Olivia
Online
lostpacket
@_lostpacket_
Threat Researcher at @_CPResearch_
Joined April 2019
416 Following
156 Followers
40 Posts
🚨ALERT🚨
Gulf countries, Cyprus & Israel - A massive wave of IP camera scanning and exploitation from Iran-linked infrastructure.
✅ Patch to the latest version
🔐 Enforce strong, unique passwords and restrict external access
Read More :
https://t.co/iuZkd446nQ
China-linked #InkDragon expands into Europe, building a distributed relay network by weaponizing compromised servers with a custom #ShadowPad IIS listener alongside new TTPs and an evolved FinalDraft.https://t.co/HiVSN2rngc
@_JohnHammond We reported this issue to Microsoft back in June, also talked about it at @labscon_io and @virusbtn — and, well, you already know how that turned out :)
Unmasking the China-nexus #Storm2603 toolset that pre-dated the ToolShell wave.
📅Active since at least Apr 2025.
🔑Multiple ransomware deployed together: LockBit + Warlock.
💥Custom backdoors: ak47dns & ak47http.
Read more -->
https://t.co/ah6i4DT1FG
🇮🇷🇮🇱 In their latest phishing campaigns, Iranian APT Educated Manticore poses as cybersecurity researchers and executives to target top tech academics in Israel:
🔗 Fake Google Meet meetings
🌐 Phishing kits as Single Page App with React
👉 Details: https://t.co/W0neXbcnUU
Zero-Day used by Stealth Falcon APT group in a spear-phishing campaign:
💥 .URL file exploitation (assigned CVE-2025-33053)
🧰 Custom Mythic implants, LOLBins, and custom payloads
🌍 High-profile targets across the Middle East and Africa
https://t.co/OnQmC2GBLJ
Following the advisory, CPR shares an in-depth analysis of the malware attributed to Emennet Pasargad:
🐁 WezRat: a custom infostealer
🧀 Uses DLL modules for screenshots, keylogging, file theft, etc.
🐈 Over a year of activity and evolution
Read more:
👉 https://t.co/P7UtZkvlqk
🇪🇺Amid the upcoming EU membership referendum, Moldova is being hit with #disinformation emails aimed at discrediting the pro-EU course and its supporters.
🕵️Read more about hybrid disinformation-malware operations across Europe by the #LyingPigeon group:
https://t.co/6gtNMONUqI
20 years of VirusTotal: 2004-2024
@thepacketrat Duolingo always prepares you for the best case scenario. In others, Maria pours kefir into this salad and calls it a soup.
While most associate this report with the Israel-Hamas conflict, the actor managed to infiltrate numerous high-profile targets throughout the Middle East in recent years. Given their track record of sharing access with disruptive malware operators, this is a region-wide concern.
[4\5] ScarredManticore has been consistently targeting high-profile organizations in Saudi Arabia, UAE, Kuwait, Oman, Jordan, and Israel. The most commonly targeted sectors are Government and Telecommunications.
![_CPResearch_'s tweet photo. [4\5] ScarredManticore has been consistently targeting high-profile organizations in Saudi Arabia, UAE, Kuwait, Oman, Jordan, and Israel. The most commonly targeted sectors are Government and Telecommunications. https://t.co/KMLSRNK0K0](https://pbs.twimg.com/media/F9xn0YBXUAAYGxi.jpg)
[1/5] CPR in collaboration with @sygnia_labs has been tracking #ScarredManticore, one of the most sophisticated Iranian threat actors uncovered to date. Attributed to the MOIS, it is linked to some of the most impactful Iranian intrusions in recent years.
https://t.co/Oi5Tg9a9Ab
@thehellu or simply from VT
This coup could have been an email
Amid the crisis in Azerbaijan’s breakaway region of Nagorno-Karabakh, our new report reveals Azerbaijani political surveillance using #OxtaRAT malware:
🕵️AutoIT/JPEG polyglot file
🎯Targets activists in Azerbaijan🇦🇿 and entities in Armenia🇦🇲
Read more >>
https://t.co/qq8VU6bIyC
Since the end of March, all the files submitted to VirusTotal from Donetsk and Luhansk regions are shown in their telemetry as ZZ country. @virustotal Any chance you can assist with geography to your geolocation services provider?
#CloudAtlas continues its operations and during the last year narrows its targeting :
🎯Focus on Russia, Belarus and conflicted areas in Ukraine and Moldova
👾New DLL to proxy connections through the victims’ machines.
👉https://t.co/D6gkpC2ttY
We Reveal 7 Years of #ScarletMimic Mobile Surveillance Campaign Targeting Uyghurs:
📱 More than 20 different Android samples
📄 Uyghur-related lures
👁️ Full surveillance capabilities
🤙 Conduct calls and SMS from victim's device
Read More:
https://t.co/Wy3ByDYj9p
@vinopaljiri @_CPResearch_ @CheckPointSW Happy Birthday and welcome to the team! We are so excited to have you on board! 🙏
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers