#threatintel — Public Fediverse posts

[SHADOWBYT3$] - Ransomware Victim: Hotelogix - https://www.redpacketsecurity.com/shadowbyt3-ransomware-victim-hotelogix/

#shadowbyt3 #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[QILIN] - Ransomware Victim: Schulte-Lindhorst GmbH & Co[.] - https://www.redpacketsecurity.com/qilin-ransomware-victim-schulte-lindhorst-gmbh-co/

#qilin #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[SHADOWBYT3$] - Ransomware Victim: University Of Georgia - https://www.redpacketsecurity.com/shadowbyt3-ransomware-victim-university-of-georgia/

#shadowbyt3 #dark_web #data_breach #OSINT #ransomware #threatintel #tor

New.

Microsoft: Kazuar: Anatomy of a nation-state botnet https://www.microsoft.com/en-us/security/blog/2026/05/14/kazuar-anatomy-of-a-nation-state-botnet/ #Microsoft #infosec #botnet #threatintel #threatintelligence #malware

[AKIRA] - Ransomware Victim: Institute of PrivateEnterprise Development - https://www.redpacketsecurity.com/akira-ransomware-victim-institute-of-privateenterprise-development/

#akira #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[ABYSS] - Ransomware Victim: technic[.]com - https://www.redpacketsecurity.com/abyss-ransomware-victim-technic-com/

#abyss #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[CMDORGANIZATION] - Ransomware Victim: Goodstone Group - https://www.redpacketsecurity.com/cmdorganization-ransomware-victim-goodstone-group/

#cmdorganization #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[QILIN] - Ransomware Victim: Fab-Masters - https://www.redpacketsecurity.com/qilin-ransomware-victim-fab-masters/

#qilin #dark_web #data_breach #OSINT #ransomware #threatintel #tor

Stolen phones - and specifically iPhones - have robust anti-theft protections. They are worthless once they're flagged - locked to their owner. So why are millions still being stolen every year?
In this paper, we uncover a thriving underground marketplace focused on unlocking stolen phones. It is powered by:

Lookalike domains impersonating Apple, Xiaomi, Samsung and other brands
Smishing campaigns targeting device owners
Pay‑as‑you‑go “unlocking” tools sold on Telegram
By pivoting on DNS data, we identified 10,000+ malicious domains and a growing ecosystem turning locked devices into profit at scale.

👉 Read how this supply chain works—from theft to resale—and why it’s growing fast. https://www.infoblox.com/blog/threat-intelligence/lookalike-domains-expose-the-iphone-theft-economy/

#ThreatIntel #CyberSecurity #Phishing #MobileSecurity #iOS #Smishing #dns #threatintelligence #cybercrime #infosec #infoblox #infobloxthreatintel #threatintelligence #cybercrime  #infosec #infoblox #infobloxthreatintel

Stolen phones - and specifically iPhones - have robust anti-theft protections. They are worthless once they're flagged - locked to their owner. So why are millions still being stolen every year?
In this paper, we uncover a thriving underground marketplace focused on unlocking stolen phones. It is powered by:

Lookalike domains impersonating Apple, Xiaomi, Samsung and other brands
Smishing campaigns targeting device owners
Pay‑as‑you‑go “unlocking” tools sold on Telegram
By pivoting on DNS data, we identified 10,000+ malicious domains and a growing ecosystem turning locked devices into profit at scale.

👉 Read how this supply chain works—from theft to resale—and why it’s growing fast. https://www.infoblox.com/blog/threat-intelligence/lookalike-domains-expose-the-iphone-theft-economy/

#ThreatIntel #CyberSecurity #Phishing #MobileSecurity #iOS #Smishing #dns #threatintelligence #cybercrime #infosec #infoblox #infobloxthreatintel #threatintelligence #cybercrime  #infosec #infoblox #infobloxthreatintel

Stolen phones - and specifically iPhones - have robust anti-theft protections. They are worthless once they're flagged - locked to their owner. So why are millions still being stolen every year?
In this paper, we uncover a thriving underground marketplace focused on unlocking stolen phones. It is powered by:

Lookalike domains impersonating Apple, Xiaomi, Samsung and other brands
Smishing campaigns targeting device owners
Pay‑as‑you‑go “unlocking” tools sold on Telegram
By pivoting on DNS data, we identified 10,000+ malicious domains and a growing ecosystem turning locked devices into profit at scale.

👉 Read how this supply chain works—from theft to resale—and why it’s growing fast. https://www.infoblox.com/blog/threat-intelligence/lookalike-domains-expose-the-iphone-theft-economy/

#ThreatIntel #CyberSecurity #Phishing #MobileSecurity #iOS #Smishing #dns #threatintelligence #cybercrime #infosec #infoblox #infobloxthreatintel #threatintelligence #cybercrime  #infosec #infoblox #infobloxthreatintel

Stolen phones - and specifically iPhones - have robust anti-theft protections. They are worthless once they're flagged - locked to their owner. So why are millions still being stolen every year?
In this paper, we uncover a thriving underground marketplace focused on unlocking stolen phones. It is powered by:

Lookalike domains impersonating Apple, Xiaomi, Samsung and other brands
Smishing campaigns targeting device owners
Pay‑as‑you‑go “unlocking” tools sold on Telegram
By pivoting on DNS data, we identified 10,000+ malicious domains and a growing ecosystem turning locked devices into profit at scale.

👉 Read how this supply chain works—from theft to resale—and why it’s growing fast. https://www.infoblox.com/blog/threat-intelligence/lookalike-domains-expose-the-iphone-theft-economy/

#ThreatIntel #CyberSecurity #Phishing #MobileSecurity #iOS #Smishing #dns #threatintelligence #cybercrime #infosec #infoblox #infobloxthreatintel #threatintelligence #cybercrime  #infosec #infoblox #infobloxthreatintel

[MORPHEUS] - Ransomware Victim: BAYTECH A/S - https://www.redpacketsecurity.com/morpheus-ransomware-victim-baytech-a-s/

#morpheus #dark_web #data_breach #OSINT #ransomware #threatintel #tor

GoPhish Login Page Detected - 108[.]162[.]67[.]124:443 - https://www.redpacketsecurity.com/gophish-login-detected-108-162-67-124-port-443/

#GoPhish #OSINT #ThreatIntel

Critical Vulnerabilities in Palo Alto Networks PAN-OS - https://www.redpacketsecurity.com/csa-gov-sg-critical-vulnerabilities-in-palo-alto-networks-pan-os-14-05-2026/

#threatintel #osint

[CMDORGANIZATION] - Ransomware Victim: Ira & Larry Goldberg Coins & Collectibles - https://www.redpacketsecurity.com/cmdorganization-ransomware-victim-ira-larry-goldberg-coins-collectibles/

#cmdorganization #dark_web #data_breach #OSINT #ransomware #threatintel #tor

NGINX POC available
#threatintel #cve

https://depthfirst.com/research/nginx-rift-achieving-nginx-rce-via-an-18-year-old-vulnerability

https://github.com/depthfirstdisclosures/nginx-rift

Sliver C2 Detected - 51[.]195[.]119[.]119:31337 - https://www.redpacketsecurity.com/sliver-c2-detected-51-195-119-119-port-31337/

#SliverC2 #OSINT #ThreatIntel

Sliver C2 Detected - 45[.]66[.]248[.]233:31337 - https://www.redpacketsecurity.com/sliver-c2-detected-45-66-248-233-port-31337/

#SliverC2 #OSINT #ThreatIntel

Sliver C2 Detected - 147[.]182[.]231[.]214:1337 - https://www.redpacketsecurity.com/sliver-c2-detected-147-182-231-214-port-1337/

#SliverC2 #OSINT #ThreatIntel

[KILLSEC] - Ransomware Victim: dsdlawfirm[.]com - https://www.redpacketsecurity.com/killsec-ransomware-victim-dsdlawfirm-com/

#killsec #dark_web #data_breach #OSINT #ransomware #threatintel #tor

Canada Life - 237,810 breached accounts - https://www.redpacketsecurity.com/canada-life-237-810-breached-accounts/

#databreach #HaveIBeenPwnedLatestBreaches #HIBP #OSINT #Security #threatintel #TroyHunt

Cushman & Wakefield - 310,431 breached accounts - https://www.redpacketsecurity.com/cushman-wakefield-310-431-breached-accounts/

#databreach #HaveIBeenPwnedLatestBreaches #HIBP #OSINT #Security #threatintel #TroyHunt

Cushman & Wakefield - 310,431 breached accounts - https://www.redpacketsecurity.com/cushman-wakefield-310-431-breached-accounts/

#databreach #HaveIBeenPwnedLatestBreaches #HIBP #OSINT #Security #threatintel #TroyHunt

Canada Life - 237,810 breached accounts - https://www.redpacketsecurity.com/canada-life-237-810-breached-accounts/

#databreach #HaveIBeenPwnedLatestBreaches #HIBP #OSINT #Security #threatintel #TroyHunt

Canada Life - 237,810 breached accounts - https://www.redpacketsecurity.com/canada-life-237-810-breached-accounts/

#databreach #HaveIBeenPwnedLatestBreaches #HIBP #OSINT #Security #threatintel #TroyHunt

Cushman & Wakefield - 310,431 breached accounts - https://www.redpacketsecurity.com/cushman-wakefield-310-431-breached-accounts/

#databreach #HaveIBeenPwnedLatestBreaches #HIBP #OSINT #Security #threatintel #TroyHunt

Cushman & Wakefield - 310,431 breached accounts - https://www.redpacketsecurity.com/cushman-wakefield-310-431-breached-accounts/

#databreach #HaveIBeenPwnedLatestBreaches #HIBP #OSINT #Security #threatintel #TroyHunt

Canada Life - 237,810 breached accounts - https://www.redpacketsecurity.com/canada-life-237-810-breached-accounts/

#databreach #HaveIBeenPwnedLatestBreaches #HIBP #OSINT #Security #threatintel #TroyHunt

Canada Life - 237,810 breached accounts - https://www.redpacketsecurity.com/canada-life-237-810-breached-accounts/

#databreach #HaveIBeenPwnedLatestBreaches #HIBP #OSINT #Security #threatintel #TroyHunt

Cushman & Wakefield - 310,431 breached accounts - https://www.redpacketsecurity.com/cushman-wakefield-310-431-breached-accounts/

#databreach #HaveIBeenPwnedLatestBreaches #HIBP #OSINT #Security #threatintel #TroyHunt

Brute Ratel C4 Detected - 54[.]249[.]68[.]148:80 - https://www.redpacketsecurity.com/brute-ratel-c4-detected-54-249-68-148-port-80/

#BruteRatelC4Detected #OSINT #ThreatIntel

Cobalt Strike Beacon Detected - 47[.]105[.]36[.]109:443 - https://www.redpacketsecurity.com/cobalt-strike-beacon-detected-47-105-36-109-port-443-25/

#CobaltStrikeBeaconDetected #OSINT #ThreatIntel

Cobalt Strike Beacon Detected - 117[.]72[.]175[.]125:8087 - https://www.redpacketsecurity.com/cobalt-strike-beacon-detected-117-72-175-125-port-8087-24/

#CobaltStrikeBeaconDetected #OSINT #ThreatIntel

Cobalt Strike Beacon Detected - 101[.]35[.]95[.]103:4444 - https://www.redpacketsecurity.com/cobalt-strike-beacon-detected-101-35-95-103-port-4444-17/

#CobaltStrikeBeaconDetected #OSINT #ThreatIntel

Cobalt Strike Beacon Detected - 143[.]92[.]43[.]231:8011 - https://www.redpacketsecurity.com/cobalt-strike-beacon-detected-143-92-43-231-port-8011-40/

#CobaltStrikeBeaconDetected #OSINT #ThreatIntel

Cobalt Strike Beacon Detected - 154[.]89[.]152[.]200:443 - https://www.redpacketsecurity.com/cobalt-strike-beacon-detected-154-89-152-200-port-443/

#CobaltStrikeBeaconDetected #OSINT #ThreatIntel

Cobalt Strike Beacon Detected - 143[.]92[.]43[.]153:8011 - https://www.redpacketsecurity.com/cobalt-strike-beacon-detected-143-92-43-153-port-8011-38/

#CobaltStrikeBeaconDetected #OSINT #ThreatIntel

Cobalt Strike Beacon Detected - 115[.]191[.]25[.]159:7777 - https://www.redpacketsecurity.com/cobalt-strike-beacon-detected-115-191-25-159-port-7777-17/

#CobaltStrikeBeaconDetected #OSINT #ThreatIntel

Cobalt Strike Beacon Detected - 143[.]92[.]43[.]246:8011 - https://www.redpacketsecurity.com/cobalt-strike-beacon-detected-143-92-43-246-port-8011-36/

#CobaltStrikeBeaconDetected #OSINT #ThreatIntel

Cobalt Strike Beacon Detected - 158[.]94[.]173[.]11:12345 - https://www.redpacketsecurity.com/cobalt-strike-beacon-detected-158-94-173-11-port-12345/

#CobaltStrikeBeaconDetected #OSINT #ThreatIntel

[STORMOUS] - Ransomware Victim: ttt[.]vn UPDATE-FULL DATA DUMP - https://www.redpacketsecurity.com/stormous-ransomware-victim-ttt-vn-update-full-data-dump/

#stormous #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[STORMOUS] - Ransomware Victim: vspsolutions[.]com[.]au SAMPLE-FREE 20GB - https://www.redpacketsecurity.com/stormous-ransomware-victim-vspsolutions-com-au-sample-free-20gb/

#stormous #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[INCRANSOM] - Ransomware Victim: Silergy Corp - https://www.redpacketsecurity.com/incransom-ransomware-victim-silergy-corp/

#incransom #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[DRAGONFORCE] - Ransomware Victim: Tricon Infotech - https://www.redpacketsecurity.com/dragonforce-ransomware-victim-tricon-infotech/

#dragonforce #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[QILIN] - Ransomware Victim: Mayer - https://www.redpacketsecurity.com/qilin-ransomware-victim-mayer/

#qilin #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[DRAGONFORCE] - Ransomware Victim: MicroMarketing - https://www.redpacketsecurity.com/dragonforce-ransomware-victim-micromarketing/

#dragonforce #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[QILIN] - Ransomware Victim: Domaine Des Tournels - https://www.redpacketsecurity.com/qilin-ransomware-victim-domaine-des-tournels/

#qilin #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[QILIN] - Ransomware Victim: Bluize - https://www.redpacketsecurity.com/qilin-ransomware-victim-bluize/

#qilin #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[QILIN] - Ransomware Victim: John G Yphantides A Professional Law - https://www.redpacketsecurity.com/qilin-ransomware-victim-john-g-yphantides-a-professional-law/

#qilin #dark_web #data_breach #OSINT #ransomware #threatintel #tor