 entities became public because of a misconfigured server. The leak includes Proof-of-Execution (PoE) and
๐2๐1๐คฏ1๐1
Zscaler has reported an internet sea cable cut, the cut is south of France and has impacted subsea cables connecting Asia, Europe, and the United States.
Also, today it was announced an internet sea cable north of Scotland has been damaged.
More info: https://trust.zscaler.com/zscloud.net/posts/12256
Also, today it was announced an internet sea cable north of Scotland has been damaged.
More info: https://trust.zscaler.com/zscloud.net/posts/12256
๐5
vx-underground
We need 800TB of storage
*because we can acquire 1,245,000,000 samples
*yes, billion
*yes, billion
๐ฑ39๐7๐ฅ5๐4โคโ๐ฅ2๐คจ2โค1๐1
We've updated the vx-underground VX-API on GitHub
- Various code improvements
- Readme file includes the todo list and various notes
- New additions PID enumeration methods and helper functions
Cheers
https://github.com/vxunderground/VX-API
- Various code improvements
- Readme file includes the todo list and various notes
- New additions PID enumeration methods and helper functions
Cheers
https://github.com/vxunderground/VX-API
GitHub
GitHub - vxunderground/VX-API: Collection of various malicious functionality to aid in malware development
Collection of various malicious functionality to aid in malware development - vxunderground/VX-API
โก9๐5๐ฅ4๐3๐ณ2๐2
We've updated the vx-underground Windows malware paper collection
- Making WMI Queries In C
- Changing memory protection using APC
- Windows DLL Hijacking Hopefully Clarified
- Weaponizing Privileged File Writes with the USO Service
https://www.vx-underground.org/windows.html
- Making WMI Queries In C
- Changing memory protection using APC
- Windows DLL Hijacking Hopefully Clarified
- Weaponizing Privileged File Writes with the USO Service
https://www.vx-underground.org/windows.html
๐ฅ3๐2๐1
Black Reward, an Iranian hacker group, claims to have breached the Iranian government and exfiltrated sensitive data related to their nuclear programs.
They informed the Iranian government they have 24 hours to release political prisoners or they will release the documents.
They informed the Iranian government they have 24 hours to release political prisoners or they will release the documents.
๐ฅ35๐12๐8๐1
We've updated the vx-underground Windows malware paper collection
- VBA RunPE - Breaking Out of Highly Constrained Desktop Environments
- Understanding API Set Resolution
Check it out here: https://www.vx-underground.org/windows.html
- VBA RunPE - Breaking Out of Highly Constrained Desktop Environments
- Understanding API Set Resolution
Check it out here: https://www.vx-underground.org/windows.html
๐5๐2
vx-underground
Black Reward, an Iranian hacker group, claims to have breached the Iranian government and exfiltrated sensitive data related to their nuclear programs. They informed the Iranian government they have 24 hours to release political prisoners or they will releaseโฆ
Black Reward says their demands have not been met. In the next couple of hours they will be releasing a large quantity of data from Iran's Atomic Energy Organization.
We have translated their message from Farsi to English. You can read it here: https://pastebin.com/Pm4yfsac
UPDATE: They have released the data. They released the documents as this message was sent. Instead of 'several hours', it was 14 minutes.
We have translated their message from Farsi to English. You can read it here: https://pastebin.com/Pm4yfsac
UPDATE: They have released the data. They released the documents as this message was sent. Instead of 'several hours', it was 14 minutes.
Pastebin
Dear friends and countrymenAs a part of the Iranian hacker community and bor - Pastebin.com
Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
๐12โค4๐3
This media is not supported in your browser
VIEW IN TELEGRAM
vx-underground official advertisement
๐ฅด36๐คฃ28๐5๐ฅ2๐คฎ2๐คก2๐1
We've updated the vx-underground APT collection.
2013.03.20/The Teamspy Story
2013.03.20/Teamspy - Technical Report
2016.03.02/New selfโprotecting USB trojan able to avoid detection
2019.04.10/Gaza Cybergang Group1, operation SneakyPastes
2017.04.13/Teamspy - A deeper look into malware abusing TeamViewer
2017.04.14/PlexingEagle: A surprise encounter with a Telco APT
2019.11.05/DarkUniverse โ the mysterious APT framework #27
2022.04.06/Continued Targeting of Indian Power Grid Assets by Chinese State-Sponsored Activity Group
2022.09.15/F5 BIG-IP Vulnerability (CVE-2022-1388) Exploited by BlackTech
2022.09.30/Amazonโthemed campaigns of Lazarus in the Netherlands and Belgium
2022.10.11/The Russian SpyAgent (Teamspy) โ a Decade Later and RAT Tools Remain at Risk
2022.10.12/WIP19 Espionage | New Chinese APT Targets IT Service Providers and Telcos With Signed Malware
2022.10.12/Winnti APT group docks in Sri Lanka for new campaign
2022.10.13/Budworm: Espionage Group Returns to Targeting U.S. Organizations
2022.10.13/Alchimist: A new attack framework in Chinese for Mac, Linux and Windows
2022.10.14/New โPrestigeโ ransomware impacts organizations in Ukraine and Poland
2022.10.17/DiceyF deploys GamePlayerFramework in online casino development studio
2022.10.18/Unknown Actor: Powershell Backdoor disguising itself as part of a Windows update process
2022.10.18/Spyder Loader: Malware Seen in Recent Campaign Targeting Organizations in Hong Kong (Winnti)
2022.10.20/Domestic Kitten campaign spying on Iranian citizens with new FurBall malware
2022.10.21/WarHawk: the New Backdoor in the Arsenal of the SideWinder APT Group
Check it out here: https://vx-underground.org/malware.html
2013.03.20/The Teamspy Story
2013.03.20/Teamspy - Technical Report
2016.03.02/New selfโprotecting USB trojan able to avoid detection
2019.04.10/Gaza Cybergang Group1, operation SneakyPastes
2017.04.13/Teamspy - A deeper look into malware abusing TeamViewer
2017.04.14/PlexingEagle: A surprise encounter with a Telco APT
2019.11.05/DarkUniverse โ the mysterious APT framework #27
2022.04.06/Continued Targeting of Indian Power Grid Assets by Chinese State-Sponsored Activity Group
2022.09.15/F5 BIG-IP Vulnerability (CVE-2022-1388) Exploited by BlackTech
2022.09.30/Amazonโthemed campaigns of Lazarus in the Netherlands and Belgium
2022.10.11/The Russian SpyAgent (Teamspy) โ a Decade Later and RAT Tools Remain at Risk
2022.10.12/WIP19 Espionage | New Chinese APT Targets IT Service Providers and Telcos With Signed Malware
2022.10.12/Winnti APT group docks in Sri Lanka for new campaign
2022.10.13/Budworm: Espionage Group Returns to Targeting U.S. Organizations
2022.10.13/Alchimist: A new attack framework in Chinese for Mac, Linux and Windows
2022.10.14/New โPrestigeโ ransomware impacts organizations in Ukraine and Poland
2022.10.17/DiceyF deploys GamePlayerFramework in online casino development studio
2022.10.18/Unknown Actor: Powershell Backdoor disguising itself as part of a Windows update process
2022.10.18/Spyder Loader: Malware Seen in Recent Campaign Targeting Organizations in Hong Kong (Winnti)
2022.10.20/Domestic Kitten campaign spying on Iranian citizens with new FurBall malware
2022.10.21/WarHawk: the New Backdoor in the Arsenal of the SideWinder APT Group
Check it out here: https://vx-underground.org/malware.html
๐4๐ฅ3๐1
Individuals from the Commonwealth of Independent States make up approximately 35% of our web traffic.
We have begun aggregating Russian papers from forums such as XSS, or from individuals who have translated papers for vx-underground.
Check it out here: https://www.vx-underground.org/russian.html
We have begun aggregating Russian papers from forums such as XSS, or from individuals who have translated papers for vx-underground.
Check it out here: https://www.vx-underground.org/russian.html
๐ฅฐ6๐3
RJ Young, a company which provides managed IT solutions and "smart" security devices for businesses and schools, is being extorted by ALPHV ransomware group. ALPHV claims to possess 4TB of their data.
This is yet another example of ransomware groups targeting schools.
This is yet another example of ransomware groups targeting schools.
๐ข15๐6๐2