home.social

#sliver — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #sliver, aggregated by home.social.

  1. Middle East Malicious Infrastructure Report: 1,350+ C2 Servers Mapped Across 98 Providers

    Between February and May 2026, over 1,350 active command-and-control servers were identified across 98 infrastructure providers spanning 14 Middle Eastern countries. Saudi Arabia's STC hosted 981 C2 servers, representing 72.4% of all regional malicious infrastructure, the largest concentration globally. C2 infrastructure dominated at 96.8% of detected activity, with IoT-focused botnets like Hajime, Mozi, and Mirai, alongside offensive frameworks including Tactical RMM, Cobalt Strike, and Sliver representing the primary malware families. The infrastructure supported diverse operations from state-sponsored espionage campaigns like Eagle Werewolf targeting state entities, to Malware-as-a-Service platforms, cryptomining operations, and destructive attacks such as DYNOWIPER. Key providers included SERVERS TECH FZCO in UAE, OMC in Israel, Türk Telekom, and Regxa in Iraq, demonstrating how telecommunications giants and specialized hosting services enable both commodity cybercrime and advanced persistent threat op...

    Pulse ID: 6a0f8f36422c8adb515a9804
    Pulse Link: otx.alienvault.com/pulse/6a0f8
    Pulse Author: AlienVault
    Created: 2026-05-21 23:03:18

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CobaltStrike #CryptoMining #CyberCrime #CyberSecurity #Espionage #InfoSec #IoT #Israel #Malware #MalwareAsAService #MiddleEast #Mirai #OTX #OpenThreatExchange #RAT #SaudiArabia #Sliver #Telecom #Telecommunication #UAE #bot #botnet #AlienVault

  2. Middle East Malicious Infrastructure Report: 1,350+ C2 Servers Mapped Across 98 Providers

    Between February and May 2026, over 1,350 active command-and-control servers were identified across 98 infrastructure providers spanning 14 Middle Eastern countries. Saudi Arabia's STC hosted 981 C2 servers, representing 72.4% of all regional malicious infrastructure, the largest concentration globally. C2 infrastructure dominated at 96.8% of detected activity, with IoT-focused botnets like Hajime, Mozi, and Mirai, alongside offensive frameworks including Tactical RMM, Cobalt Strike, and Sliver representing the primary malware families. The infrastructure supported diverse operations from state-sponsored espionage campaigns like Eagle Werewolf targeting state entities, to Malware-as-a-Service platforms, cryptomining operations, and destructive attacks such as DYNOWIPER. Key providers included SERVERS TECH FZCO in UAE, OMC in Israel, Türk Telekom, and Regxa in Iraq, demonstrating how telecommunications giants and specialized hosting services enable both commodity cybercrime and advanced persistent threat op...

    Pulse ID: 6a0f8f36422c8adb515a9804
    Pulse Link: otx.alienvault.com/pulse/6a0f8
    Pulse Author: AlienVault
    Created: 2026-05-21 23:03:18

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CobaltStrike #CryptoMining #CyberCrime #CyberSecurity #Espionage #InfoSec #IoT #Israel #Malware #MalwareAsAService #MiddleEast #Mirai #OTX #OpenThreatExchange #RAT #SaudiArabia #Sliver #Telecom #Telecommunication #UAE #bot #botnet #AlienVault

  3. Middle East Malicious Infrastructure Report: 1,350+ C2 Servers Mapped Across 98 Providers

    Between February and May 2026, over 1,350 active command-and-control servers were identified across 98 infrastructure providers spanning 14 Middle Eastern countries. Saudi Arabia's STC hosted 981 C2 servers, representing 72.4% of all regional malicious infrastructure, the largest concentration globally. C2 infrastructure dominated at 96.8% of detected activity, with IoT-focused botnets like Hajime, Mozi, and Mirai, alongside offensive frameworks including Tactical RMM, Cobalt Strike, and Sliver representing the primary malware families. The infrastructure supported diverse operations from state-sponsored espionage campaigns like Eagle Werewolf targeting state entities, to Malware-as-a-Service platforms, cryptomining operations, and destructive attacks such as DYNOWIPER. Key providers included SERVERS TECH FZCO in UAE, OMC in Israel, Türk Telekom, and Regxa in Iraq, demonstrating how telecommunications giants and specialized hosting services enable both commodity cybercrime and advanced persistent threat op...

    Pulse ID: 6a0f8f36422c8adb515a9804
    Pulse Link: otx.alienvault.com/pulse/6a0f8
    Pulse Author: AlienVault
    Created: 2026-05-21 23:03:18

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CobaltStrike #CryptoMining #CyberCrime #CyberSecurity #Espionage #InfoSec #IoT #Israel #Malware #MalwareAsAService #MiddleEast #Mirai #OTX #OpenThreatExchange #RAT #SaudiArabia #Sliver #Telecom #Telecommunication #UAE #bot #botnet #AlienVault

  4. Middle East Malicious Infrastructure Report: 1,350+ C2 Servers Mapped Across 98 Providers

    Between February and May 2026, over 1,350 active command-and-control servers were identified across 98 infrastructure providers spanning 14 Middle Eastern countries. Saudi Arabia's STC hosted 981 C2 servers, representing 72.4% of all regional malicious infrastructure, the largest concentration globally. C2 infrastructure dominated at 96.8% of detected activity, with IoT-focused botnets like Hajime, Mozi, and Mirai, alongside offensive frameworks including Tactical RMM, Cobalt Strike, and Sliver representing the primary malware families. The infrastructure supported diverse operations from state-sponsored espionage campaigns like Eagle Werewolf targeting state entities, to Malware-as-a-Service platforms, cryptomining operations, and destructive attacks such as DYNOWIPER. Key providers included SERVERS TECH FZCO in UAE, OMC in Israel, Türk Telekom, and Regxa in Iraq, demonstrating how telecommunications giants and specialized hosting services enable both commodity cybercrime and advanced persistent threat op...

    Pulse ID: 6a0f8f36422c8adb515a9804
    Pulse Link: otx.alienvault.com/pulse/6a0f8
    Pulse Author: AlienVault
    Created: 2026-05-21 23:03:18

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CobaltStrike #CryptoMining #CyberCrime #CyberSecurity #Espionage #InfoSec #IoT #Israel #Malware #MalwareAsAService #MiddleEast #Mirai #OTX #OpenThreatExchange #RAT #SaudiArabia #Sliver #Telecom #Telecommunication #UAE #bot #botnet #AlienVault

  5. Middle East Malicious Infrastructure Report: 1,350+ C2 Servers Mapped Across 98 Providers

    Between February and May 2026, over 1,350 active command-and-control servers were identified across 98 infrastructure providers spanning 14 Middle Eastern countries. Saudi Arabia's STC hosted 981 C2 servers, representing 72.4% of all regional malicious infrastructure, the largest concentration globally. C2 infrastructure dominated at 96.8% of detected activity, with IoT-focused botnets like Hajime, Mozi, and Mirai, alongside offensive frameworks including Tactical RMM, Cobalt Strike, and Sliver representing the primary malware families. The infrastructure supported diverse operations from state-sponsored espionage campaigns like Eagle Werewolf targeting state entities, to Malware-as-a-Service platforms, cryptomining operations, and destructive attacks such as DYNOWIPER. Key providers included SERVERS TECH FZCO in UAE, OMC in Israel, Türk Telekom, and Regxa in Iraq, demonstrating how telecommunications giants and specialized hosting services enable both commodity cybercrime and advanced persistent threat op...

    Pulse ID: 6a0f8f36422c8adb515a9804
    Pulse Link: otx.alienvault.com/pulse/6a0f8
    Pulse Author: AlienVault
    Created: 2026-05-21 23:03:18

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CobaltStrike #CryptoMining #CyberCrime #CyberSecurity #Espionage #InfoSec #IoT #Israel #Malware #MalwareAsAService #MiddleEast #Mirai #OTX #OpenThreatExchange #RAT #SaudiArabia #Sliver #Telecom #Telecommunication #UAE #bot #botnet #AlienVault

  6. Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities

    Cisco Talos tracks active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager, allowing remote attackers to obtain administrative privileges. The exploitation is attributed to UAT-8616, a sophisticated threat actor previously involved in similar attacks. Additionally, multiple threat clusters have been exploiting CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122 since March 2026, following public release of proof-of-concept code by ZeroZenX Labs. Post-compromise activities include deployment of various webshells, including XenShell, Godzilla, and Behinder variants, along with cryptocurrency miners, red team frameworks like Sliver and AdaptixC2, and credential stealers. Ten distinct threat clusters have been identified, each utilizing different malicious tooling and infrastructure. Affected systems require immediate patching and security measures.

    Pulse ID: 6a062c38dfdb5434bb2f0876
    Pulse Link: otx.alienvault.com/pulse/6a062
    Pulse Author: AlienVault
    Created: 2026-05-14 20:10:32

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Cisco #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #Sliver #Talos #Troll #Vulnerability #bot #cryptocurrency #AlienVault

  7. Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities

    Cisco Talos tracks active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager, allowing remote attackers to obtain administrative privileges. The exploitation is attributed to UAT-8616, a sophisticated threat actor previously involved in similar attacks. Additionally, multiple threat clusters have been exploiting CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122 since March 2026, following public release of proof-of-concept code by ZeroZenX Labs. Post-compromise activities include deployment of various webshells, including XenShell, Godzilla, and Behinder variants, along with cryptocurrency miners, red team frameworks like Sliver and AdaptixC2, and credential stealers. Ten distinct threat clusters have been identified, each utilizing different malicious tooling and infrastructure. Affected systems require immediate patching and security measures.

    Pulse ID: 6a062c38dfdb5434bb2f0876
    Pulse Link: otx.alienvault.com/pulse/6a062
    Pulse Author: AlienVault
    Created: 2026-05-14 20:10:32

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Cisco #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #Sliver #Talos #Troll #Vulnerability #bot #cryptocurrency #AlienVault

  8. Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities

    Cisco Talos tracks active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager, allowing remote attackers to obtain administrative privileges. The exploitation is attributed to UAT-8616, a sophisticated threat actor previously involved in similar attacks. Additionally, multiple threat clusters have been exploiting CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122 since March 2026, following public release of proof-of-concept code by ZeroZenX Labs. Post-compromise activities include deployment of various webshells, including XenShell, Godzilla, and Behinder variants, along with cryptocurrency miners, red team frameworks like Sliver and AdaptixC2, and credential stealers. Ten distinct threat clusters have been identified, each utilizing different malicious tooling and infrastructure. Affected systems require immediate patching and security measures.

    Pulse ID: 6a062c38dfdb5434bb2f0876
    Pulse Link: otx.alienvault.com/pulse/6a062
    Pulse Author: AlienVault
    Created: 2026-05-14 20:10:32

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Cisco #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #Sliver #Talos #Troll #Vulnerability #bot #cryptocurrency #AlienVault

  9. Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities

    Cisco Talos tracks active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager, allowing remote attackers to obtain administrative privileges. The exploitation is attributed to UAT-8616, a sophisticated threat actor previously involved in similar attacks. Additionally, multiple threat clusters have been exploiting CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122 since March 2026, following public release of proof-of-concept code by ZeroZenX Labs. Post-compromise activities include deployment of various webshells, including XenShell, Godzilla, and Behinder variants, along with cryptocurrency miners, red team frameworks like Sliver and AdaptixC2, and credential stealers. Ten distinct threat clusters have been identified, each utilizing different malicious tooling and infrastructure. Affected systems require immediate patching and security measures.

    Pulse ID: 6a062c38dfdb5434bb2f0876
    Pulse Link: otx.alienvault.com/pulse/6a062
    Pulse Author: AlienVault
    Created: 2026-05-14 20:10:32

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Cisco #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #Sliver #Talos #Troll #Vulnerability #bot #cryptocurrency #AlienVault

  10. Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities

    Cisco Talos tracks active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager, allowing remote attackers to obtain administrative privileges. The exploitation is attributed to UAT-8616, a sophisticated threat actor previously involved in similar attacks. Additionally, multiple threat clusters have been exploiting CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122 since March 2026, following public release of proof-of-concept code by ZeroZenX Labs. Post-compromise activities include deployment of various webshells, including XenShell, Godzilla, and Behinder variants, along with cryptocurrency miners, red team frameworks like Sliver and AdaptixC2, and credential stealers. Ten distinct threat clusters have been identified, each utilizing different malicious tooling and infrastructure. Affected systems require immediate patching and security measures.

    Pulse ID: 6a062c38dfdb5434bb2f0876
    Pulse Link: otx.alienvault.com/pulse/6a062
    Pulse Author: AlienVault
    Created: 2026-05-14 20:10:32

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Cisco #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #Sliver #Talos #Troll #Vulnerability #bot #cryptocurrency #AlienVault

  11. A Light in the Dark
    atlas.whatip.xyz/post.php?slug
    <p>A thin sliver of Earth&amp;#8217;s edge is brightly illuminated against the vast darkness of space in
    #artemis #sliver #space #light

  12. A Light in the Dark
    atlas.whatip.xyz/post.php?slug
    <p>A thin sliver of Earth&amp;#8217;s edge is brightly illuminated against the vast darkness of space in
    #artemis #sliver #space #light

  13. New blog post!

    This time I talk about my new favorite evasive shellcode loader, Charon. I give a brief overview about what it does, how it works and which techniques it uses.

    Also a brief addendum for enjoyers of bloated Implants such as Sliver.

    ti-kallisti.com/general/ms/des

    #InfoSec #Malware #Shellcode #RedTeam #RedTeaming #Pentesting #Charon #Sliver #Merlin #Mythic

  14. New blog post!

    This time I talk about my new favorite evasive shellcode loader, Charon. I give a brief overview about what it does, how it works and which techniques it uses.

    Also a brief addendum for enjoyers of bloated Implants such as Sliver.

    ti-kallisti.com/general/ms/des

    #InfoSec #Malware #Shellcode #RedTeam #RedTeaming #Pentesting #Charon #Sliver #Merlin #Mythic

  15. New blog post!

    This time I talk about my new favorite evasive shellcode loader, Charon. I give a brief overview about what it does, how it works and which techniques it uses.

    Also a brief addendum for enjoyers of bloated Implants such as Sliver.

    ti-kallisti.com/general/ms/des

    #InfoSec #Malware #Shellcode #RedTeam #RedTeaming #Pentesting #Charon #Sliver #Merlin #Mythic

  16. New blog post!

    This time I talk about my new favorite evasive shellcode loader, Charon. I give a brief overview about what it does, how it works and which techniques it uses.

    Also a brief addendum for enjoyers of bloated Implants such as Sliver.

    ti-kallisti.com/general/ms/des

    #InfoSec #Malware #Shellcode #RedTeam #RedTeaming #Pentesting #Charon #Sliver #Merlin #Mythic

  17. New blog post!

    This time I talk about my new favorite evasive shellcode loader, Charon. I give a brief overview about what it does, how it works and which techniques it uses.

    Also a brief addendum for enjoyers of bloated Implants such as Sliver.

    ti-kallisti.com/general/ms/des

    #InfoSec #Malware #Shellcode #RedTeam #RedTeaming #Pentesting #Charon #Sliver #Merlin #Mythic

  18. «Ждите гостей»: новые инструменты и тактики PhantomCore в атаках на российские компании

    На примере новой атаки PhantomCore - одной из главных киберугроз для российских и белорусских компаний - показываем, как группировка развивает свои инструменты и тактики, внедряет новое ВПО и расширяет спектр используемых технологий, включая AI-решения. Одна из главных особенностей PhantomCore – её постоянная изменчивость: эта АРТ-группа быстро приспосабливается к новым условиям, оперативно меняет инструменты и изобретает нестандартные способы доставки ВПО до атакуемых организаций.

    habr.com/ru/companies/F6/artic

    #phantomcore #apt #kermit_rat #фишинговые_письма #киберразведка #threat_intelligence #mattermost #cyberstrike_ai #mashagent #sliver

  19. «Ждите гостей»: новые инструменты и тактики PhantomCore в атаках на российские компании

    На примере новой атаки PhantomCore - одной из главных киберугроз для российских и белорусских компаний - показываем, как группировка развивает свои инструменты и тактики, внедряет новое ВПО и расширяет спектр используемых технологий, включая AI-решения. Одна из главных особенностей PhantomCore – её постоянная изменчивость: эта АРТ-группа быстро приспосабливается к новым условиям, оперативно меняет инструменты и изобретает нестандартные способы доставки ВПО до атакуемых организаций.

    habr.com/ru/companies/F6/artic

    #phantomcore #apt #kermit_rat #фишинговые_письма #киберразведка #threat_intelligence #mattermost #cyberstrike_ai #mashagent #sliver

  20. «Ждите гостей»: новые инструменты и тактики PhantomCore в атаках на российские компании

    На примере новой атаки PhantomCore - одной из главных киберугроз для российских и белорусских компаний - показываем, как группировка развивает свои инструменты и тактики, внедряет новое ВПО и расширяет спектр используемых технологий, включая AI-решения. Одна из главных особенностей PhantomCore – её постоянная изменчивость: эта АРТ-группа быстро приспосабливается к новым условиям, оперативно меняет инструменты и изобретает нестандартные способы доставки ВПО до атакуемых организаций.

    habr.com/ru/companies/F6/artic

    #phantomcore #apt #kermit_rat #фишинговые_письма #киберразведка #threat_intelligence #mattermost #cyberstrike_ai #mashagent #sliver

  21. «Ждите гостей»: новые инструменты и тактики PhantomCore в атаках на российские компании

    На примере новой атаки PhantomCore - одной из главных киберугроз для российских и белорусских компаний - показываем, как группировка развивает свои инструменты и тактики, внедряет новое ВПО и расширяет спектр используемых технологий, включая AI-решения. Одна из главных особенностей PhantomCore – её постоянная изменчивость: эта АРТ-группа быстро приспосабливается к новым условиям, оперативно меняет инструменты и изобретает нестандартные способы доставки ВПО до атакуемых организаций.

    habr.com/ru/companies/F6/artic

    #phantomcore #apt #kermit_rat #фишинговые_письма #киберразведка #threat_intelligence #mattermost #cyberstrike_ai #mashagent #sliver

  22. Movie TV Tech Geeks #MovieNews #BasicInstinct #Sliver #TheHousemaid Sydney Sweeney’s New Erotic Thriller Just Beat Sharon Stone’s ‘Basic Instinct’ Follow-Up at the Box Office dlvr.it/TQ3k3X

  23. **‘Keseph’: The Use of Silver Money in the Southern Levant from the Middle Bronze Age to the End of the Iron Age (~ 2000–600 BC)**

    "_The Southern Levant saw significant use of silver during the final stages of the Middle Bronze Age, with the first silver-currency hoards appearing at Shiloh and Gezer (~ 1650/1600–1600/1550 BC), predating other regions. Although silver was temporarily replaced by gold in the Late Bronze Age, it re-emerged as the dominant form of money by the Late Bronze Age IIB, ~ 1300 BC, a status it retained until the end of the Iron Age (~ 600 BC), despite occasional shortages._"

    Eshel, T. ‘Keseph’: The Use of Silver Money in the Southern Levant from the Middle Bronze Age to the End of the Iron Age (~ 2000–600 BC). J World Prehist 38, 5 (2025). doi.org/10.1007/s10963-025-091.

    #OpenAccess #OA #Article #Archaeology #Archaeodons #History #BronzeAge #IronAge #Sliver #Money #Levant #NearEast #Academia @archaeodons

  24. **‘Keseph’: The Use of Silver Money in the Southern Levant from the Middle Bronze Age to the End of the Iron Age (~ 2000–600 BC)**

    "_The Southern Levant saw significant use of silver during the final stages of the Middle Bronze Age, with the first silver-currency hoards appearing at Shiloh and Gezer (~ 1650/1600–1600/1550 BC), predating other regions. Although silver was temporarily replaced by gold in the Late Bronze Age, it re-emerged as the dominant form of money by the Late Bronze Age IIB, ~ 1300 BC, a status it retained until the end of the Iron Age (~ 600 BC), despite occasional shortages._"

    Eshel, T. ‘Keseph’: The Use of Silver Money in the Southern Levant from the Middle Bronze Age to the End of the Iron Age (~ 2000–600 BC). J World Prehist 38, 5 (2025). doi.org/10.1007/s10963-025-091.

    #OpenAccess #OA #Article #Archaeology #Archaeodons #History #BronzeAge #IronAge #Sliver #Money #Levant #NearEast #Academia @archaeodons

  25. **‘Keseph’: The Use of Silver Money in the Southern Levant from the Middle Bronze Age to the End of the Iron Age (~ 2000–600 BC)**

    "_The Southern Levant saw significant use of silver during the final stages of the Middle Bronze Age, with the first silver-currency hoards appearing at Shiloh and Gezer (~ 1650/1600–1600/1550 BC), predating other regions. Although silver was temporarily replaced by gold in the Late Bronze Age, it re-emerged as the dominant form of money by the Late Bronze Age IIB, ~ 1300 BC, a status it retained until the end of the Iron Age (~ 600 BC), despite occasional shortages._"

    Eshel, T. ‘Keseph’: The Use of Silver Money in the Southern Levant from the Middle Bronze Age to the End of the Iron Age (~ 2000–600 BC). J World Prehist 38, 5 (2025). doi.org/10.1007/s10963-025-091.

    #OpenAccess #OA #Article #Archaeology #Archaeodons #History #BronzeAge #IronAge #Sliver #Money #Levant #NearEast #Academia @archaeodons

  26. **‘Keseph’: The Use of Silver Money in the Southern Levant from the Middle Bronze Age to the End of the Iron Age (~ 2000–600 BC)**

    "_The Southern Levant saw significant use of silver during the final stages of the Middle Bronze Age, with the first silver-currency hoards appearing at Shiloh and Gezer (~ 1650/1600–1600/1550 BC), predating other regions. Although silver was temporarily replaced by gold in the Late Bronze Age, it re-emerged as the dominant form of money by the Late Bronze Age IIB, ~ 1300 BC, a status it retained until the end of the Iron Age (~ 600 BC), despite occasional shortages._"

    Eshel, T. ‘Keseph’: The Use of Silver Money in the Southern Levant from the Middle Bronze Age to the End of the Iron Age (~ 2000–600 BC). J World Prehist 38, 5 (2025). doi.org/10.1007/s10963-025-091.

    #OpenAccess #OA #Article #Archaeology #Archaeodons #History #BronzeAge #IronAge #Sliver #Money #Levant #NearEast #Academia @archaeodons

  27. Nirvana’s “Sliver” is an eerie reversal of Marx’s adage that history repeats itself “first as tragedy, then as farce.” The song was always a deceptively rich tapestry, but time and fate have since added a layer of meaning even Kurt Cobain couldn’t have anticipated. What began as a tongue-in-cheek parody of childhood loneliness now reads like a ghostly premonition.
    #Sliver #Nirvana #Rock #Song #Lyrics #Analysis
    songreading.wordpress.com/2025

  28. Nirvana’s “Sliver” is an eerie reversal of Marx’s adage that history repeats itself “first as tragedy, then as farce.” The song was always a deceptively rich tapestry, but time and fate have since added a layer of meaning even Kurt Cobain couldn’t have anticipated. What began as a tongue-in-cheek parody of childhood loneliness now reads like a ghostly premonition.
    #Sliver #Nirvana #Rock #Song #Lyrics #Analysis
    songreading.wordpress.com/2025

  29. Nirvana’s “Sliver” is an eerie reversal of Marx’s adage that history repeats itself “first as tragedy, then as farce.” The song was always a deceptively rich tapestry, but time and fate have since added a layer of meaning even Kurt Cobain couldn’t have anticipated. What began as a tongue-in-cheek parody of childhood loneliness now reads like a ghostly premonition.
    #Sliver #Nirvana #Rock #Song #Lyrics #Analysis
    songreading.wordpress.com/2025

  30. Nirvana’s “Sliver” is an eerie reversal of Marx’s adage that history repeats itself “first as tragedy, then as farce.” The song was always a deceptively rich tapestry, but time and fate have since added a layer of meaning even Kurt Cobain couldn’t have anticipated. What began as a tongue-in-cheek parody of childhood loneliness now reads like a ghostly premonition.
    #Sliver #Nirvana #Rock #Song #Lyrics #Analysis
    songreading.wordpress.com/2025

  31. Nirvana’s “Sliver” is an eerie reversal of Marx’s adage that history repeats itself “first as tragedy, then as farce.” The song was always a deceptively rich tapestry, but time and fate have since added a layer of meaning even Kurt Cobain couldn’t have anticipated. What began as a tongue-in-cheek parody of childhood loneliness now reads like a ghostly premonition.
    #Sliver #Nirvana #Rock #Song #Lyrics #Analysis
    songreading.wordpress.com/2025

  32. Инструменты атакующих в 2023–2024 годах

    На конференции OFFZONE 2024, которая прошла в Москве в культурном центре ЗИЛ 22–23 августа, выступил наш сотрудник Семён Рогачёв, руководитель отдела реагирования на инциденты. Он рассказал, какие инструменты сегодня чаще всего используются в кибератаках на российскую Linux- и Windows-инфраструктуру, и объяснил, как эффективно отлавливать и отражать подобные атаки. Мы написали текст по мотивам этого доклада, обогатив его данными за конец 2024 года. Статья будет полезна для тех, кто занимается пентестами и реагированием на инциденты.

    habr.com/ru/companies/bastion/

    #GSocket #инструменты_хакеров #инструменты_для_атак_на_Linux #инструменты_для_атак_на_Windows #реагирование_на_инциденты #soc #расследование_инцидентов #Sliver #разведка_угроз #кибератаки_в_2024

  33. Инструменты атакующих в 2023–2024 годах

    На конференции OFFZONE 2024, которая прошла в Москве в культурном центре ЗИЛ 22–23 августа, выступил наш сотрудник Семён Рогачёв, руководитель отдела реагирования на инциденты. Он рассказал, какие инструменты сегодня чаще всего используются в кибератаках на российскую Linux- и Windows-инфраструктуру, и объяснил, как эффективно отлавливать и отражать подобные атаки. Мы написали текст по мотивам этого доклада, обогатив его данными за конец 2024 года. Статья будет полезна для тех, кто занимается пентестами и реагированием на инциденты.

    habr.com/ru/companies/bastion/

    #GSocket #инструменты_хакеров #инструменты_для_атак_на_Linux #инструменты_для_атак_на_Windows #реагирование_на_инциденты #soc #расследование_инцидентов #Sliver #разведка_угроз #кибератаки_в_2024

  34. Инструменты атакующих в 2023–2024 годах

    На конференции OFFZONE 2024, которая прошла в Москве в культурном центре ЗИЛ 22–23 августа, выступил наш сотрудник Семён Рогачёв, руководитель отдела реагирования на инциденты. Он рассказал, какие инструменты сегодня чаще всего используются в кибератаках на российскую Linux- и Windows-инфраструктуру, и объяснил, как эффективно отлавливать и отражать подобные атаки. Мы написали текст по мотивам этого доклада, обогатив его данными за конец 2024 года. Статья будет полезна для тех, кто занимается пентестами и реагированием на инциденты.

    habr.com/ru/companies/bastion/

    #GSocket #инструменты_хакеров #инструменты_для_атак_на_Linux #инструменты_для_атак_на_Windows #реагирование_на_инциденты #soc #расследование_инцидентов #Sliver #разведка_угроз #кибератаки_в_2024

  35. Инструменты атакующих в 2023–2024 годах

    На конференции OFFZONE 2024, которая прошла в Москве в культурном центре ЗИЛ 22–23 августа, выступил наш сотрудник Семён Рогачёв, руководитель отдела реагирования на инциденты. Он рассказал, какие инструменты сегодня чаще всего используются в кибератаках на российскую Linux- и Windows-инфраструктуру, и объяснил, как эффективно отлавливать и отражать подобные атаки. Мы написали текст по мотивам этого доклада, обогатив его данными за конец 2024 года. Статья будет полезна для тех, кто занимается пентестами и реагированием на инциденты.

    habr.com/ru/companies/bastion/

    #GSocket #инструменты_хакеров #инструменты_для_атак_на_Linux #инструменты_для_атак_на_Windows #реагирование_на_инциденты #soc #расследование_инцидентов #Sliver #разведка_угроз #кибератаки_в_2024

  36. Play Ransomware Engagement

    Unit 42 has identified Jumpy Pisces, a North Korean state-sponsored threat group, as a key player in a recent ransomware incident. The group appears to be collaborating with the Play ransomware group, marking a shift in their tactics. This is the first observed instance of Jumpy Pisces using existing ransomware infrastructure, potentially acting as an initial access broker or an affiliate. The attack timeline spans from May to September 2024, involving initial access through a compromised user account, lateral movement, and persistence using tools like Sliver and DTrack. The incident culminated in the deployment of Play ransomware in early September. This collaboration signals deeper involvement of North Korean threat actors in the broader ransomware landscape, potentially leading to more widespread and damaging attacks globally.

    Pulse ID: 67225f8455c324e956f9ebc1
    Pulse Link: otx.alienvault.com/pulse/67225
    Pulse Author: AlienVault
    Created: 2024-10-30 16:32:04

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #ICS #InfoSec #Korea #NorthKorea #OTX #OpenThreatExchange #PlayRansomware #RAT #RansomWare #Sliver #Unit42 #bot #AlienVault

  37. MimiStick — imitators of Sticky Werewolf

    F.A.C.C.T. Threat Intelligence discovered a malicious file targeting Russian defense industry enterprises. Initially thought to be the work of Sticky Werewolf, further analysis revealed a new threat actor named MimiStick. The attack used a PDF lure mimicking a letter from the Russian Ministry of Labor. The malware employed a multi-stage infection chain, ultimately deploying a Sliver implant. Later findings confirmed the campaign was indeed Sticky Werewolf, who had expanded their toolkit to include Sliver implant alongside their existing Quasar RAT. The group registered multiple domains, including one impersonating the Ministry of Labor, likely for future phishing campaigns.

    Pulse ID: 66f6e5caacbbdd830c3f1c8c
    Pulse Link: otx.alienvault.com/pulse/66f6e
    Pulse Author: AlienVault
    Created: 2024-09-27 17:05:14

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #InfoSec #Malware #Mimic #OTX #OpenThreatExchange #PDF #Phishing #RAT #Russia #Sliver #StickyWerewolf #bot #AlienVault