home.social

#credentialabuse — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #credentialabuse, aggregated by home.social.

  1. Vulnerability Exploitation Surges in Data Breaches

    Vulnerability exploitation is now the top attack vector, responsible for a staggering one-third of all data breaches. This alarming trend highlights the urgent need for robust patch management and cybersecurity measures to stay ahead of threats.

    osintsights.com/vulnerability-

    #VulnerabilityExploitation #DataBreaches #VerizonDbir #CredentialAbuse #Phishing

  2. Operational Brief:
    Threat cluster: Diesel Vortex
    Attribution indicators: Russian domain infrastructure, Armenian-language operator comms

    Discovery: Exposed .git repository
    Primary impact:
    • 1,600+ compromised credentials
    • Freight diversion & double-brokering
    • Structured phishing-as-a-service (“MC Profit Always”)
    Investigated by Have I Been Squatted, Ctrl-Alt-Int3l.
    Infrastructure disruption supported by Google Threat Intelligence Group, Cloudflare, GitLab, Ping Identity.

    Detection priorities:
    – Credential stuffing monitoring
    – Load board anomaly detection
    – Broker identity validation
    – Git exposure scanning

    Source: therecord.media/phishing-opera

    Follow for tactical threat briefings.
    Share detection insights below.

    #Infosec #ThreatIntel #PhishingInfrastructure #CargoFraud #SupplyChainSecurity #CredentialAbuse #FraudOps #CyberCrime #BlueTeam #SOC #DigitalForensics

  3. Operational Brief:
    Threat cluster: Diesel Vortex
    Attribution indicators: Russian domain infrastructure, Armenian-language operator comms

    Discovery: Exposed .git repository
    Primary impact:
    • 1,600+ compromised credentials
    • Freight diversion & double-brokering
    • Structured phishing-as-a-service (“MC Profit Always”)
    Investigated by Have I Been Squatted, Ctrl-Alt-Int3l.
    Infrastructure disruption supported by Google Threat Intelligence Group, Cloudflare, GitLab, Ping Identity.

    Detection priorities:
    – Credential stuffing monitoring
    – Load board anomaly detection
    – Broker identity validation
    – Git exposure scanning

    Source: therecord.media/phishing-opera

    Follow for tactical threat briefings.
    Share detection insights below.

    #Infosec #ThreatIntel #PhishingInfrastructure #CargoFraud #SupplyChainSecurity #CredentialAbuse #FraudOps #CyberCrime #BlueTeam #SOC #DigitalForensics

  4. Operational Brief:
    Threat cluster: Diesel Vortex
    Attribution indicators: Russian domain infrastructure, Armenian-language operator comms

    Discovery: Exposed .git repository
    Primary impact:
    • 1,600+ compromised credentials
    • Freight diversion & double-brokering
    • Structured phishing-as-a-service (“MC Profit Always”)
    Investigated by Have I Been Squatted, Ctrl-Alt-Int3l.
    Infrastructure disruption supported by Google Threat Intelligence Group, Cloudflare, GitLab, Ping Identity.

    Detection priorities:
    – Credential stuffing monitoring
    – Load board anomaly detection
    – Broker identity validation
    – Git exposure scanning

    Source: therecord.media/phishing-opera

    Follow for tactical threat briefings.
    Share detection insights below.

    #Infosec #ThreatIntel #PhishingInfrastructure #CargoFraud #SupplyChainSecurity #CredentialAbuse #FraudOps #CyberCrime #BlueTeam #SOC #DigitalForensics

  5. Operational Brief:
    Threat cluster: Diesel Vortex
    Attribution indicators: Russian domain infrastructure, Armenian-language operator comms

    Discovery: Exposed .git repository
    Primary impact:
    • 1,600+ compromised credentials
    • Freight diversion & double-brokering
    • Structured phishing-as-a-service (“MC Profit Always”)
    Investigated by Have I Been Squatted, Ctrl-Alt-Int3l.
    Infrastructure disruption supported by Google Threat Intelligence Group, Cloudflare, GitLab, Ping Identity.

    Detection priorities:
    – Credential stuffing monitoring
    – Load board anomaly detection
    – Broker identity validation
    – Git exposure scanning

    Source: therecord.media/phishing-opera

    Follow for tactical threat briefings.
    Share detection insights below.

    #Infosec #ThreatIntel #PhishingInfrastructure #CargoFraud #SupplyChainSecurity #CredentialAbuse #FraudOps #CyberCrime #BlueTeam #SOC #DigitalForensics