piggo
@pigondrugs.bsky.social
I sheer alpacas and try to defend the internet from malware
~Cisa~
CISA released 18 new advisories detailing security issues and vulnerabilities in various Industrial Control Systems.
-
IOCs: (None identified)
-
#ICS #ThreatIntel #Vulnerability
CISA released 18 new advisories detailing security issues and vulnerabilities in various Industrial Control Systems.
-
IOCs: (None identified)
-
#ICS #ThreatIntel #Vulnerability
CISA Releases 18 ICS Advisories
www.cisa.gov
November 13, 2025 at 8:01 PM
~Cisa~
CISA released 18 new advisories detailing security issues and vulnerabilities in various Industrial Control Systems.
-
IOCs: (None identified)
-
#ICS #ThreatIntel #Vulnerability
CISA released 18 new advisories detailing security issues and vulnerabilities in various Industrial Control Systems.
-
IOCs: (None identified)
-
#ICS #ThreatIntel #Vulnerability
~Mandiant~
Learn to use Time Travel Debugging (TTD) to analyze obfuscated .NET malware and extract an AgentTesla payload.
-
IOCs: 4dfe67a8f1751ce0c29f7f44295e6028ad83bb8b3a7e85f84d6e251a0d7e3076
-
#MalwareAnalysis #TTD #ThreatIntel
Learn to use Time Travel Debugging (TTD) to analyze obfuscated .NET malware and extract an AgentTesla payload.
-
IOCs: 4dfe67a8f1751ce0c29f7f44295e6028ad83bb8b3a7e85f84d6e251a0d7e3076
-
#MalwareAnalysis #TTD #ThreatIntel
TTD for .NET Malware Analysis
cloud.google.com
November 13, 2025 at 5:07 PM
~Mandiant~
Learn to use Time Travel Debugging (TTD) to analyze obfuscated .NET malware and extract an AgentTesla payload.
-
IOCs: 4dfe67a8f1751ce0c29f7f44295e6028ad83bb8b3a7e85f84d6e251a0d7e3076
-
#MalwareAnalysis #TTD #ThreatIntel
Learn to use Time Travel Debugging (TTD) to analyze obfuscated .NET malware and extract an AgentTesla payload.
-
IOCs: 4dfe67a8f1751ce0c29f7f44295e6028ad83bb8b3a7e85f84d6e251a0d7e3076
-
#MalwareAnalysis #TTD #ThreatIntel
~Cisa~
CISA and partners updated the Akira ransomware advisory with new TTPs, including the use of POORTRY and STONETOP malware.
-
IOCs: POORTRY, STONETOP, SystemBC
-
#Akira #Ransomware #ThreatIntel
CISA and partners updated the Akira ransomware advisory with new TTPs, including the use of POORTRY and STONETOP malware.
-
IOCs: POORTRY, STONETOP, SystemBC
-
#Akira #Ransomware #ThreatIntel
CISA Updates Akira Ransomware Advisory
www.cisa.gov
November 13, 2025 at 5:05 PM
~Cisa~
CISA and partners updated the Akira ransomware advisory with new TTPs, including the use of POORTRY and STONETOP malware.
-
IOCs: POORTRY, STONETOP, SystemBC
-
#Akira #Ransomware #ThreatIntel
CISA and partners updated the Akira ransomware advisory with new TTPs, including the use of POORTRY and STONETOP malware.
-
IOCs: POORTRY, STONETOP, SystemBC
-
#Akira #Ransomware #ThreatIntel
~Checkpoint~
Q3 2025 saw record ransomware group fragmentation, with Qilin leading attacks and LockBit re-emerging with version 5.0.
-
IOCs: (None identified)
-
#LockBit #Qilin #Ransomware #ThreatIntel
Q3 2025 saw record ransomware group fragmentation, with Qilin leading attacks and LockBit re-emerging with version 5.0.
-
IOCs: (None identified)
-
#LockBit #Qilin #Ransomware #ThreatIntel
Q3 2025 Ransomware: Fragmentation & LockBit's Return
research.checkpoint.com
November 13, 2025 at 5:04 PM
~Checkpoint~
Q3 2025 saw record ransomware group fragmentation, with Qilin leading attacks and LockBit re-emerging with version 5.0.
-
IOCs: (None identified)
-
#LockBit #Qilin #Ransomware #ThreatIntel
Q3 2025 saw record ransomware group fragmentation, with Qilin leading attacks and LockBit re-emerging with version 5.0.
-
IOCs: (None identified)
-
#LockBit #Qilin #Ransomware #ThreatIntel
~Trendmicro~
Lumma Stealer malware has resurged, adding browser fingerprinting to its C2 tactics for improved evasion and targeting.
-
IOCs: pabuloa. asia, jamelik. asia
-
#InfoStealer #LummaStealer #ThreatIntel
Lumma Stealer malware has resurged, adding browser fingerprinting to its C2 tactics for improved evasion and targeting.
-
IOCs: pabuloa. asia, jamelik. asia
-
#InfoStealer #LummaStealer #ThreatIntel
Lumma Stealer Adds Browser Fingerprinting
www.trendmicro.com
November 13, 2025 at 12:34 PM
~Trendmicro~
Lumma Stealer malware has resurged, adding browser fingerprinting to its C2 tactics for improved evasion and targeting.
-
IOCs: pabuloa. asia, jamelik. asia
-
#InfoStealer #LummaStealer #ThreatIntel
Lumma Stealer malware has resurged, adding browser fingerprinting to its C2 tactics for improved evasion and targeting.
-
IOCs: pabuloa. asia, jamelik. asia
-
#InfoStealer #LummaStealer #ThreatIntel
~Sophos~
Microsoft's Nov. Patch Tuesday addresses 63 vulns, including 4 critical and one actively exploited Windows Kernel flaw (CVE-2025-62215).
-
IOCs: CVE-2025-62215
-
#CVE202562215 #Microsoft #PatchTuesday #ThreatIntel
Microsoft's Nov. Patch Tuesday addresses 63 vulns, including 4 critical and one actively exploited Windows Kernel flaw (CVE-2025-62215).
-
IOCs: CVE-2025-62215
-
#CVE202562215 #Microsoft #PatchTuesday #ThreatIntel
Microsoft November 2025 Patch Tuesday
news.sophos.com
November 13, 2025 at 4:04 AM
~Sophos~
Microsoft's Nov. Patch Tuesday addresses 63 vulns, including 4 critical and one actively exploited Windows Kernel flaw (CVE-2025-62215).
-
IOCs: CVE-2025-62215
-
#CVE202562215 #Microsoft #PatchTuesday #ThreatIntel
Microsoft's Nov. Patch Tuesday addresses 63 vulns, including 4 critical and one actively exploited Windows Kernel flaw (CVE-2025-62215).
-
IOCs: CVE-2025-62215
-
#CVE202562215 #Microsoft #PatchTuesday #ThreatIntel
~Socket~
The Socket team will be at Black Hat Europe and BSides London in December to discuss software supply chain security.
-
IOCs: (None identified)
-
#BSides #BlackHat #SupplyChain #ThreatIntel
The Socket team will be at Black Hat Europe and BSides London in December to discuss software supply chain security.
-
IOCs: (None identified)
-
#BSides #BlackHat #SupplyChain #ThreatIntel
Socket at Black Hat/BSides London
socket.dev
November 13, 2025 at 4:03 AM
~Socket~
The Socket team will be at Black Hat Europe and BSides London in December to discuss software supply chain security.
-
IOCs: (None identified)
-
#BSides #BlackHat #SupplyChain #ThreatIntel
The Socket team will be at Black Hat Europe and BSides London in December to discuss software supply chain security.
-
IOCs: (None identified)
-
#BSides #BlackHat #SupplyChain #ThreatIntel
~Cisa~
CISA released guidance for Emergency Directive 25-03, mandating immediate patching for critical Cisco ASA & Firepower vulnerabilities.
-
IOCs: CVE-2025-20333, CVE-2025-20362
-
#CVE202520333 #Cisco #ThreatIntel
CISA released guidance for Emergency Directive 25-03, mandating immediate patching for critical Cisco ASA & Firepower vulnerabilities.
-
IOCs: CVE-2025-20333, CVE-2025-20362
-
#CVE202520333 #Cisco #ThreatIntel
CISA Guidance: Cisco ASA/FTD Vulns
www.cisa.gov
November 12, 2025 at 8:01 PM
~Cisa~
CISA released guidance for Emergency Directive 25-03, mandating immediate patching for critical Cisco ASA & Firepower vulnerabilities.
-
IOCs: CVE-2025-20333, CVE-2025-20362
-
#CVE202520333 #Cisco #ThreatIntel
CISA released guidance for Emergency Directive 25-03, mandating immediate patching for critical Cisco ASA & Firepower vulnerabilities.
-
IOCs: CVE-2025-20333, CVE-2025-20362
-
#CVE202520333 #Cisco #ThreatIntel
~Cisa~
CISA adds three new actively exploited vulnerabilities to its KEV catalog affecting WatchGuard, Gladinet, and Microsoft products.
-
IOCs: CVE-2025-9242, CVE-2025-12480, CVE-2025-62215
-
#CISA #KEV #PatchNow #ThreatIntel
CISA adds three new actively exploited vulnerabilities to its KEV catalog affecting WatchGuard, Gladinet, and Microsoft products.
-
IOCs: CVE-2025-9242, CVE-2025-12480, CVE-2025-62215
-
#CISA #KEV #PatchNow #ThreatIntel
CISA Adds 3 Exploited Vulns to KEV
www.cisa.gov
November 12, 2025 at 5:57 PM
~Cisa~
CISA adds three new actively exploited vulnerabilities to its KEV catalog affecting WatchGuard, Gladinet, and Microsoft products.
-
IOCs: CVE-2025-9242, CVE-2025-12480, CVE-2025-62215
-
#CISA #KEV #PatchNow #ThreatIntel
CISA adds three new actively exploited vulnerabilities to its KEV catalog affecting WatchGuard, Gladinet, and Microsoft products.
-
IOCs: CVE-2025-9242, CVE-2025-12480, CVE-2025-62215
-
#CISA #KEV #PatchNow #ThreatIntel
~Trendmicro~
Legacy DLP solutions are insufficient for modern cloud environments, failing to track complex data movement and insider risks.
-
IOCs: (None identified)
-
#CloudSecurity #DLP #DataSecurity #ThreatIntel
Legacy DLP solutions are insufficient for modern cloud environments, failing to track complex data movement and insider risks.
-
IOCs: (None identified)
-
#CloudSecurity #DLP #DataSecurity #ThreatIntel
Legacy DLP vs. Modern Data Security
www.trendmicro.com
November 12, 2025 at 4:03 AM
~Trendmicro~
Legacy DLP solutions are insufficient for modern cloud environments, failing to track complex data movement and insider risks.
-
IOCs: (None identified)
-
#CloudSecurity #DLP #DataSecurity #ThreatIntel
Legacy DLP solutions are insufficient for modern cloud environments, failing to track complex data movement and insider risks.
-
IOCs: (None identified)
-
#CloudSecurity #DLP #DataSecurity #ThreatIntel
~Socket~
The OWASP Top 10 2025 adds 'Software Supply Chain Failures' as a new category, now ranked the #1 community concern.
-
IOCs: (None identified)
-
#AppSec #OWASP #SupplyChain #ThreatIntel
The OWASP Top 10 2025 adds 'Software Supply Chain Failures' as a new category, now ranked the #1 community concern.
-
IOCs: (None identified)
-
#AppSec #OWASP #SupplyChain #ThreatIntel
OWASP Top 10 2025 Adds Supply Chain Failures
socket.dev
November 11, 2025 at 8:03 PM
~Socket~
The OWASP Top 10 2025 adds 'Software Supply Chain Failures' as a new category, now ranked the #1 community concern.
-
IOCs: (None identified)
-
#AppSec #OWASP #SupplyChain #ThreatIntel
The OWASP Top 10 2025 adds 'Software Supply Chain Failures' as a new category, now ranked the #1 community concern.
-
IOCs: (None identified)
-
#AppSec #OWASP #SupplyChain #ThreatIntel
~Trendmicro~
IBM and Trend Micro are co-creating an AI-driven security solution for real-time risk and compliance on IBM Z and LinuxONE mainframes.
-
IOCs: (None identified)
-
#AI #IBM #Mainframe #ThreatIntel
IBM and Trend Micro are co-creating an AI-driven security solution for real-time risk and compliance on IBM Z and LinuxONE mainframes.
-
IOCs: (None identified)
-
#AI #IBM #Mainframe #ThreatIntel
IBM & Trend Micro Partner for AI-Driven Mainframe Security
www.trendmicro.com
November 11, 2025 at 5:04 PM
~Trendmicro~
IBM and Trend Micro are co-creating an AI-driven security solution for real-time risk and compliance on IBM Z and LinuxONE mainframes.
-
IOCs: (None identified)
-
#AI #IBM #Mainframe #ThreatIntel
IBM and Trend Micro are co-creating an AI-driven security solution for real-time risk and compliance on IBM Z and LinuxONE mainframes.
-
IOCs: (None identified)
-
#AI #IBM #Mainframe #ThreatIntel
~Microsoft~
Microsoft reports progress on its Secure Future Initiative (SFI), highlighting improved MFA adoption, secure-by-default principles, and AI-driven security.
-
IOCs: (None identified)
-
#Cybersecurity #Microsoft #SFI #ThreatIntel
Microsoft reports progress on its Secure Future Initiative (SFI), highlighting improved MFA adoption, secure-by-default principles, and AI-driven security.
-
IOCs: (None identified)
-
#Cybersecurity #Microsoft #SFI #ThreatIntel
Microsoft Secure Future Initiative Update
www.microsoft.com
November 11, 2025 at 5:02 PM
~Microsoft~
Microsoft reports progress on its Secure Future Initiative (SFI), highlighting improved MFA adoption, secure-by-default principles, and AI-driven security.
-
IOCs: (None identified)
-
#Cybersecurity #Microsoft #SFI #ThreatIntel
Microsoft reports progress on its Secure Future Initiative (SFI), highlighting improved MFA adoption, secure-by-default principles, and AI-driven security.
-
IOCs: (None identified)
-
#Cybersecurity #Microsoft #SFI #ThreatIntel
~Paloalto~
Attackers are exploiting rare, unmonitored RPC functions for authentication coercion to bypass defenses and compromise domains.
-
IOCs: (None identified)
-
#AuthenticationCoercion #RPC #ThreatIntel #Windows
Attackers are exploiting rare, unmonitored RPC functions for authentication coercion to bypass defenses and compromise domains.
-
IOCs: (None identified)
-
#AuthenticationCoercion #RPC #ThreatIntel #Windows
Authentication Coercion Attacks Evolving via Rare RPCs
unit42.paloaltonetworks.com
November 11, 2025 at 12:33 PM
~Paloalto~
Attackers are exploiting rare, unmonitored RPC functions for authentication coercion to bypass defenses and compromise domains.
-
IOCs: (None identified)
-
#AuthenticationCoercion #RPC #ThreatIntel #Windows
Attackers are exploiting rare, unmonitored RPC functions for authentication coercion to bypass defenses and compromise domains.
-
IOCs: (None identified)
-
#AuthenticationCoercion #RPC #ThreatIntel #Windows
~Mandiant~
Threat actor UNC6485 is exploiting Triofox vulnerability CVE-2025-12480 to gain unauthenticated remote code execution.
-
IOCs: 85. 239. 63. 37, 84. 200. 80. 252, 216. 107. 136. 46
-
#CVE202512480 #ThreatIntel #Triofox
Threat actor UNC6485 is exploiting Triofox vulnerability CVE-2025-12480 to gain unauthenticated remote code execution.
-
IOCs: 85. 239. 63. 37, 84. 200. 80. 252, 216. 107. 136. 46
-
#CVE202512480 #ThreatIntel #Triofox
Triofox Unauthenticated RCE Vulnerability
cloud.google.com
November 10, 2025 at 8:03 PM
~Mandiant~
Threat actor UNC6485 is exploiting Triofox vulnerability CVE-2025-12480 to gain unauthenticated remote code execution.
-
IOCs: 85. 239. 63. 37, 84. 200. 80. 252, 216. 107. 136. 46
-
#CVE202512480 #ThreatIntel #Triofox
Threat actor UNC6485 is exploiting Triofox vulnerability CVE-2025-12480 to gain unauthenticated remote code execution.
-
IOCs: 85. 239. 63. 37, 84. 200. 80. 252, 216. 107. 136. 46
-
#CVE202512480 #ThreatIntel #Triofox
~Cisa~
CISA warns of active exploitation of CVE-2025-21042, an out-of-bounds write vulnerability in Samsung mobile devices.
-
IOCs: CVE-2025-21042
-
#CVE202521042 #Samsung #ThreatIntel
CISA warns of active exploitation of CVE-2025-21042, an out-of-bounds write vulnerability in Samsung mobile devices.
-
IOCs: CVE-2025-21042
-
#CVE202521042 #Samsung #ThreatIntel
CISA Adds Samsung CVE to KEV Catalog
www.cisa.gov
November 10, 2025 at 8:01 PM
~Cisa~
CISA warns of active exploitation of CVE-2025-21042, an out-of-bounds write vulnerability in Samsung mobile devices.
-
IOCs: CVE-2025-21042
-
#CVE202521042 #Samsung #ThreatIntel
CISA warns of active exploitation of CVE-2025-21042, an out-of-bounds write vulnerability in Samsung mobile devices.
-
IOCs: CVE-2025-21042
-
#CVE202521042 #Samsung #ThreatIntel
~Socket~
Nine malicious NuGet packages found with time-delayed payloads that terminate processes & sabotage industrial control systems (ICS).
-
IOCs: Sharp7Extend, shanhai666
-
#ICS #Malware #NuGet #ThreatIntel
Nine malicious NuGet packages found with time-delayed payloads that terminate processes & sabotage industrial control systems (ICS).
-
IOCs: Sharp7Extend, shanhai666
-
#ICS #Malware #NuGet #ThreatIntel
Malicious NuGet Packages Target ICS
socket.dev
November 9, 2025 at 8:07 PM
~Socket~
Nine malicious NuGet packages found with time-delayed payloads that terminate processes & sabotage industrial control systems (ICS).
-
IOCs: Sharp7Extend, shanhai666
-
#ICS #Malware #NuGet #ThreatIntel
Nine malicious NuGet packages found with time-delayed payloads that terminate processes & sabotage industrial control systems (ICS).
-
IOCs: Sharp7Extend, shanhai666
-
#ICS #Malware #NuGet #ThreatIntel
~Microsoft~
New EU regulations NIS2 and DORA mandate a risk-based approach to cybersecurity for critical infrastructure, increasing board-level accountability.
-
IOCs: (None identified)
-
#DORA #NIS2 #Regulation #ThreatIntel
New EU regulations NIS2 and DORA mandate a risk-based approach to cybersecurity for critical infrastructure, increasing board-level accountability.
-
IOCs: (None identified)
-
#DORA #NIS2 #Regulation #ThreatIntel
EU's NIS2 & DORA Regulations
www.microsoft.com
November 9, 2025 at 8:04 PM
~Microsoft~
New EU regulations NIS2 and DORA mandate a risk-based approach to cybersecurity for critical infrastructure, increasing board-level accountability.
-
IOCs: (None identified)
-
#DORA #NIS2 #Regulation #ThreatIntel
New EU regulations NIS2 and DORA mandate a risk-based approach to cybersecurity for critical infrastructure, increasing board-level accountability.
-
IOCs: (None identified)
-
#DORA #NIS2 #Regulation #ThreatIntel
~Microsoft~
New IDC research shows organizations are increasingly investing in unified CNAPP solutions to combat rising cloud security incidents and tool sprawl.
-
IOCs: (None identified)
-
#CNAPP #CloudSecurity #ThreatIntel
New IDC research shows organizations are increasingly investing in unified CNAPP solutions to combat rising cloud security incidents and tool sprawl.
-
IOCs: (None identified)
-
#CNAPP #CloudSecurity #ThreatIntel
IDC Research: Major Cloud Security Shift
www.microsoft.com
November 9, 2025 at 8:03 PM
~Microsoft~
New IDC research shows organizations are increasingly investing in unified CNAPP solutions to combat rising cloud security incidents and tool sprawl.
-
IOCs: (None identified)
-
#CNAPP #CloudSecurity #ThreatIntel
New IDC research shows organizations are increasingly investing in unified CNAPP solutions to combat rising cloud security incidents and tool sprawl.
-
IOCs: (None identified)
-
#CNAPP #CloudSecurity #ThreatIntel
~Microsoft~
A new side-channel attack can infer topics of encrypted LLM conversations by analyzing network traffic packet sizes and timing.
-
IOCs: (None identified)
-
#AI #Privacy #SideChannel #ThreatIntel
A new side-channel attack can infer topics of encrypted LLM conversations by analyzing network traffic packet sizes and timing.
-
IOCs: (None identified)
-
#AI #Privacy #SideChannel #ThreatIntel
Whisper Leak: Side-Channel Attack on LLMs
www.microsoft.com
November 9, 2025 at 8:02 PM
~Microsoft~
A new side-channel attack can infer topics of encrypted LLM conversations by analyzing network traffic packet sizes and timing.
-
IOCs: (None identified)
-
#AI #Privacy #SideChannel #ThreatIntel
A new side-channel attack can infer topics of encrypted LLM conversations by analyzing network traffic packet sizes and timing.
-
IOCs: (None identified)
-
#AI #Privacy #SideChannel #ThreatIntel
~Paloalto~
New LANDFALL spyware exploits Samsung 0-day CVE-2025-21042 via malicious DNG images, likely delivered through WhatsApp.
-
IOCs: 194. 76. 224. 127, 91. 132. 92. 35, 92. 243. 65. 240
-
#Android #CVE202521042 #Spyware #ThreatIntel
New LANDFALL spyware exploits Samsung 0-day CVE-2025-21042 via malicious DNG images, likely delivered through WhatsApp.
-
IOCs: 194. 76. 224. 127, 91. 132. 92. 35, 92. 243. 65. 240
-
#Android #CVE202521042 #Spyware #ThreatIntel
LANDFALL Android Spyware
unit42.paloaltonetworks.com
November 7, 2025 at 12:34 PM
~Paloalto~
New LANDFALL spyware exploits Samsung 0-day CVE-2025-21042 via malicious DNG images, likely delivered through WhatsApp.
-
IOCs: 194. 76. 224. 127, 91. 132. 92. 35, 92. 243. 65. 240
-
#Android #CVE202521042 #Spyware #ThreatIntel
New LANDFALL spyware exploits Samsung 0-day CVE-2025-21042 via malicious DNG images, likely delivered through WhatsApp.
-
IOCs: 194. 76. 224. 127, 91. 132. 92. 35, 92. 243. 65. 240
-
#Android #CVE202521042 #Spyware #ThreatIntel
~Socket~
AI is accelerating attacks on developer environments, forcing security to shift focus from production code to the point of install.
-
IOCs: (None identified)
-
#AI #DevSecOps #ThreatIntel
AI is accelerating attacks on developer environments, forcing security to shift focus from production code to the point of install.
-
IOCs: (None identified)
-
#AI #DevSecOps #ThreatIntel
Enterprise Security Adapting to AI Threats
socket.dev
November 7, 2025 at 4:03 AM
~Socket~
AI is accelerating attacks on developer environments, forcing security to shift focus from production code to the point of install.
-
IOCs: (None identified)
-
#AI #DevSecOps #ThreatIntel
AI is accelerating attacks on developer environments, forcing security to shift focus from production code to the point of install.
-
IOCs: (None identified)
-
#AI #DevSecOps #ThreatIntel
~Zscaler~
New research reveals a massive surge in IoT and mobile malware attacks targeting government, healthcare, and education sectors.
-
IOCs: (None identified)
-
#IoT #Malware #PublicSector #ThreatIntel
New research reveals a massive surge in IoT and mobile malware attacks targeting government, healthcare, and education sectors.
-
IOCs: (None identified)
-
#IoT #Malware #PublicSector #ThreatIntel
Public Sector Mobile, IoT & OT Risks
www.zscaler.com
November 6, 2025 at 8:05 PM
~Zscaler~
New research reveals a massive surge in IoT and mobile malware attacks targeting government, healthcare, and education sectors.
-
IOCs: (None identified)
-
#IoT #Malware #PublicSector #ThreatIntel
New research reveals a massive surge in IoT and mobile malware attacks targeting government, healthcare, and education sectors.
-
IOCs: (None identified)
-
#IoT #Malware #PublicSector #ThreatIntel
~Cisa~
CISA released four new advisories for Advantech, Ubia, ABB, and Hitachi Energy ICS products.
-
IOCs: (None identified)
-
#CISA #ICS #ThreatIntel
CISA released four new advisories for Advantech, Ubia, ABB, and Hitachi Energy ICS products.
-
IOCs: (None identified)
-
#CISA #ICS #ThreatIntel
CISA Releases 4 ICS Advisories
www.cisa.gov
November 6, 2025 at 8:01 PM
~Cisa~
CISA released four new advisories for Advantech, Ubia, ABB, and Hitachi Energy ICS products.
-
IOCs: (None identified)
-
#CISA #ICS #ThreatIntel
CISA released four new advisories for Advantech, Ubia, ABB, and Hitachi Energy ICS products.
-
IOCs: (None identified)
-
#CISA #ICS #ThreatIntel
~Sekoia~
Threat actors compromise hotels with PureRAT malware to steal Booking.com credentials, then phish guests for fraudulent payments.
-
IOCs: 85. 208. 84. 94, 77. 83. 207. 106, sqwqwasresbkng. com
-
#Malware #Phishing #PureRAT #ThreatIntel
Threat actors compromise hotels with PureRAT malware to steal Booking.com credentials, then phish guests for fraudulent payments.
-
IOCs: 85. 208. 84. 94, 77. 83. 207. 106, sqwqwasresbkng. com
-
#Malware #Phishing #PureRAT #ThreatIntel
Booking.com 'I Paid Twice' Phishing Campaign
blog.sekoia.io
November 6, 2025 at 12:36 PM
~Sekoia~
Threat actors compromise hotels with PureRAT malware to steal Booking.com credentials, then phish guests for fraudulent payments.
-
IOCs: 85. 208. 84. 94, 77. 83. 207. 106, sqwqwasresbkng. com
-
#Malware #Phishing #PureRAT #ThreatIntel
Threat actors compromise hotels with PureRAT malware to steal Booking.com credentials, then phish guests for fraudulent payments.
-
IOCs: 85. 208. 84. 94, 77. 83. 207. 106, sqwqwasresbkng. com
-
#Malware #Phishing #PureRAT #ThreatIntel