Olivia
Online
Andrea Naspi
@andreanaspi
Msc Cybersecurity at @SapienzaRoma | Threat Hunting | Malware Analyst @nozominetworks
404 Not Found
Joined December 2012
549 Following
178 Followers
292 Posts
Pinned Tweet
I'd like to share a project I've been working recently related to the #Bumblebee #loader. This #Python script allows you to quickly extract the C&C server configuration from the #Bumblebee process through PE-Sieve by @hasherezade
https://t.co/QJ1gZRK6hK
@cluster25_io
#CISA updated its #BRICKSTORM advisory with an additional #Yara rule to detect the Rust variant of the backdoor.
Since referenced samples weren’t on VT, with @jvrrascon we hunted down for others founding out https://t.co/inff6GzSwd
Still zero detections on VT! Happy hunting 🍷
#Pryx v2: latest backdoor version adding new functionalities ('/' for dir. listing and '/screenshot' for screenshots) through external libraries like https://t.co/1PFO0C0dwW
IoCs:
e6a6bc09bac69d6a2445d1cf54c7bffc
hxxps://pryx[.]cc/tor.tar.gz
hxxp://apijfsjnvsl.pato[.]pw/api.php
Who to follow
l_oroinbocca
@l_oroinbocca
16318222828231013172121232628820/22122222222222212
BrunoZero
@BrunoModificato
CTFer for: @Water_Paddler / Security auditor @osec_io
my writeups: https://t.co/XurIhbWdj7
24y
Luca Carrara
@lcarrara00
Student of Computer and Network Security @LaStatale | Co-organizer of @nohatcon
Our latest post has just gone live! In this one, we're looking at using Capstone Disassembler, Unicorn Emulation Framework, and Python to defeat encrypted stack strings within a Conti ransomware sample
https://t.co/FzV9jfC1SE
As showed by Zscaler, almost one year later, APT29 used same TTPs to distribute a wine-tasting invitation (ring a bell?) to European diplomats by impersonating the Indian ambassador.
As usual, the questionnaire link downloads a zipped HTA that starts the infection chain.
3/3
The #threatintel #attribution puzzle: a look into the past. A thread 🧵👇.
#APT29 (also known as #CozyBear and #BlueBravo) between the first half of 2023 pursued multiple #phishing campaign based on their espionage objectives against European diplomats.
1/3
🚨New threat actor, SPIKEDWINE, impersonates Indian government officials to deliver WINELOADER malware in a #phishing campaign that targets European diplomats. Check out our technical analysis here: https://t.co/fXObDUNxCb
A specific campaign spoofed the Czechia Embassy inviting them to a wine tasting event.
This campaign showed an important change in the APT29 TTP's saying goodbye to HTTP smuggling and giving place to malicious ISO/ZIP delivered directly to victims through PDF-based lures.
2/3
As P2PInfect raises #cybersecurity concerns, our Labs team identified a strain of #P2Pinfect that targets a new #IoT architecture – ARM.
Read this blog to learn about recent P2PInfect worm operations & behavior, and the implications for digital #security: https://t.co/TfPhUOQm1R
Today, the pro-Palestinian hacker group "Islamic Cyber Team Indonesian" claims to have hacked the #FBI. Two compressed archives, referring to FBI data, totaling about 7GB were shared on their telegram channel. In the message, numerous pro Palestinian collectives have been quoted
Good news for #obfuscator/#packer researchers, the complete #VMProtect (v3.5.1) source code has just been leaked! 🔥
e41e4c6048abddeb5f3652bfb5036927f3e49b4a02b558d72839c9ebcf2c7e98
First submission: 2023-12-07 08:38:30 UTC
#GoTitan #botnet samples available on VT, have a good hunt!
9f639212aa8f31b4bf45adb9a8008502
e32a5b9c58c3e40d2246b7774cb4fb33
Fortinet researchers detail the Apache ActiveMQ CVE-2023-46604 exploitation and provide insights into the malware associated with these recent attacks, such as the newly discovered Golang-based botnet named GoTitan and a .NET program called PrCtrl Rat. https://t.co/VyZfhBTlqB
#Honeypots are essential tools for threat hunting, primarily used to lure #cyberattackers. They can also help warn that an intrusion attempt is happening, and improve our understanding of #threats.
Learn how to set up & use an #IoT #honeypot: https://t.co/3nCuJvQLMx
OK, this morning I'm doing to go cruising with #Censys
############################
You all have very specific custom config
#############################
"Very Secure FTP Daemon"
HTML Fingerprint
HTML Title: "404 That's an Error"
8.130.12.120
47.251.45.4
86.57.172.226
92.38.132.181
92.38.169.180
95.168.191.172
108.177.235.177
121.5.125.242
123.57.194.99
154.53.63.93
192.3.101.111
192.109.119.29
192.227.196.186
205.185.123.17
209.141.34.83
Tried hunting for DarkGate servers ?
Try using this search term on Censys. ->
(Autoit3.exe) and services.service_name=`DARKGATE`
Censys: 10 results
#darkgate #threathunting #malware #threatintelligence #threatintel
It’s very common for us to see offensive tooling enable SeDebugPrivilege so that they may bypass certain OS checks. However, what does this mean? Which OS checks are skipped? I dove into this and decided to write a blog on it. Check it out!
https://t.co/c7pEs48zTF
We're pleased to announce the launch of our new website
Access resources, documentation, and community projects to enhance your experience with the Sigma Rule Standard
Special thx to @sifex for the hard work!
Blog: https://t.co/O5Ewz0oHKL
Explore now: https://t.co/hg6AgdBS3Y
Last Seen Users on Sotwe
السيد
Seen from Germany
𝖙𝖍𝖗𝖔𝖓𝖊 
Seen from Switzerland
TOLGA&ZEYNEP
Seen from Turkey
oylesine27372
Seen from Turkey
فحل سوداني في الطائف
Seen from Egypt
Avi Berri 🇵🇷
Seen from United States
فحل
Seen from Jordan
jad22m
Seen from Netherlands
Aşk Kadını
Seen from Turkey
Mature Women's (Use VPN)
Seen from Belgium
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers