#recordedfuture — Public Fediverse posts

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

https://krebsonsecurity.com/2026/04/germany-doxes-unkn-head-of-ru-ransomware-gangs-revil-gandcrab/

#AnatolySergeevitschKravchuk #GermanFederalCriminalPolice #DaniilMaksimovichShchukin #Ne'er-Do-WellNews #DmitrySmilyanets #ALittleSunshine #RecordedFuture #DanielGolden #WebFraud2.0 #ReneeDudley #Ransomware #GandCrab #Intel471 #Ger0in #rEvil #UNKN

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

https://krebsonsecurity.com/2026/04/germany-doxes-unkn-head-of-ru-ransomware-gangs-revil-gandcrab/

#AnatolySergeevitschKravchuk #GermanFederalCriminalPolice #DaniilMaksimovichShchukin #Ne'er-Do-WellNews #DmitrySmilyanets #ALittleSunshine #RecordedFuture #DanielGolden #WebFraud2.0 #ReneeDudley #Ransomware #GandCrab #Intel471 #Ger0in #rEvil #UNKN

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

https://krebsonsecurity.com/2026/04/germany-doxes-unkn-head-of-ru-ransomware-gangs-revil-gandcrab/

#AnatolySergeevitschKravchuk #GermanFederalCriminalPolice #DaniilMaksimovichShchukin #Ne'er-Do-WellNews #DmitrySmilyanets #ALittleSunshine #RecordedFuture #DanielGolden #WebFraud2.0 #ReneeDudley #Ransomware #GandCrab #Intel471 #Ger0in #rEvil #UNKN

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

https://krebsonsecurity.com/2026/04/germany-doxes-unkn-head-of-ru-ransomware-gangs-revil-gandcrab/

#AnatolySergeevitschKravchuk #GermanFederalCriminalPolice #DaniilMaksimovichShchukin #Ne'er-Do-WellNews #DmitrySmilyanets #ALittleSunshine #RecordedFuture #DanielGolden #WebFraud2.0 #ReneeDudley #Ransomware #GandCrab #Intel471 #Ger0in #rEvil #UNKN

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

https://krebsonsecurity.com/2026/04/germany-doxes-unkn-head-of-ru-ransomware-gangs-revil-gandcrab/

#AnatolySergeevitschKravchuk #GermanFederalCriminalPolice #DaniilMaksimovichShchukin #Ne'er-Do-WellNews #DmitrySmilyanets #ALittleSunshine #RecordedFuture #DanielGolden #WebFraud2.0 #ReneeDudley #Ransomware #GandCrab #Intel471 #Ger0in #rEvil #UNKN

----------------

🎯 Threat Intelligence
===================

Executive summary: PurpleBravo, tracked as overlapping with the Contagious Interview campaign first documented in November 2023, is a North Korean state‑sponsored cluster focused on software developers—notably in software development and cryptocurrency verticals. Recorded Future / Insikt Group links the operation to 3,136 likely-target IPs (Aug 2024–Sep 2025) and identifies twenty potential victim organizations across multiple regions.

Technical details:

• Malware families and tooling observed: BeaverTail (JavaScript infostealer/loader), GolangGhost and PyLangGhost (multi‑platform RATs optimized for browser credentials and crypto wallets), and InvisibleFerret.

• Delivery and lure chain: use of fraudulent LinkedIn personas, fake recruiter outreach, interview coding tests, ClickFix prompts, and malicious GitHub repositories and fictitious lure brands.

• Infrastructure: C2 servers administered via Astrill VPN and IP ranges in China; BeaverTail and GolangGhost C2s hosted across seventeen distinct providers. Insikt Group cataloged 3,136 IPs concentrated in South Asia and North America and flagged twenty potential victim organizations across AI, crypto, finance, IT services, marketing, and software development.

Attack Chain Analysis:
• Initial Access: Social engineering via fake recruiter outreach and coding-test lures.
• Download: Malicious payloads delivered through GitHub repos or interview/test prompts.
• Execution: Execution of JavaScript infostealer (BeaverTail) or RAT loaders on victim devices.
• Infection & Credential Theft: Browser credential and cryptocurrency wallet theft via GolangGhost/PyLangGhost.
• C2 Communication: Management of C2 via Astrill VPN and diverse hosting providers.

Impact & analysis: The campaign disproportionately targets developers who may use corporate endpoints for personal job‑search activities, increasing the risk of downstream compromise across client bases of IT services and outsourcing firms. Recorded Future distinguishes PurpleBravo from PurpleDelta but documents intersections, including shared Astrill VPN administration and IP overlaps suggesting operator interactions.

Detection: Insikt Group’s findings emphasize telemetry such as recruiter‑style outreach tied to malicious GitHub repos, inbound connections to C2 ranges associated with Astrill VPN, and indicators of BeaverTail and GolangGhost activity. The original report lists observed counts and infrastructure; it does not publish exhaustive IoCs in the provided summary.

Mitigation: The source material focuses on observed activity and attribution; it does not enumerate prescriptive mitigations.

🔹 purplebravo #beavertail #golangghost #insiktgroup #recordedfuture

🔗 Source: https://www.recordedfuture.com/research/purplebravos-targeting-it-software-supply-chain

The concerted attack on REST represents merely one episode in a broader, sophisticated information war aimed at marginalizing independent media. Under the pretext of “combating disinformation,” these NGOs aggressively encroach upon sovereign information spaces, promoting narratives that favor Western interests while labeling any dissenting viewpoints as “propaganda.”

...

For instance, the Omidyar Network provided financial backing for anti-government protests in Nigeria in 2024, demonstrating its willingness to influence political outcomes abroad. Similarly, in collaboration with the U.S. Agency for International Development (USAID), the Omidyar Network allocated $500,000 to the pro-Western Ukrainian NGO Center UA, associated with oligarch Oleg Rybachuk, and $335,000 to the New Citizen project. Both initiatives played significant roles in the 2014 Ukrainian coup, highlighting the foundations’ strategic involvement in regime-change operations.

...

A think-tank and non-governmental organization based in Vilnius, Lithuania, was founded in 2018 to counter online disinformation. The organization actively promotes the narrative of Russian “disinformation” in the Baltic states, Poland, Georgia, Montenegro, North Macedonia, and the United States. Debunk.org receives grants from the Lithuanian Ministry of Foreign Affairs and Ministry of Defense, the German Federal Government, and the United Kingdom’s Foreign Office.

@Acta Populi — 2025-09-27 14:25:02 The Thought Police Are Real: How Western NGOs Wage Information War Under the False Flag of “Fighting Disinformation” restmedia.io/the-thought-polic…

The concerted attack on REST represents merely one episode in a broader, sophisticated information war aimed at marginalizing independent media. Under the pretext of “combating disinformation,” these NGOs aggressively encroach upon sovereign information spaces, promoting narratives that favor Western interests while labeling any dissenting viewpoints as “propaganda.”

...

For instance, the Omidyar Network provided financial backing for anti-government protests in Nigeria in 2024, demonstrating its willingness to influence political outcomes abroad. Similarly, in collaboration with the U.S. Agency for International Development (USAID), the Omidyar Network allocated $500,000 to the pro-Western Ukrainian NGO Center UA, associated with oligarch Oleg Rybachuk, and $335,000 to the New Citizen project. Both initiatives played significant roles in the 2014 Ukrainian coup, highlighting the foundations’ strategic involvement in regime-change operations.

...

A think-tank and non-governmental organization based in Vilnius, Lithuania, was founded in 2018 to counter online disinformation. The organization actively promotes the narrative of Russian “disinformation” in the Baltic states, Poland, Georgia, Montenegro, North Macedonia, and the United States. Debunk.org receives grants from the Lithuanian Ministry of Foreign Affairs and Ministry of Defense, the German Federal Government, and the United Kingdom’s Foreign Office.

@Acta Populi — 2025-09-27 14:25:02 The Thought Police Are Real: How Western NGOs Wage Information War Under the False Flag of “Fighting Disinformation” restmedia.io/the-thought-polic…

Recorded Future August 2025 report flags 18 critical cybersecurity vulnerabilities, with Citrix and WinRAR exploits leading urgent patch calls. Stay secure—prioritize updates now!

#SecurityLand #BusinessShield #Cybersecurity #ThreatIntelligence #RecordedFuture #InsiktGroup #Report #CVE #Citrix #Cisco #Winrar

Read More: https://www.security.land/recorded-future-insikt-group-august-2025-report-18-high-impact-vulnerabilities-prioritized-for-patching/

Recorded Future August 2025 report flags 18 critical cybersecurity vulnerabilities, with Citrix and WinRAR exploits leading urgent patch calls. Stay secure—prioritize updates now!

#SecurityLand #BusinessShield #Cybersecurity #ThreatIntelligence #RecordedFuture #InsiktGroup #Report #CVE #Citrix #Cisco #Winrar

Read More: https://www.security.land/recorded-future-insikt-group-august-2025-report-18-high-impact-vulnerabilities-prioritized-for-patching/

Recorded Future August 2025 report flags 18 critical cybersecurity vulnerabilities, with Citrix and WinRAR exploits leading urgent patch calls. Stay secure—prioritize updates now!

#SecurityLand #BusinessShield #Cybersecurity #ThreatIntelligence #RecordedFuture #InsiktGroup #Report #CVE #Citrix #Cisco #Winrar

Read More: https://www.security.land/recorded-future-insikt-group-august-2025-report-18-high-impact-vulnerabilities-prioritized-for-patching/

Bulletproof Host Stark Industries Evades EU Sanctions https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/ #StarkIndustriesSolutionsLtd #Russia'sWaronUkraine #PQHostingPlusS.R.L. #Ne'er-Do-WellNews #AndreyNesterenko #ALittleSunshine #LatestWarnings #RecordedFuture #WorkTitansB.V. #IvanNeculiti #MisfitsMedia #YoussefZinad #YuriNeculiti #domaintools #MIRhosting #PQHosting #WTHosting #AS209847

Bulletproof Host Stark Industries Evades EU Sanctions https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/ #StarkIndustriesSolutionsLtd #Russia'sWaronUkraine #PQHostingPlusS.R.L. #Ne'er-Do-WellNews #AndreyNesterenko #ALittleSunshine #LatestWarnings #RecordedFuture #WorkTitansB.V. #IvanNeculiti #MisfitsMedia #YoussefZinad #YuriNeculiti #domaintools #MIRhosting #PQHosting #WTHosting #AS209847

Bulletproof Host Stark Industries Evades EU Sanctions https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/ #StarkIndustriesSolutionsLtd #Russia'sWaronUkraine #PQHostingPlusS.R.L. #Ne'er-Do-WellNews #AndreyNesterenko #ALittleSunshine #LatestWarnings #RecordedFuture #WorkTitansB.V. #IvanNeculiti #MisfitsMedia #YoussefZinad #YuriNeculiti #domaintools #MIRhosting #PQHosting #WTHosting #AS209847

Bulletproof Host Stark Industries Evades EU Sanctions https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/ #StarkIndustriesSolutionsLtd #Russia'sWaronUkraine #PQHostingPlusS.R.L. #Ne'er-Do-WellNews #AndreyNesterenko #ALittleSunshine #LatestWarnings #RecordedFuture #WorkTitansB.V. #IvanNeculiti #MisfitsMedia #YoussefZinad #YuriNeculiti #domaintools #MIRhosting #PQHosting #WTHosting #AS209847

Bulletproof Host Stark Industries Evades EU Sanctions

https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/

#StarkIndustriesSolutionsLtd #Russia'sWaronUkraine #PQHostingPlusS.R.L. #Ne'er-Do-WellNews #AndreyNesterenko #ALittleSunshine #LatestWarnings #RecordedFuture #WorkTitansB.V. #IvanNeculiti #MisfitsMedia #YoussefZinad #YuriNeculiti #domaintools #MIRhosting #PQHosting #WTHosting #AS209847

Bulletproof Host Stark Industries Evades EU Sanctions

https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/

#StarkIndustriesSolutionsLtd #Russia'sWaronUkraine #PQHostingPlusS.R.L. #Ne'er-Do-WellNews #AndreyNesterenko #ALittleSunshine #LatestWarnings #RecordedFuture #WorkTitansB.V. #IvanNeculiti #MisfitsMedia #YoussefZinad #YuriNeculiti #domaintools #MIRhosting #PQHosting #WTHosting #AS209847

Bulletproof Host Stark Industries Evades EU Sanctions

https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/

#StarkIndustriesSolutionsLtd #Russia'sWaronUkraine #PQHostingPlusS.R.L. #Ne'er-Do-WellNews #AndreyNesterenko #ALittleSunshine #LatestWarnings #RecordedFuture #WorkTitansB.V. #IvanNeculiti #MisfitsMedia #YoussefZinad #YuriNeculiti #domaintools #MIRhosting #PQHosting #WTHosting #AS209847

Bulletproof Host Stark Industries Evades EU Sanctions

https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/

#StarkIndustriesSolutionsLtd #Russia'sWaronUkraine #PQHostingPlusS.R.L. #Ne'er-Do-WellNews #AndreyNesterenko #ALittleSunshine #LatestWarnings #RecordedFuture #WorkTitansB.V. #IvanNeculiti #MisfitsMedia #YoussefZinad #YuriNeculiti #domaintools #MIRhosting #PQHosting #WTHosting #AS209847

Bulletproof Host Stark Industries Evades EU Sanctions

https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/

#StarkIndustriesSolutionsLtd #Russia'sWaronUkraine #PQHostingPlusS.R.L. #Ne'er-Do-WellNews #AndreyNesterenko #ALittleSunshine #LatestWarnings #RecordedFuture #WorkTitansB.V. #IvanNeculiti #MisfitsMedia #YoussefZinad #YuriNeculiti #domaintools #MIRhosting #PQHosting #WTHosting #AS209847

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200) https://www.helpnetsecurity.com/2025/06/13/ios-zero-click-attacks-used-to-deliver-graphite-spyware-cve-2025-43200/ #governmentbackedattacks #AmnestyInternational #RecordedFuture #vulnerability #CitizenLab #Don'tmiss #Hotstuff #exploit #privacy #spyware #Europe #News #iOS

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200) https://www.helpnetsecurity.com/2025/06/13/ios-zero-click-attacks-used-to-deliver-graphite-spyware-cve-2025-43200/ #governmentbackedattacks #AmnestyInternational #RecordedFuture #vulnerability #CitizenLab #Don'tmiss #Hotstuff #exploit #privacy #spyware #Europe #News #iOS

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200) https://www.helpnetsecurity.com/2025/06/13/ios-zero-click-attacks-used-to-deliver-graphite-spyware-cve-2025-43200/ #governmentbackedattacks #AmnestyInternational #RecordedFuture #vulnerability #CitizenLab #Don'tmiss #Hotstuff #exploit #privacy #spyware #Europe #News #iOS

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200) https://www.helpnetsecurity.com/2025/06/13/ios-zero-click-attacks-used-to-deliver-graphite-spyware-cve-2025-43200/ #governmentbackedattacks #AmnestyInternational #RecordedFuture #vulnerability #CitizenLab #Don'tmiss #Hotstuff #exploit #privacy #spyware #Europe #News #iOS

Just to introduce some transparency: according to CNN, it was #TheRecord,the 1st media which reported on the fact that the #USCyberCommand would suspend offensive ops against #Russia.The Record is owned by intelligence firm #RecordedFuture,which in 2022 signed a MoU with #Ukraine

Just to introduce some transparency: according to CNN, it was #TheRecord,the 1st media which reported on the fact that the #USCyberCommand would suspend offensive ops against #Russia.The Record is owned by intelligence firm #RecordedFuture,which in 2022 signed a MoU with #Ukraine

Just to introduce some transparency: according to CNN, it was #TheRecord,the 1st media which reported on the fact that the #USCyberCommand would suspend offensive ops against #Russia.The Record is owned by intelligence firm #RecordedFuture,which in 2022 signed a MoU with #Ukraine

Just to introduce some transparency: according to CNN, it was #TheRecord,the 1st media which reported on the fact that the #USCyberCommand would suspend offensive ops against #Russia.The Record is owned by intelligence firm #RecordedFuture,which in 2022 signed a MoU with #Ukraine

Just to introduce some transparency: according to CNN, it was #TheRecord,the 1st media which reported on the fact that the #USCyberCommand would suspend offensive ops against #Russia.The Record is owned by intelligence firm #RecordedFuture,which in 2022 signed a MoU with #Ukraine

Solo per trasparenza: CNN riporta che 1° media a dare notizia che il US Cyber Command sospenderebbe operazioni offensive contro #Russia è The Record. #TheRecord è di proprietà dell'azienda di intelligence #RecordedFuture che nel 2022 ha stabilito un contratto con #Ucraina

The latest spin on the Home Office demand for a backdoor into Apple iCloud/iMessage storage is “…it’s not a backdoor, we just want existing exploitable weaknesses to NOT be removed”

Read the attached, and consider that the existing access mechanisms would ALSO remain available to malicious actors.

They don’t want the architectural security holes to be bricked-up. It’s a bit like they fear that Apple & Meta are building on some sort of surveillance green-belt.

Quote RecordedFuture’s Alexander Martin:

But my frustration with the phrase “back door” is how it misrepresents the British government’s intention. That intention is explicitly and intentionally to not create some kind of covert Top Secret capability to access encrypted data […] and to not do so because such a weakness could be abused by malicious actors. Instead, the point of TCNs is just to ensure that existing access methods remain available … as they were with iCloud up until November 2022.

Full article/argument/appeal, at LinkedIn

#apple #encryption #endToEndEncryption #homeOffice #privacy #recordedFuture

Recorded Future Tagged as ‘Undesirable’ in Russia https://www.securityweek.com/recorded-future-tagged-as-undesirable-in-russia/ #threatintelligence #RecordedFuture #Cyberwarfare #Government #Mastercard #cyberwar #Russia

Recorded Future Tagged as ‘Undesirable’ in Russia https://www.securityweek.com/recorded-future-tagged-as-undesirable-in-russia/ #threatintelligence #RecordedFuture #Cyberwarfare #Government #Mastercard #cyberwar #Russia

Caught in the Net https://ciso2ciso.com/caught-in-the-net/ #0-CT-SOC-CSIRTOperations-ThreatIntelligence #CISO2CISONotepadSeries #RecordedFuture #InsiktGroup

#Mastercard invests in continued defense of global digital economy with acquisition of #RecordedFuture

"Global #ThreatIntelligence capabilities complement Mastercard’s existing suite of services delivering cyber resilience and trust" https://www.mastercard.com/news/press/2024/september/mastercard-invests-in-continued-defense-of-global-digital-economy-with-acquisition-of-recorded-future/

Cyble’s Manish Chachada Explains Why Independence Matters in Threat Intelligence https://thecyberexpress.com/cyble-manish-chachada-mastercards-acquisition/ #MasterCard’sacquisitionofRecordedFuture #Mastercard'sacquisition #Mergers&Aquisitions #TheCyberExpressNews #ThreatIntelligence #TheCyberExpress #ManishChachada #RecordedFuture #FirewallDaily #BusinessNews #SecurityPill #cyble

Mastercard acquires US cybersecurity firm Recorded Future, expanding its footprint into the threat intelligence world.

#US #Mastercard #RecordedFuture #cybersecurity #infosec

https://cnews.link/mastercard-expands-cybersecurity-footprint-with-acquisition-3/

For everyone who is scratching their heads about #Mastercard buying #RecordedFuture, they already bought #NuData in 2017, #RiskRecon in 2019, and #CipherTrace in 2021. I do hope the RF keeps putting out quality work. I'm happy still with RiskRecon after the acquisition, so I'm optimistic.
https://www.businesswire.com/news/home/20240911437309/en/Mastercard-Invests-in-Continued-Defense-of-Global-Digital-Economy-With-Acquisition-of-Recorded-Future

Mastercard Acquires Recorded Future for $2.65B to Enhance Digital Trust https://thecyberexpress.com/mastercard-acquires-recorded-future/ #MastercardAcquiresRecordedFuture #recordedfutureacquisition #Mergers&Aquisitions #TheCyberExpressNews #TheCyberExpress #RecordedFuture #FirewallDaily #BusinessNews #Mastercard

The Not-So-Secret Network Access Broker x999xx

https://krebsonsecurity.com/2024/07/the-not-so-secret-network-access-broker-x999xx/

#OzerskTechnologicalInstituteNationalResearchNuclearUniversity #kirtsov@telecom.ozersk.ru #MaksimGeorgievichKirtsov #U.S.DepartmentofJustice #maxnmalias[email protected] #КирцовМаксимГеоргиевич #ConstellaIntelligence #dashin2008@yahoo.com #Ne'er-Do-WellNews #maksya@icloud.com #OperationEndgame #osint.industries #MikhailMatveev #RecordedFuture #CobaltStrike #Breadcrumbs

The Not-So-Secret Network Access Broker x999xx

https://krebsonsecurity.com/2024/07/the-not-so-secret-network-access-broker-x999xx/

#OzerskTechnologicalInstituteNationalResearchNuclearUniversity #kirtsov@telecom.ozersk.ru #MaksimGeorgievichKirtsov #U.S.DepartmentofJustice #maxnmalias[email protected] #КирцовМаксимГеоргиевич #ConstellaIntelligence #dashin2008@yahoo.com #Ne'er-Do-WellNews #maksya@icloud.com #OperationEndgame #osint.industries #MikhailMatveev #RecordedFuture #CobaltStrike #Breadcrumbs

The Not-So-Secret Network Access Broker x999xx

https://krebsonsecurity.com/2024/07/the-not-so-secret-network-access-broker-x999xx/

#OzerskTechnologicalInstituteNationalResearchNuclearUniversity #kirtsov@telecom.ozersk.ru #MaksimGeorgievichKirtsov #U.S.DepartmentofJustice #maxnmalias[email protected] #КирцовМаксимГеоргиевич #ConstellaIntelligence #dashin2008@yahoo.com #Ne'er-Do-WellNews #maksya@icloud.com #OperationEndgame #osint.industries #MikhailMatveev #RecordedFuture #CobaltStrike #Breadcrumbs

The Not-So-Secret Network Access Broker x999xx

https://krebsonsecurity.com/2024/07/the-not-so-secret-network-access-broker-x999xx/

#OzerskTechnologicalInstituteNationalResearchNuclearUniversity #kirtsov@telecom.ozersk.ru #MaksimGeorgievichKirtsov #U.S.DepartmentofJustice #maxnmalias[email protected] #КирцовМаксимГеоргиевич #ConstellaIntelligence #dashin2008@yahoo.com #Ne'er-Do-WellNews #maksya@icloud.com #OperationEndgame #osint.industries #MikhailMatveev #RecordedFuture #CobaltStrike #Breadcrumbs

The Not-So-Secret Network Access Broker x999xx

https://krebsonsecurity.com/2024/07/the-not-so-secret-network-access-broker-x999xx/

#OzerskTechnologicalInstituteNationalResearchNuclearUniversity #kirtsov@telecom.ozersk.ru #MaksimGeorgievichKirtsov #U.S.DepartmentofJustice #maxnmalias[email protected] #КирцовМаксимГеоргиевич #ConstellaIntelligence #dashin2008@yahoo.com #Ne'er-Do-WellNews #maksya@icloud.com #OperationEndgame #osint.industries #MikhailMatveev #RecordedFuture #CobaltStrike #Breadcrumbs

The Not-So-Secret Network Access Broker x999xx https://krebsonsecurity.com/2024/07/the-not-so-secret-network-access-broker-x999xx/ #OzerskTechnologicalInstituteNationalResearchNuclearUniversity #kirtsov@telecom.ozersk.ru #MaksimGeorgievichKirtsov #U.S.DepartmentofJustice #maxnmalias[email protected] #КирцовМаксимГеоргиевич #ConstellaIntelligence #dashin2008@yahoo.com #Ne'er-Do-WellNews #maksya@icloud.com #OperationEndgame #osint.industries #MikhailMatveev #RecordedFuture #CobaltStrike #Breadcrumbs

The Not-So-Secret Network Access Broker x999xx https://krebsonsecurity.com/2024/07/the-not-so-secret-network-access-broker-x999xx/ #OzerskTechnologicalInstituteNationalResearchNuclearUniversity #kirtsov@telecom.ozersk.ru #MaksimGeorgievichKirtsov #U.S.DepartmentofJustice #maxnmalias[email protected] #КирцовМаксимГеоргиевич #ConstellaIntelligence #dashin2008@yahoo.com #Ne'er-Do-WellNews #maksya@icloud.com #OperationEndgame #osint.industries #MikhailMatveev #RecordedFuture #CobaltStrike #Breadcrumbs

The Not-So-Secret Network Access Broker x999xx https://krebsonsecurity.com/2024/07/the-not-so-secret-network-access-broker-x999xx/ #OzerskTechnologicalInstituteNationalResearchNuclearUniversity #kirtsov@telecom.ozersk.ru #MaksimGeorgievichKirtsov #U.S.DepartmentofJustice #maxnmalias[email protected] #КирцовМаксимГеоргиевич #ConstellaIntelligence #dashin2008@yahoo.com #Ne'er-Do-WellNews #maksya@icloud.com #OperationEndgame #osint.industries #MikhailMatveev #RecordedFuture #CobaltStrike #Breadcrumbs

The Not-So-Secret Network Access Broker x999xx https://krebsonsecurity.com/2024/07/the-not-so-secret-network-access-broker-x999xx/ #OzerskTechnologicalInstituteNationalResearchNuclearUniversity #kirtsov@telecom.ozersk.ru #MaksimGeorgievichKirtsov #U.S.DepartmentofJustice #maxnmalias[email protected] #КирцовМаксимГеоргиевич #ConstellaIntelligence #dashin2008@yahoo.com #Ne'er-Do-WellNews #maksya@icloud.com #OperationEndgame #osint.industries #MikhailMatveev #RecordedFuture #CobaltStrike #Breadcrumbs

Clever macOS malware delivery campaign targets cryptocurrency users https://www.helpnetsecurity.com/2024/06/19/cryptocurrency-malware/ #RecordedFuture #Don'tmiss #Hotstuff #malware #Windows #macOS #News

Medical-Targeted #Ransomware Is Breaking Records After Change Healthcare’s $22M Payout

#Cybersecurity firm #RecordedFuture counted 44 health-care-related incidents in the month after #ChangeHealthcare ’s payment came to light—the most it’s ever seen in a single month.
#privacy #security

https://www.wired.com/story/change-healthcare-22-million-payment-ransomware-spike/