Targeted attack on industrial enterprises and public institutions

Event ID 1520 UUID 28219fd4-56f3-470c-90ae-bdaeb006502e  Creator org ICS-CSIRT.io Owner org LUNCHBOX Creator user admin@admin.test Protected Event (experimental)   Event is in unprotected mode. Tags tlp:whitex dhs-ciip-sectors:DHS-critical-sectors=”government-facilities”x    Date 2022-08-12 Threat Level High Analysis Completed Distribution All communities    Published Yes 2022-08-17 17:21:11 #Attributes 190 (0 Objects) First recorded change 2022-08-12 22:46:15 Last change 2022-08-12 23:27:40 Modification map Sightings 0 (0) – … Read more

OSINT – Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine

Event ID 1250 UUID 3410ad13-ef34-48c9-bc6f-b1b111a30e06  Creator org CIRCL Owner org Creator user admin@admin.test Protected Event (experimental)   Event is in unprotected mode. Tags type:OSINTx osint:lifetime=”perpetual”x tlp:whitex    Date 2022-06-23 Threat Level Medium Analysis Completed Distribution All communities    Published Yes 2022-08-17 17:18:47 #Attributes 101 (10 Objects) First recorded change 2022-06-23 13:08:58 Last change 2022-06-23 13:24:07 Modification map Sightings 0 (0) – restricted … Read more

AirDrive Forensic Keylogger

Ultra compact and discreet Wi-Fi hardware keylogger Forensic Keylogger Keyboard Wi-Fi Forensic Keylogger Keyboard Wi-Fi – USB Keyboard with Integrated Hardware Keylogger, WiFi and 16MB Flash The Forensic Keylogger Keyboard Wi-Fi is a keystroke recording keyboard with an integrated hardware keylogger. The embedded hardware keylogger derives from the AirDrive Forensic family, acting as a Wi-Fi … Read more

Fun HoneyPot’s to Setup and see what current exploit trends are there

Glastopf is a web application honeypot. It emulates often-exploited web vulnerabilities, such as remote and local file inclusion and SQL injection. Glastopf examines the attacker’s HTTP request and attempts to respond according to expectations to, for instance, download malicious files. Dionaea is a honeypot for collecting malware. It emulates vulnerabilities in Windows services often targeted by malware, such … Read more

Examination of a “Drive-by-Download” Many Security Professionals Get this Wrong – It’s a type of Social Engineering

https://amzn.to/3n0lcqx Basic Definition: Drive-by downloads are a type of social engineering which happens when visiting a website and you are prompted for a download without initiating it, when viewing an e-mail message with software that allows javascript to run, by clicking on a deceptive pop-up window that prompts you to install the latest version of flash … Read more