home.social

#threat-intelligence — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #threat-intelligence, aggregated by home.social.

fetched live
  1. 🚨New ransom group blog posts!🚨

    Group name: incransom
    Post title: samberger24.de
    Info: cti.fyi/groups/incransom.html

    Group name: incransom
    Post title: tecnocurva.com.br
    Info: cti.fyi/groups/incransom.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  2. 🚨New ransom group blog posts!🚨

    Group name: incransom
    Post title: samberger24.de
    Info: cti.fyi/groups/incransom.html

    Group name: incransom
    Post title: tecnocurva.com.br
    Info: cti.fyi/groups/incransom.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  3. 🚨New ransom group blog posts!🚨

    Group name: incransom
    Post title: samberger24.de
    Info: cti.fyi/groups/incransom.html

    Group name: incransom
    Post title: tecnocurva.com.br
    Info: cti.fyi/groups/incransom.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  4. 🚨New ransom group blog posts!🚨

    Group name: incransom
    Post title: samberger24.de
    Info: cti.fyi/groups/incransom.html

    Group name: incransom
    Post title: tecnocurva.com.br
    Info: cti.fyi/groups/incransom.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  5. 🚨New ransom group blog posts!🚨

    Group name: incransom
    Post title: samberger24.de
    Info: cti.fyi/groups/incransom.html

    Group name: incransom
    Post title: tecnocurva.com.br
    Info: cti.fyi/groups/incransom.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  6. 🚨New ransom group blog posts!🚨

    Group name: safepay
    Post title: shw-fr.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: lh-wohnverbund-wohnen-nrw.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: stedwardscatholicfirstschool.co.uk
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: rtngmbh.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: knobel-bau.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: caritas-koblenz.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: bmiprojects.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: matrixwebagency.com
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: hahn-airport.de
    Info: cti.fyi/groups/safepay.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  7. 🚨New ransom group blog posts!🚨

    Group name: safepay
    Post title: shw-fr.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: lh-wohnverbund-wohnen-nrw.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: stedwardscatholicfirstschool.co.uk
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: rtngmbh.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: knobel-bau.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: caritas-koblenz.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: bmiprojects.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: matrixwebagency.com
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: hahn-airport.de
    Info: cti.fyi/groups/safepay.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  8. 🚨New ransom group blog posts!🚨

    Group name: safepay
    Post title: shw-fr.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: lh-wohnverbund-wohnen-nrw.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: stedwardscatholicfirstschool.co.uk
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: rtngmbh.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: knobel-bau.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: caritas-koblenz.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: bmiprojects.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: matrixwebagency.com
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: hahn-airport.de
    Info: cti.fyi/groups/safepay.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  9. 🚨New ransom group blog posts!🚨

    Group name: safepay
    Post title: shw-fr.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: lh-wohnverbund-wohnen-nrw.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: stedwardscatholicfirstschool.co.uk
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: rtngmbh.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: knobel-bau.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: caritas-koblenz.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: bmiprojects.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: matrixwebagency.com
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: hahn-airport.de
    Info: cti.fyi/groups/safepay.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  10. 🚨New ransom group blog posts!🚨

    Group name: safepay
    Post title: shw-fr.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: lh-wohnverbund-wohnen-nrw.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: stedwardscatholicfirstschool.co.uk
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: rtngmbh.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: knobel-bau.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: caritas-koblenz.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: bmiprojects.de
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: matrixwebagency.com
    Info: cti.fyi/groups/safepay.html

    Group name: safepay
    Post title: hahn-airport.de
    Info: cti.fyi/groups/safepay.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  11. 🚨New ransom group blog posts!🚨

    Group name: Booba Project
    Post title: Edwards_Michael.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: canvas.png
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: Bob_Saffari_Social_Security_Card.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: BL_License.pdf
    Info: cti.fyi/groups/Booba Project.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  12. 🚨New ransom group blog posts!🚨

    Group name: Booba Project
    Post title: Edwards_Michael.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: canvas.png
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: Bob_Saffari_Social_Security_Card.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: BL_License.pdf
    Info: cti.fyi/groups/Booba Project.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  13. 🚨New ransom group blog posts!🚨

    Group name: Booba Project
    Post title: Edwards_Michael.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: canvas.png
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: Bob_Saffari_Social_Security_Card.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: BL_License.pdf
    Info: cti.fyi/groups/Booba Project.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  14. 🚨New ransom group blog posts!🚨

    Group name: Booba Project
    Post title: Edwards_Michael.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: canvas.png
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: Bob_Saffari_Social_Security_Card.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: BL_License.pdf
    Info: cti.fyi/groups/Booba Project.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  15. 🚨New ransom group blog posts!🚨

    Group name: Booba Project
    Post title: Edwards_Michael.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: canvas.png
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: Bob_Saffari_Social_Security_Card.pdf
    Info: cti.fyi/groups/Booba Project.html

    Group name: Booba Project
    Post title: BL_License.pdf
    Info: cti.fyi/groups/Booba Project.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  16. We track algorithms that generate domain names (RDGA). Now we're looking at one that generates the content. It's a strange collision of domain parking and AI generated nonsense.

    A portfolio of parked domains, each with a wildcard DNS record and a backend that serves pre-generated AI content for specific keyword combinations:

    - insurance.howtomakeasmoothie[.]com → "Why You Need Insurance When Making Smoothies"
    - insurance.backsplashdesign[.]com → "A Guide to Backsplash Insurance"
    - yacht.insurance.backpainmedication[.]com → a wellness journey involving sailing, spinal health, and coverage options

    The subdomain labels are the content brief. The domain topic is the flavour. The result is grammatically sound, mildly persuasive, and reads like it was written by someone who has heard of both topics but has never encountered either. It's AI slop at its finest. The article on smoothie insurance confidently recommends coverage "for peace of mind." The one on backsplash insurance suggests you may need a specialist endorsement. Nobody proofread these. Nobody needed to — the target audience is a crawler, not a person, and crawlers don't find non-sequiturs suspicious.

    One template, one analytics pixel (stats.computer[.]com), one CDN (images.computer[.]com) — repeated across what appears to be a large portfolio of parked-for-sale domains, each advertising itself for sale in the page header while the AI content quietly earns its keep.

    Unknown subdomains redirect to the parking marketplace. Only the pre-generated keyword combinations serve content — "insurance" being the obvious choice at the CPM rates that keyword commands.

    We're not flagging a threat. It's the technique that's worth noting as an indicator of where we could be headed. RDGAs generate domain names at scale to serve malware or evade detection. This applies the same logic to content. And the wildcard DNS backend is already exactly what you'd need for the next step: on-demand generation, where a query could produce a fresh AI-written page in real time. That capability exists now. It just isn't what's running here. Yet.

    #dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #spam #adtech #rdga

  17. We track algorithms that generate domain names (RDGA). Now we're looking at one that generates the content. It's a strange collision of domain parking and AI generated nonsense.

    A portfolio of parked domains, each with a wildcard DNS record and a backend that serves pre-generated AI content for specific keyword combinations:

    - insurance.howtomakeasmoothie[.]com → "Why You Need Insurance When Making Smoothies"
    - insurance.backsplashdesign[.]com → "A Guide to Backsplash Insurance"
    - yacht.insurance.backpainmedication[.]com → a wellness journey involving sailing, spinal health, and coverage options

    The subdomain labels are the content brief. The domain topic is the flavour. The result is grammatically sound, mildly persuasive, and reads like it was written by someone who has heard of both topics but has never encountered either. It's AI slop at its finest. The article on smoothie insurance confidently recommends coverage "for peace of mind." The one on backsplash insurance suggests you may need a specialist endorsement. Nobody proofread these. Nobody needed to — the target audience is a crawler, not a person, and crawlers don't find non-sequiturs suspicious.

    One template, one analytics pixel (stats.computer[.]com), one CDN (images.computer[.]com) — repeated across what appears to be a large portfolio of parked-for-sale domains, each advertising itself for sale in the page header while the AI content quietly earns its keep.

    Unknown subdomains redirect to the parking marketplace. Only the pre-generated keyword combinations serve content — "insurance" being the obvious choice at the CPM rates that keyword commands.

    We're not flagging a threat. It's the technique that's worth noting as an indicator of where we could be headed. RDGAs generate domain names at scale to serve malware or evade detection. This applies the same logic to content. And the wildcard DNS backend is already exactly what you'd need for the next step: on-demand generation, where a query could produce a fresh AI-written page in real time. That capability exists now. It just isn't what's running here. Yet.

    #dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #spam #adtech #rdga

  18. We track algorithms that generate domain names (RDGA). Now we're looking at one that generates the content. It's a strange collision of domain parking and AI generated nonsense.

    A portfolio of parked domains, each with a wildcard DNS record and a backend that serves pre-generated AI content for specific keyword combinations:

    - insurance.howtomakeasmoothie[.]com → "Why You Need Insurance When Making Smoothies"
    - insurance.backsplashdesign[.]com → "A Guide to Backsplash Insurance"
    - yacht.insurance.backpainmedication[.]com → a wellness journey involving sailing, spinal health, and coverage options

    The subdomain labels are the content brief. The domain topic is the flavour. The result is grammatically sound, mildly persuasive, and reads like it was written by someone who has heard of both topics but has never encountered either. It's AI slop at its finest. The article on smoothie insurance confidently recommends coverage "for peace of mind." The one on backsplash insurance suggests you may need a specialist endorsement. Nobody proofread these. Nobody needed to — the target audience is a crawler, not a person, and crawlers don't find non-sequiturs suspicious.

    One template, one analytics pixel (stats.computer[.]com), one CDN (images.computer[.]com) — repeated across what appears to be a large portfolio of parked-for-sale domains, each advertising itself for sale in the page header while the AI content quietly earns its keep.

    Unknown subdomains redirect to the parking marketplace. Only the pre-generated keyword combinations serve content — "insurance" being the obvious choice at the CPM rates that keyword commands.

    We're not flagging a threat. It's the technique that's worth noting as an indicator of where we could be headed. RDGAs generate domain names at scale to serve malware or evade detection. This applies the same logic to content. And the wildcard DNS backend is already exactly what you'd need for the next step: on-demand generation, where a query could produce a fresh AI-written page in real time. That capability exists now. It just isn't what's running here. Yet.

    #dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #spam #adtech #rdga

  19. We track algorithms that generate domain names (RDGA). Now we're looking at one that generates the content. It's a strange collision of domain parking and AI generated nonsense.

    A portfolio of parked domains, each with a wildcard DNS record and a backend that serves pre-generated AI content for specific keyword combinations:

    - insurance.howtomakeasmoothie[.]com → "Why You Need Insurance When Making Smoothies"
    - insurance.backsplashdesign[.]com → "A Guide to Backsplash Insurance"
    - yacht.insurance.backpainmedication[.]com → a wellness journey involving sailing, spinal health, and coverage options

    The subdomain labels are the content brief. The domain topic is the flavour. The result is grammatically sound, mildly persuasive, and reads like it was written by someone who has heard of both topics but has never encountered either. It's AI slop at its finest. The article on smoothie insurance confidently recommends coverage "for peace of mind." The one on backsplash insurance suggests you may need a specialist endorsement. Nobody proofread these. Nobody needed to — the target audience is a crawler, not a person, and crawlers don't find non-sequiturs suspicious.

    One template, one analytics pixel (stats.computer[.]com), one CDN (images.computer[.]com) — repeated across what appears to be a large portfolio of parked-for-sale domains, each advertising itself for sale in the page header while the AI content quietly earns its keep.

    Unknown subdomains redirect to the parking marketplace. Only the pre-generated keyword combinations serve content — "insurance" being the obvious choice at the CPM rates that keyword commands.

    We're not flagging a threat. It's the technique that's worth noting as an indicator of where we could be headed. RDGAs generate domain names at scale to serve malware or evade detection. This applies the same logic to content. And the wildcard DNS backend is already exactly what you'd need for the next step: on-demand generation, where a query could produce a fresh AI-written page in real time. That capability exists now. It just isn't what's running here. Yet.

    #dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #spam #adtech #rdga

  20. We track algorithms that generate domain names (RDGA). Now we're looking at one that generates the content. It's a strange collision of domain parking and AI generated nonsense.

    A portfolio of parked domains, each with a wildcard DNS record and a backend that serves pre-generated AI content for specific keyword combinations:

    - insurance.howtomakeasmoothie[.]com → "Why You Need Insurance When Making Smoothies"
    - insurance.backsplashdesign[.]com → "A Guide to Backsplash Insurance"
    - yacht.insurance.backpainmedication[.]com → a wellness journey involving sailing, spinal health, and coverage options

    The subdomain labels are the content brief. The domain topic is the flavour. The result is grammatically sound, mildly persuasive, and reads like it was written by someone who has heard of both topics but has never encountered either. It's AI slop at its finest. The article on smoothie insurance confidently recommends coverage "for peace of mind." The one on backsplash insurance suggests you may need a specialist endorsement. Nobody proofread these. Nobody needed to — the target audience is a crawler, not a person, and crawlers don't find non-sequiturs suspicious.

    One template, one analytics pixel (stats.computer[.]com), one CDN (images.computer[.]com) — repeated across what appears to be a large portfolio of parked-for-sale domains, each advertising itself for sale in the page header while the AI content quietly earns its keep.

    Unknown subdomains redirect to the parking marketplace. Only the pre-generated keyword combinations serve content — "insurance" being the obvious choice at the CPM rates that keyword commands.

    We're not flagging a threat. It's the technique that's worth noting as an indicator of where we could be headed. RDGAs generate domain names at scale to serve malware or evade detection. This applies the same logic to content. And the wildcard DNS backend is already exactly what you'd need for the next step: on-demand generation, where a query could produce a fresh AI-written page in real time. That capability exists now. It just isn't what's running here. Yet.

    #dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #spam #adtech #rdga

  21. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: Answer Precision Tool
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Precision Steel Services
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Keystone Homes
    Info: cti.fyi/groups/qilin.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  22. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: Answer Precision Tool
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Precision Steel Services
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Keystone Homes
    Info: cti.fyi/groups/qilin.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  23. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: Answer Precision Tool
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Precision Steel Services
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Keystone Homes
    Info: cti.fyi/groups/qilin.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  24. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: Answer Precision Tool
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Precision Steel Services
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Keystone Homes
    Info: cti.fyi/groups/qilin.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  25. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: Answer Precision Tool
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Precision Steel Services
    Info: cti.fyi/groups/qilin.html

    Group name: qilin
    Post title: Keystone Homes
    Info: cti.fyi/groups/qilin.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  26. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: LabelDaddy
    Info: cti.fyi/groups/qilin.html

    Group name: ransomhouse
    Post title: [DISCLOSED]Prince George County
    Info: cti.fyi/groups/ransomhouse.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  27. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: LabelDaddy
    Info: cti.fyi/groups/qilin.html

    Group name: ransomhouse
    Post title: [DISCLOSED]Prince George County
    Info: cti.fyi/groups/ransomhouse.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  28. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: LabelDaddy
    Info: cti.fyi/groups/qilin.html

    Group name: ransomhouse
    Post title: [DISCLOSED]Prince George County
    Info: cti.fyi/groups/ransomhouse.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  29. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: LabelDaddy
    Info: cti.fyi/groups/qilin.html

    Group name: ransomhouse
    Post title: [DISCLOSED]Prince George County
    Info: cti.fyi/groups/ransomhouse.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  30. 🚨New ransom group blog posts!🚨

    Group name: qilin
    Post title: LabelDaddy
    Info: cti.fyi/groups/qilin.html

    Group name: ransomhouse
    Post title: [DISCLOSED]Prince George County
    Info: cti.fyi/groups/ransomhouse.html

    #ransomware #cti #threatintelligence #cybersecurity #infosec

  31. Most teams spend 45–90 minutes translating a CISA advisory.
    We eliminated that delay.

    TheCyberMind™ delivers deployable defensive intelligence in minutes — executive and technical layers included.

    TheCyberMind™ Premium Threat Intel Feed is now live.

    Access here:
    thecybermind.co/the-cyber-mind

    #cybersecurity #threatintelligence

  32. Most teams spend 45–90 minutes translating a CISA advisory.
    We eliminated that delay.

    TheCyberMind™ delivers deployable defensive intelligence in minutes — executive and technical layers included.

    TheCyberMind™ Premium Threat Intel Feed is now live.

    Access here:
    thecybermind.co/the-cyber-mind

    #cybersecurity #threatintelligence