home.social

#threat-intelligence — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #threat-intelligence, aggregated by home.social.

fetched live
  1. 🚨New ransom group blog posts!🚨

    Group name: safepay
    Post title: shw-fr.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: lh-wohnverbund-wohnen-nrw.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: stedwardscatholicfirstschool.co.uk
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: rtngmbh.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: knobel-bau.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: caritas-koblenz.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: bmiprojects.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: matrixwebagency.com
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: hahn-airport.de
    Info: cti.fyi/groups/safepay.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  2. 🚨New ransom group blog posts!🚨

    Group name: safepay
    Post title: shw-fr.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: lh-wohnverbund-wohnen-nrw.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: stedwardscatholicfirstschool.co.uk
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: rtngmbh.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: knobel-bau.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: caritas-koblenz.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: bmiprojects.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: matrixwebagency.com
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: hahn-airport.de
    Info: cti.fyi/groups/safepay.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  3. 🚨New ransom group blog posts!🚨

    Group name: Booba Project
    Post title: Edwards_Michael.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: canvas.png
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: Bob_Saffari_Social_Security_Card.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: BL_License.pdf
    Info: cti.fyi/groups/Booba Project.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  4. 🚨New ransom group blog posts!🚨

    Group name: Booba Project
    Post title: Edwards_Michael.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: canvas.png
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: Bob_Saffari_Social_Security_Card.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: BL_License.pdf
    Info: cti.fyi/groups/Booba Project.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  5. We track algorithms that generate domain names (RDGA). Now we're looking at one that generates the content. It's a strange collision of domain parking and AI generated nonsense.

    A portfolio of parked domains, each with a wildcard DNS record and a backend that serves pre-generated AI content for specific keyword combinations:

    - insurance.howtomakeasmoothie[.]com → "Why You Need Insurance When Making Smoothies"
    - insurance.backsplashdesign[.]com → "A Guide to Backsplash Insurance"
    - yacht.insurance.backpainmedication[.]com → a wellness journey involving sailing, spinal health, and coverage options

    The subdomain labels are the content brief. The domain topic is the flavour. The result is grammatically sound, mildly persuasive, and reads like it was written by someone who has heard of both topics but has never encountered either. It's AI slop at its finest. The article on smoothie insurance confidently recommends coverage "for peace of mind." The one on backsplash insurance suggests you may need a specialist endorsement. Nobody proofread these. Nobody needed to — the target audience is a crawler, not a person, and crawlers don't find non-sequiturs suspicious.

    One template, one analytics pixel (stats.computer[.]com), one CDN (images.computer[.]com) — repeated across what appears to be a large portfolio of parked-for-sale domains, each advertising itself for sale in the page header while the AI content quietly earns its keep.

    Unknown subdomains redirect to the parking marketplace. Only the pre-generated keyword combinations serve content — "insurance" being the obvious choice at the CPM rates that keyword commands.

    We're not flagging a threat. It's the technique that's worth noting as an indicator of where we could be headed. RDGAs generate domain names at scale to serve malware or evade detection. This applies the same logic to content. And the wildcard DNS backend is already exactly what you'd need for the next step: on-demand generation, where a query could produce a fresh AI-written page in real time. That capability exists now. It just isn't what's running here. Yet.

    #dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #spam #adtech #rdga

  6. We track algorithms that generate domain names (RDGA). Now we're looking at one that generates the content. It's a strange collision of domain parking and AI generated nonsense.

    A portfolio of parked domains, each with a wildcard DNS record and a backend that serves pre-generated AI content for specific keyword combinations:

    - insurance.howtomakeasmoothie[.]com → "Why You Need Insurance When Making Smoothies"
    - insurance.backsplashdesign[.]com → "A Guide to Backsplash Insurance"
    - yacht.insurance.backpainmedication[.]com → a wellness journey involving sailing, spinal health, and coverage options

    The subdomain labels are the content brief. The domain topic is the flavour. The result is grammatically sound, mildly persuasive, and reads like it was written by someone who has heard of both topics but has never encountered either. It's AI slop at its finest. The article on smoothie insurance confidently recommends coverage "for peace of mind." The one on backsplash insurance suggests you may need a specialist endorsement. Nobody proofread these. Nobody needed to — the target audience is a crawler, not a person, and crawlers don't find non-sequiturs suspicious.

    One template, one analytics pixel (stats.computer[.]com), one CDN (images.computer[.]com) — repeated across what appears to be a large portfolio of parked-for-sale domains, each advertising itself for sale in the page header while the AI content quietly earns its keep.

    Unknown subdomains redirect to the parking marketplace. Only the pre-generated keyword combinations serve content — "insurance" being the obvious choice at the CPM rates that keyword commands.

    We're not flagging a threat. It's the technique that's worth noting as an indicator of where we could be headed. RDGAs generate domain names at scale to serve malware or evade detection. This applies the same logic to content. And the wildcard DNS backend is already exactly what you'd need for the next step: on-demand generation, where a query could produce a fresh AI-written page in real time. That capability exists now. It just isn't what's running here. Yet.

    #dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #spam #adtech #rdga

  7. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: Answer Precision Tool
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Precision Steel Services
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Keystone Homes
    Info: cti.fyi/groups/qilin.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  8. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: Answer Precision Tool
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Precision Steel Services
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Keystone Homes
    Info: cti.fyi/groups/qilin.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  9. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: LabelDaddy
    Info: cti.fyi/groups/qilin.html

    Group name: ransomhouse
    Post title: [DISCLOSED]Prince George County
    Info: cti.fyi/groups/ransomhouse.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  10. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: LabelDaddy
    Info: cti.fyi/groups/qilin.html

    Group name: ransomhouse
    Post title: [DISCLOSED]Prince George County
    Info: cti.fyi/groups/ransomhouse.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  11. 🚨New ransom group blog posts!🚨

    Group name: genesis
    Post title: East Texas Family Medicine
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: Synergy Interactive
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: Dunagan Associates
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: Westgate
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: SBI Software
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: Bri-Tech, Inc
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: Mirage Endoscopy Center
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: Apex Agro, LLC
    Info: cti.fyi/groups/genesis.html

    Group name: payload
    Post title: Vela Film S.r.l.
    Info: cti.fyi/groups/payload.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  12. 🚨New ransom group blog posts!🚨

    Group name: genesis
    Post title: East Texas Family Medicine
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: Synergy Interactive
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: Dunagan Associates
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: Westgate
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: SBI Software
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: Bri-Tech, Inc
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: Mirage Endoscopy Center
    Info: cti.fyi/groups/genesis.html

    Group name: genesis
    Post title: Apex Agro, LLC
    Info: cti.fyi/groups/genesis.html

    Group name: payload
    Post title: Vela Film S.r.l.
    Info: cti.fyi/groups/payload.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  13. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: TQ Financial Services
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Sisint
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Sitmatic
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Goodwill Manasota
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Md Lewis
    Info: cti.fyi/groups/qilin.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  14. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: TQ Financial Services
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Sisint
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Sitmatic
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Goodwill Manasota
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Md Lewis
    Info: cti.fyi/groups/qilin.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  15. 🚨New ransom group blog posts!🚨

    Group name: pear
    Post title: CNW Electronics Pte Ltd
    Info: cti.fyi/groups/pear.html

    Group name: pear
    Post title: AC Beverage, Inc.
    Info: cti.fyi/groups/pear.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  16. 🚨New ransom group blog posts!🚨

    Group name: pear
    Post title: CNW Electronics Pte Ltd
    Info: cti.fyi/groups/pear.html

    Group name: pear
    Post title: AC Beverage, Inc.
    Info: cti.fyi/groups/pear.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  17. 🚨New ransom group blog posts!🚨

    Group name: incransom
    Post title: tricountyhs.org
    Info: cti.fyi/groups/incransom.html

    Group name: incransom
    Post title: tambasa.com
    Info: cti.fyi/groups/incransom.html

    Group name: incransom
    Post title: hamilton-eye.com
    Info: cti.fyi/groups/incransom.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  18. 🚨New ransom group blog posts!🚨

    Group name: incransom
    Post title: tricountyhs.org
    Info: cti.fyi/groups/incransom.html

    Group name: incransom
    Post title: tambasa.com
    Info: cti.fyi/groups/incransom.html

    Group name: incransom
    Post title: hamilton-eye.com
    Info: cti.fyi/groups/incransom.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  19. 🚨New ransom group blog posts!🚨

    Group name: incransom
    Post title: ezortea.com.br
    Info: cti.fyi/groups/incransom.html

    Group name: incransom
    Post title: carvalima.com.br
    Info: cti.fyi/groups/incransom.html

    Group name: incransom
    Post title: acworth-ga.gov
    Info: cti.fyi/groups/incransom.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  20. 🚨New ransom group blog posts!🚨

    Group name: incransom
    Post title: ezortea.com.br
    Info: cti.fyi/groups/incransom.html

    Group name: incransom
    Post title: carvalima.com.br
    Info: cti.fyi/groups/incransom.html

    Group name: incransom
    Post title: acworth-ga.gov
    Info: cti.fyi/groups/incransom.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  21. 🚨New ransom group blog posts!🚨

    Group name: worldleaks
    Post title: Treet Group of Companies
    Info: cti.fyi/groups/worldleaks.html

    Group name: worldleaks
    Post title: Service IT
    Info: cti.fyi/groups/worldleaks.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  22. 🚨New ransom group blog posts!🚨

    Group name: worldleaks
    Post title: Treet Group of Companies
    Info: cti.fyi/groups/worldleaks.html

    Group name: worldleaks
    Post title: Service IT
    Info: cti.fyi/groups/worldleaks.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  23. 🔐 Another milestone for RELIANOID!

    We've now reported 33,000+ malicious IP addresses to AbuseIPDB, helping improve global threat intelligence and strengthen cybersecurity for everyone.

    As an open-source company, we believe security is a shared responsibility. We'll keep contributing to a safer, more resilient Internet through responsible threat reporting and community collaboration. 💙

    relianoid.com/security-complia

  24. 🚨New ransom group blog post!🚨

    Group name: incransom
    Post title: Colorado Rehabilitation and Occupational Medicine
    Info: cti.fyi/groups/incransom.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  25. 🚨New ransom group blog posts!🚨

    Group name: safepay
    Post title: eaglecrestlife.org
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: dia179.com
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: awo-suedost.de
    Info: cti.fyi/groups/safepay.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec