![CatoCTRL's tweet photo. 🚨Cato CTRL threat alert: our MDR team has detected ValleyRAT targeting Vietnamese victims.
IOCs
URL: https://fg41[.]dlfl[.]vn/44c1fb6bfbda5a8403cb/6135615923956141674
Hash: 8033e6603938a1167ef28a84f39d63ee16b5620bf979f6fc950fd69fef275783
#ValleyRAT #c2 #SilverFox #APT https://t.co/pEL3Sz4rfa](https://pbs.twimg.com/media/G5e0OMJXQAA_aIS.jpg)
Olivia
Online
Tal Darsan
@taldars
Joined December 2014
246 Following
53 Followers
28 Posts
🚨 Cato CTRL threat alert: our MDR team has detected new Havoc C2 infrastructure.
IOCs
Domains:
alfmarcussen[.]com
aboutdolcera[.]com
amaswellybmi[.]com
dyg465g[.]com
images[.]shopby[.]jp
bowless[.]com
belecoins[.]com
handicraftai[.]com
adventent[.]com
allowcentral[.]com
betropol337[.]com
#C2 #ThreatIntel #Havoc
![CatoCTRL's tweet photo. 🚨 Cato CTRL threat alert: our MDR team has detected new Havoc C2 infrastructure.
IOCs
Domains:
alfmarcussen[.]com
aboutdolcera[.]com
amaswellybmi[.]com
dyg465g[.]com
images[.]shopby[.]jp
bowless[.]com
belecoins[.]com
handicraftai[.]com
adventent[.]com
allowcentral[.]com
betropol337[.]com
#C2 #ThreatIntel #Havoc](https://pbs.twimg.com/media/HGAaVIBW4AAUu24.jpg)
🚨 Cato CTRL threat alert: our MDR team has detected new JSCEAL C2 domains.
IOCs
Domains: unitedgroupvision[.]com, brightlinenord[.]net
More info: https://t.co/AW9qBuYI5H
#JSCEAL #C2 #ThreatIntel
![CatoCTRL's tweet photo. 🚨 Cato CTRL threat alert: our MDR team has detected new JSCEAL C2 domains.
IOCs
Domains: unitedgroupvision[.]com, brightlinenord[.]net
More info: https://t.co/AW9qBuYI5H
#JSCEAL #C2 #ThreatIntel https://t.co/EPHLIhYvl3](https://pbs.twimg.com/media/G9QLJhJWgAAaWkq.jpg)
🚨Cato CTRL threat alert: our MDR team has detected new EvilAI samples.
IOCs
Domains: myeditorpdf[.]com, docflares[.]com, cleareditpdf[.]com
#EvilAI #C2 #ThreatIntel #FakePDF #SparkOnSoft
🚨Cato CTRL threat alert: our MDR team has detected ValleyRAT targeting Vietnamese victims.
IOCs
URL: https://fg41[.]dlfl[.]vn/44c1fb6bfbda5a8403cb/6135615923956141674
Hash: 8033e6603938a1167ef28a84f39d63ee16b5620bf979f6fc950fd69fef275783
#ValleyRAT #c2 #SilverFox #APT
![CatoCTRL's tweet photo. 🚨Cato CTRL threat alert: our MDR team has detected ValleyRAT targeting Vietnamese victims.
IOCs
URL: https://fg41[.]dlfl[.]vn/44c1fb6bfbda5a8403cb/6135615923956141674
Hash: 8033e6603938a1167ef28a84f39d63ee16b5620bf979f6fc950fd69fef275783
#ValleyRAT #c2 #SilverFox #APT https://t.co/pEL3Sz4rfa](https://pbs.twimg.com/media/G5e0OMPWAAAn4wJ.jpg)
🚨 Cato MDR Alert: We’ve detected a malicious domain being used to download the Oyster backdoor disguised as Putty.
Below are the IoCs. 👇🧵
#ThreatIntel #Oyster #Putty #backdoor
🚨 Cato MDR Alert: We’ve detected malicious IP addresses being used to download AdaptixC2 and Mirai.
Below are the IoCs. 👇🧵
#ThreatIntel #AdaptixC2 #Mirai
We’ve uncovered an evolving #LummaStealer campaign leveraging Tigris, Oracle Cloud Infrastructure, and Scaleway – with activity linked to suspected Russian threat actors.
Full details: https://t.co/S2m6MvXgJU
#ThreatResearch
🚨 Cato MDR Alert: We’ve spotted an Office 365 #phishing campaign fronted by Cloudflare.
Key IoCs :
▪️ Phishing landing page: https://t.co/Nna7uEZ5nd (VT 0/94)
▪️ Drop zone: https://t.co/mxtKWLrufs (VT 0/94)
#ThreatIntel #O365
🚨 Cato MDR Alert: We’ve detected a malicious IP address being used to download Quasar RAT, MeshAgent, and Defender Control via cURL.
Key IoCs, URLs and hashes in the thread below. 🧵👇
#ThreatIntel #QuasarRAT #MeshAgent #DefenderControl
🚨 Cato MDR Alert: We’ve observed an Office 365 #phishing campaign using Cloudflare.
Key IoCs:
▪️Phishing landing page: https://t.co/fUcDiqZ639 (VT: 1/97)
▪️Drop zone: https://t.co/hlMRng9xzs (VT: 0/94)
Stay alert!
#ThreatIntel #O365
Busy coding weekend, get ready for a new tracker!
Attending @RSAConference in Singapore this week? See @georgetubin & @taldars discuss the migration of #malware 7/23 http://t.co/ppe3qu0LXK
[BLOG] "Tsukuba: Banking Trojan Phishing in Japanese Waters" http://t.co/0dSlibwSpA by @daniav09 and @iCyberFighter
#cybercrime
New POS Trojan #LogPOS uses Microsoft Mailslots to exfiltrate payment card numbers: http://t.co/q3iB3Senhc | #cybercrime #cardfraud #malware
Tsukuba: Banking Trojan Phishing in Japanese Waters: http://t.co/RkAaz3bmrF via @ibmsecurity
Last Seen Users on Sotwe
. ❤
Seen from Netherlands
türbanlı siker
Seen from United Kingdom
sexy boys
Seen from Pakistan
廃人
Seen from Japan
GorillaFez
Seen from Italy
BBC
BIG BOOBS & ASS 
Seen from Netherlands
Eş Sevgili İfşa Paylaşım Platformu
Seen from Turkey
Chen Cheng
Seen from Singapore
ZimZamFlow - CEO of Elastigirl (Commissions OPEN)
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.3M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers