Twitter | Search | |
Kafeine
Sleep is a symptom of caffeine deprivation.
1,205
Tweets
518
Following
15,581
Followers
Tweets
Kafeine retweeted
Matthew Mesa 9h
hxxps://goo[.]gl/1GEcjp -> -> CVE-2017-11882 -> mshta -> Powershell -> DLL -> Drops msxsl.exe and runs Jscript Backdoor (more_eggs) with it. Likely Cobalt group/gang. Similar Jscript payload described here:
Reply Retweet Like
Kafeine Nov 20
Could you follow for DM please ?
Reply Retweet Like
Kafeine retweeted
Justin Nov 14
Investigating Command and Control Infrastructure (Emotet) | MalwareTech via
Reply Retweet Like
Kafeine Nov 1
The Kovter Saga or KovCoreG a 5 year activity retrospective thx
Reply Retweet Like
Kafeine retweeted
Denis O'Brien Oct 30
No better time to release the beast. Happy Halloween coming all😈!
Reply Retweet Like
Kafeine retweeted
tildedennis Oct 25
Reply Retweet Like
Kafeine Oct 19
Replying to @wesdrone @darienhuss
This graph contains part of the answer maybe (cf )
Reply Retweet Like
Kafeine Oct 19
DealersChoice (a Sofacy/APT28's exploit platform) += CVE-2017-11292
Reply Retweet Like
Kafeine Oct 18
Those are screenshots of my instance of (List of event with filter on Cerber tag, and partial view of one of those events)
Reply Retweet Like
Kafeine Oct 17
Goodbye Cerber Ransomware ? Last known (to me) infection vector (Magnitude) for Cerber switched ( to "Magniber" )
Reply Retweet Like
Kafeine Oct 16
Ransomware spread by Magnitude. Hosted behind same infra. KOR focused for now (cc/thx )
Reply Retweet Like
Kafeine retweeted
Costin Raiu Oct 16
Blog: APT and new targeted attacks leveraging zero-day exploit (CVE-2017-11292)
Reply Retweet Like
Kafeine retweeted
Clara Jeffery Oct 13
Periodic reminder that when you put Outbrain or Taboola on your site you endorse: Fake news sexism ageism racist dumbfuckery
Reply Retweet Like
Kafeine Oct 6
A look at a full "KovCoreG" malvertising chain into SocEng into Kovter cc/thx
Reply Retweet Like
Kafeine Sep 27
Country code in 3 letters (ISO 3166-1 alpha-3): Spain and Italia. No compromission in what i saw. Malvertising (ad-agency abused)
Reply Retweet Like
Kafeine Sep 25
c9d8ad1f4db6b3fce33afb428fa7d0e4cafd3cdcfa210fad1f8478f78244a3f7 and later: d6be465ef5917ec11e7d0323c65b56a3b3de9587d7a6e180d01572a5c7c05f19
Reply Retweet Like
Kafeine Sep 22
Whaaat ?! GrandSoft Exploit Kit used to spread zloader in ESP/ITA with CVE-2016-0189. cc/tx
Reply Retweet Like
Kafeine retweeted
Jakub Kroustek Sep 20
Reply Retweet Like
Kafeine retweeted
Craig Williams Sep 20
APT supply chain attack to compromise 700k+ machines targetting 20 specific tech companies
Reply Retweet Like
Kafeine retweeted
Avast Software Sep 18
An Update to the 5.33.1612 Security Incident ➤
Reply Retweet Like