#ioc — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #ioc, aggregated by home.social.
-
New indicators for: Vidar (+1), SalatStealer (+1), RemcosRAT (+1), Ghost RAT (+1), GhostSocks (+1), ERMAC (+1) and Tofsee (+1). https://vuldb.com/actor #apt #cti #ioc
-
New indicators for: Vidar (+1), SalatStealer (+1), RemcosRAT (+1), Ghost RAT (+1), GhostSocks (+1), ERMAC (+1) and Tofsee (+1). https://vuldb.com/actor #apt #cti #ioc
-
New indicators for: Vidar (+1), SalatStealer (+1), RemcosRAT (+1), Ghost RAT (+1), GhostSocks (+1), ERMAC (+1) and Tofsee (+1). https://vuldb.com/actor #apt #cti #ioc
-
New indicators for: Vidar (+1), SalatStealer (+1), RemcosRAT (+1), Ghost RAT (+1), GhostSocks (+1), ERMAC (+1) and Tofsee (+1). https://vuldb.com/actor #apt #cti #ioc
-
New indicators for: Vidar (+1), SalatStealer (+1), RemcosRAT (+1), Ghost RAT (+1), GhostSocks (+1), ERMAC (+1) and Tofsee (+1). https://vuldb.com/actor #apt #cti #ioc
-
I got 29 of these alerts over a 3½ hour period overnight, all from IP addresses in Iran.
Since access to the public internet has been blocked for most people in Iran since January, this is probably government-backed Iranian hackers credential-stuffing Synology boxes. I would imagine there is probably some specific reason they're targeting Synology boxes, perhaps having to do with recently patched CVEs.
If you have Synology devices, make sure your security is tight!
#Iran #Synology #IOC #infosec -
I got 29 of these alerts over a 3½ hour period overnight, all from IP addresses in Iran.
Since access to the public internet has been blocked for most people in Iran since January, this is probably government-backed Iranian hackers credential-stuffing Synology boxes. I would imagine there is probably some specific reason they're targeting Synology boxes, perhaps having to do with recently patched CVEs.
If you have Synology devices, make sure your security is tight!
#Iran #Synology #IOC #infosec -
I got 29 of these alerts over a 3½ hour period overnight, all from IP addresses in Iran.
Since access to the public internet has been blocked for most people in Iran since January, this is probably government-backed Iranian hackers credential-stuffing Synology boxes. I would imagine there is probably some specific reason they're targeting Synology boxes, perhaps having to do with recently patched CVEs.
If you have Synology devices, make sure your security is tight!
#Iran #Synology #IOC #infosec -
I got 29 of these alerts over a 3½ hour period overnight, all from IP addresses in Iran.
Since access to the public internet has been blocked for most people in Iran since January, this is probably government-backed Iranian hackers credential-stuffing Synology boxes. I would imagine there is probably some specific reason they're targeting Synology boxes, perhaps having to do with recently patched CVEs.
If you have Synology devices, make sure your security is tight!
#Iran #Synology #IOC #infosec -
I got 29 of these alerts over a 3½ hour period overnight, all from IP addresses in Iran.
Since access to the public internet has been blocked for most people in Iran since January, this is probably government-backed Iranian hackers credential-stuffing Synology boxes. I would imagine there is probably some specific reason they're targeting Synology boxes, perhaps having to do with recently patched CVEs.
If you have Synology devices, make sure your security is tight!
#Iran #Synology #IOC #infosec -
📢 REF6598 : Obsidian détourné pour déployer le RAT PHANTOMPULSE via ingénierie sociale
📝 ## 🔍 ContextePublié le 14 avril 2026 par Elastic Security Labs (auteurs : Salim Bitam, Samir Bousseaden, Daniel Stepanic), cet article détaille la ca...
📖 cyberveille : https://cyberveille.ch/posts/2026-05-13-ref6598-obsidian-detourne-pour-deployer-le-rat-phantompulse-via-ingenierie-sociale/
🌐 source : https://www.elastic.co/security-labs/phantom-in-the-vault
#IOC #Obsidian #Cyberveille -
📢 Doppelgänger : analyse complète de l'infrastructure d'opérations d'influence russe SDA/Structura
📝 ## 🌐 ContextePublié le 11 mai 2026 par DomainTools sur leur portail de recherche, ce rapport constitue une...
📖 cyberveille : https://cyberveille.ch/posts/2026-05-13-doppelganger-analyse-complete-de-l-infrastructure-d-operations-d-influence-russe-sda-structura/
🌐 source : https://dti.domaintools.com/research/sda-structura-doppelganger-influence-ops
#IOC #Keitaro #Cyberveille -
»Freizeitläufer, die eine langfristige Perspektive für das freie Laufen im #Cantianstadion sicherstellen wollen und nicht auf die Weisheit von #DOSB und #IOC vertrauen, können dem Volksbegehren #NOlympia ihre Stimme geben, das eine Volksabstimmung über Berlins #Olympiabewerbung erreichen will.« 👍
https://www.gleimviertel.de/archives/35167
#NOlympiaBerlin -
»Freizeitläufer, die eine langfristige Perspektive für das freie Laufen im #Cantianstadion sicherstellen wollen und nicht auf die Weisheit von #DOSB und #IOC vertrauen, können dem Volksbegehren #NOlympia ihre Stimme geben, das eine Volksabstimmung über Berlins #Olympiabewerbung erreichen will.« 👍
https://www.gleimviertel.de/archives/35167
#NOlympiaBerlin -
»Freizeitläufer, die eine langfristige Perspektive für das freie Laufen im #Cantianstadion sicherstellen wollen und nicht auf die Weisheit von #DOSB und #IOC vertrauen, können dem Volksbegehren #NOlympia ihre Stimme geben, das eine Volksabstimmung über Berlins #Olympiabewerbung erreichen will.« 👍
https://www.gleimviertel.de/archives/35167
#NOlympiaBerlin -
»Freizeitläufer, die eine langfristige Perspektive für das freie Laufen im #Cantianstadion sicherstellen wollen und nicht auf die Weisheit von #DOSB und #IOC vertrauen, können dem Volksbegehren #NOlympia ihre Stimme geben, das eine Volksabstimmung über Berlins #Olympiabewerbung erreichen will.« 👍
https://www.gleimviertel.de/archives/35167
#NOlympiaBerlin -
»Freizeitläufer, die eine langfristige Perspektive für das freie Laufen im #Cantianstadion sicherstellen wollen und nicht auf die Weisheit von #DOSB und #IOC vertrauen, können dem Volksbegehren #NOlympia ihre Stimme geben, das eine Volksabstimmung über Berlins #Olympiabewerbung erreichen will.« 👍
https://www.gleimviertel.de/archives/35167
#NOlympiaBerlin -
Updated threat actors: SystemBC (+1), Nexcorium (+2), World Leaks (+3), Nexus Team (+2), Formbook (+1), Keenadu (+2) and Head Mare (+3). https://vuldb.com/actor #apt #cti #ioc
-
Updated threat actors: SystemBC (+1), Nexcorium (+2), World Leaks (+3), Nexus Team (+2), Formbook (+1), Keenadu (+2) and Head Mare (+3). https://vuldb.com/actor #apt #cti #ioc
-
Updated threat actors: SystemBC (+1), Nexcorium (+2), World Leaks (+3), Nexus Team (+2), Formbook (+1), Keenadu (+2) and Head Mare (+3). https://vuldb.com/actor #apt #cti #ioc
-
Updated threat actors: SystemBC (+1), Nexcorium (+2), World Leaks (+3), Nexus Team (+2), Formbook (+1), Keenadu (+2) and Head Mare (+3). https://vuldb.com/actor #apt #cti #ioc
-
Updated threat actors: SystemBC (+1), Nexcorium (+2), World Leaks (+3), Nexus Team (+2), Formbook (+1), Keenadu (+2) and Head Mare (+3). https://vuldb.com/actor #apt #cti #ioc
-
📢 Post-mortem : compromission de la chaîne d'approvisionnement npm de TanStack (mai 2026)
📝 ## 🔍 ContexteLe 11 mai 2026, TanStack a publié un post-mortem détaillé d'une **compromission de chaîne d'approvisionnement npm** sur...
📖 cyberveille : https://cyberveille.ch/posts/2026-05-13-post-mortem-compromission-de-la-chaine-d-approvisionnement-npm-de-tanstack-mai-2026/
🌐 source : https://tanstack.com/blog/npm-supply-chain-compromise-postmortem
#GitHub_Actions #IOC #Cyberveille -
We have improved indicators: SmartApeSG (+2), ValleyRAT (+1), DCRat (+2), Remcos (+1), Havoc (+2), NetSupportManager RAT (+2) and Brute Ratel C4 (+1). https://vuldb.com/actor #apt #cti #ioc
-
We have improved indicators: SmartApeSG (+2), ValleyRAT (+1), DCRat (+2), Remcos (+1), Havoc (+2), NetSupportManager RAT (+2) and Brute Ratel C4 (+1). https://vuldb.com/actor #apt #cti #ioc
-
We have improved indicators: SmartApeSG (+2), ValleyRAT (+1), DCRat (+2), Remcos (+1), Havoc (+2), NetSupportManager RAT (+2) and Brute Ratel C4 (+1). https://vuldb.com/actor #apt #cti #ioc
-
We have improved indicators: SmartApeSG (+2), ValleyRAT (+1), DCRat (+2), Remcos (+1), Havoc (+2), NetSupportManager RAT (+2) and Brute Ratel C4 (+1). https://vuldb.com/actor #apt #cti #ioc
-
We have improved indicators: SmartApeSG (+2), ValleyRAT (+1), DCRat (+2), Remcos (+1), Havoc (+2), NetSupportManager RAT (+2) and Brute Ratel C4 (+1). https://vuldb.com/actor #apt #cti #ioc
-
Con la entrega de hoy, ya tengo todas las EAC hechas y subidas a la plataforma.
En 10 días, ¡exámenes! #DAM #IOC #basesdatos #SistemasInformáticos
-
Con la entrega de hoy, ya tengo todas las EAC hechas y subidas a la plataforma.
En 10 días, ¡exámenes! #DAM #IOC #basesdatos #SistemasInformáticos
-
📢 Campagne Mini Shai-Hulud : TanStack, UiPath, Mistral AI et d'autres packages npm/PyPI compromis
📝 ## 🗓️ ContexteLe 11 mai 2026, Wiz publie une analyse technique détaillant une **attaque...
📖 cyberveille : https://cyberveille.ch/posts/2026-05-12-campagne-mini-shai-hulud-tanstack-uipath-mistral-ai-et-d-autres-packages-npm-pypi-compromis/
🌐 source : https://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised
#GitHub_Actions #IOC #Cyberveille -
📢 Campagne NPM malveillante : 38 paquets ciblant Apple, Google et Alibaba via dependency confusion
📝 ## 🔍 ContexteLe 5 mai 2026, Panther Threat Research publie une analyse détaill...
📖 cyberveille : https://cyberveille.ch/posts/2026-05-11-campagne-npm-malveillante-38-paquets-ciblant-apple-google-et-alibaba-via-dependency-confusion/
🌐 source : https://panther.com/blog/frankly-malicious-inside-a-38-package-npm-supply-chain-campaign-targeting-tech-giants
#IOC #TTP #Cyberveille -
📢 PamDOORa : un backdoor Linux basé sur PAM vendu sur un forum cybercriminel russe
📝 ## 🔍 ContextePublié le 7 mai 2026 par Assaf Morag (Flare), cet article analyse un outil malveillant nommé **PamDOORa...
📖 cyberveille : https://cyberveille.ch/posts/2026-05-11-pamdoora-un-backdoor-linux-base-sur-pam-vendu-sur-un-forum-cybercriminel-russe/
🌐 source : https://flare.io/learn/resources/blog/pamdoora-new-linux-pam-based-backdoor-sale-dark-web
#IOC #Linux_persistence #Cyberveille -
📢 Un botnet DDoS ciblant les serveurs de jeux vidéo déployé via un honeypot Jenkins
📝 ## 🔍 ContextePublié le 29 avril 2026 par Darktrace (blog Inside the SOC), cet article présent...
📖 cyberveille : https://cyberveille.ch/posts/2026-05-11-un-botnet-ddos-ciblant-les-serveurs-de-jeux-video-deploye-via-un-honeypot-jenkins/
🌐 source : https://www.darktrace.com/blog/darktrace-malware-analysis-jenkins-honeypot-reveals-emerging-botnet-targeting-online-games
#DDoS #IOC #Cyberveille -
We have added indicators: Gafgyt (+1), Vidar (+13), DCRat (+1), Evilginx (+2), AdaptixC2 (+2), XWorm (+2) and Stealc (+1). https://vuldb.com/actor #apt #cti #ioc
-
We have added indicators: Gafgyt (+1), Vidar (+13), DCRat (+1), Evilginx (+2), AdaptixC2 (+2), XWorm (+2) and Stealc (+1). https://vuldb.com/actor #apt #cti #ioc
-
We have added indicators: Gafgyt (+1), Vidar (+13), DCRat (+1), Evilginx (+2), AdaptixC2 (+2), XWorm (+2) and Stealc (+1). https://vuldb.com/actor #apt #cti #ioc
-
We have added indicators: Gafgyt (+1), Vidar (+13), DCRat (+1), Evilginx (+2), AdaptixC2 (+2), XWorm (+2) and Stealc (+1). https://vuldb.com/actor #apt #cti #ioc
-
We have added indicators: Gafgyt (+1), Vidar (+13), DCRat (+1), Evilginx (+2), AdaptixC2 (+2), XWorm (+2) and Stealc (+1). https://vuldb.com/actor #apt #cti #ioc
-
We have updated indicators: Havoc (+1), Quasar RAT (+1), Meterpreter (+5), Cobalt Strike (+6), DCRat (+1), Evilginx (+2) and NetSupportManager RAT (+1). https://vuldb.com/actor #apt #cti #ioc
-
We have updated indicators: Havoc (+1), Quasar RAT (+1), Meterpreter (+5), Cobalt Strike (+6), DCRat (+1), Evilginx (+2) and NetSupportManager RAT (+1). https://vuldb.com/actor #apt #cti #ioc
-
We have updated indicators: Havoc (+1), Quasar RAT (+1), Meterpreter (+5), Cobalt Strike (+6), DCRat (+1), Evilginx (+2) and NetSupportManager RAT (+1). https://vuldb.com/actor #apt #cti #ioc
-
We have updated indicators: Havoc (+1), Quasar RAT (+1), Meterpreter (+5), Cobalt Strike (+6), DCRat (+1), Evilginx (+2) and NetSupportManager RAT (+1). https://vuldb.com/actor #apt #cti #ioc
-
We have updated indicators: Havoc (+1), Quasar RAT (+1), Meterpreter (+5), Cobalt Strike (+6), DCRat (+1), Evilginx (+2) and NetSupportManager RAT (+1). https://vuldb.com/actor #apt #cti #ioc
-
International Olympic Committee Rescinds Restrictions on Belarus Athletes
International Olympic Committee Rescinds Restrictions on Belarus Athletes The International Olympic Committee on Friday said that it no…
#Belarus #BY #Europe #Europa #EU #2028OlympicGamesCoverage-LosAngeles #belarus #IOC #Russia #worldaquatics
https://www.europesays.com/2978062/ -
International Olympic Committee Rescinds Restrictions on Belarus Athletes https://www.byteseu.com/2005944/ #2028OlympicGamesCoverageLosAngeles #Belarus #IOC #Russia #WorldAquatics
-
📢 Faux dépôt OpenAI sur Hugging Face distribue un infostealer Rust via typosquatting
📝 ## 🗓️ ContexteSource : BleepingComputer, publié le 9 mai 2026.
📖 cyberveille : https://cyberveille.ch/posts/2026-05-09-faux-depot-openai-sur-hugging-face-distribue-un-infostealer-rust-via-typosquatting/
🌐 source : https://www.bleepingcomputer.com/news/security/fake-openai-repository-on-hugging-face-pushes-infostealer-malware/
#Hugging_Face #IOC #Cyberveille
