Profile avatar
mimisec.bsky.social
Ol' USAF Cyber. Ima say it. Own views. I learned I don't know anything. He/Him. Just the plumber.
15 posts 60 followers 317 following
Prolific Poster
Posts 39 Comments 4

Credit:AlvieriD Bluebox Ransomware DLS zu3wfrmrkl4ltqqnpt3owp3cwa33rqwod4gpe3ttb5o4vf2is2gzm6qd[.]onion

submitted 168 days ago • 0 comments

Socgolish Domain: *.material[.]amstillroofing[.]com

submitted 169 days ago • 0 comments

"We can now share that our latest investigation also found links between some of Doppelganger’s activities and individuals associated with MGIMO (Moscow State Institute of International Relations)." via Meta/PDF: scontent.fotp7-2.fna.fbcdn.net/v/t39.8562-6...

submitted 175 days ago • 0 comments

Research_Reports.zip 6a15b145267baf3c492af4a9e8ee4f244ee5070f9a02e5516c12d78bcd60e4ff interesting, using a domain name that isn't registered ... perhaps a typo? #apt #bitter

submitted 175 days ago • 0 comments

decoy on Security_Alert-US_MISSION_TO_PAKISTAN.pdf.lnk, beat by yogesh across the river by 31 minutes 😐 c2 vorm.vormliebe[.]club d60e979ee44c9dc16e36657ec3a41016627cc685965befed018058986dd5d45e

submitted 175 days ago • 0 comments

More great examples why you need to give employees a trusted PDF tool pdfskillspro[.]com pdskillsapp[.]com Literally uploads files to their servers while saying they don't.

submitted 175 days ago • 0 comments

FunkSec Ransomware DLS 7ixfdvqb4eaju5lzj4gg76kwlrxg4ugqpuog5oqkkmgfyn33h527oyyd[.]onion

submitted 175 days ago • 0 comments

I try to write technical blogs regularly on topics I’m interested in. Recently this has been a lot of reverse engineering, Bluetooth, and networking hacks. But there’s many other goodies too! As I’m invested in this aspect of bsky succeeding, here’s a thread of my posts. Comments encouraged!

submitted 177 days ago • 1 comment

Initial Access Detection Opportunities 🖥️ Quickassist detection: x.com/mthcht/statu... ✉️High volume of external emails sent to a single recipient 💬Teams interaction with a foreign tenant x.com/mthcht/statu... x.com/hir3n_s/stat... filter on usernames with IT,Help,Desk,support,Tech,Customer,Microsoft

submitted 180 days ago • 0 comments

RomCom/Storm-0978 exploits Firefox and Windows zero days in the wild Firefox 0day CVE-2024-9680 + Windows privilege escalation 0day CVE‑2024‑49039 welivesecurity.com/en/eset-rese...

submitted 182 days ago • 0 comments

GET /php/ztp_gate.php/.js.map HTTP/1.1 Host: {{Hostname}} X-PAN-AUTHCHECK: off GTFO! Come on, they are laughing at us now. labs.watchtowr.com/pots-and-pan...

submitted 190 days ago • 3 comments

New Helldown ransomware targets Windows and Linux systems, uses Zyxel firewall exploits for initial access blog.sekoia.io/helldown-ran...

submitted 190 days ago • 0 comments

medium.com/@traclabs_/a...

submitted 190 days ago • 0 comments

submitted 190 days ago • 1 comment

🚨🇺🇸Sealevel Construction Inc Has Been Claimed a Victim to RansomHub Ransomware darkwebinformer.com/sealevel-con...

submitted 191 days ago • 0 comments

The certificate on this malware caught my eye. 👀 Starts with Google Ad, malware signed by Microsoft, and ends in support scam. It checks if Quickbooks is running, checks the day of week, tells you to call a "support" number before killing Quickbooks. www.malwarebytes.com/blog/scams/2...

submitted 191 days ago • 0 comments

You all know what to do

submitted 191 days ago • 2 comments

if plugx is your game, open dir with live payloads 103.43.18[.]71:88 #apt #malware files archived here for homegamers github.com/StrikeReady-...

submitted 193 days ago • 0 comments

#sidewinder #apt targeting singapore with "sg customs" lure c2 advisories-sgcustoms.d0cumentview[.]info 40159fcfe9793a8a13111131e31f10eb1652343f6b9d172e2cadc821bc5f28fd (uploaded from SG) NO-712024.docx

submitted 191 days ago • 0 comments

Smokeloader keeps crawling its way back into the limelight. If you want a primer on it, I gave a public talk on it 2 years ago www.youtube.com/watch?v=O69e...

submitted 193 days ago • 1 comment

Using EclecticIQ’s analysis, I uncovered 39 additional domains linked to Chinese #ThreatActor #SilkSpecter, impersonating brands like IKEA, The North Face, Zalando and Zara. Key IOCs: trusttollsvg.js collect.js #ThreatIntel #OSINT #Scam #BlackFriday #Phishing blog.eclecticiq.com/inside-intel...

submitted 191 days ago • 0 comments

🚨New Ransomware Group, "Termite," has named their first 5 victims termiteuslbumdge2zmfmfcsrvmvsfe4gvyudc5j6cdnisnhtftvokid[.]onion

submitted 192 days ago • 0 comments

May 13, 2024 blogpost It is common for malware to be signed with code signing certificates. How is this possible? Impostors receive the cert directly and sign malware. In this blog-post, we look at 100 certs used by #Solarmarker #malware to learn more. squiblydoo.blog/2024/05/13/i...

submitted 192 days ago • 0 comments

Said it once I'll say it again, UFO 50 and Animal Well are masterpieces worth every minute.

submitted 192 days ago • 0 comments

Man mass purging tweets is kindof a pain in the butt huh lol.

submitted 192 days ago • 0 comments

🚨Breachachu Has Allegedly Leaked the Source Code to Emirates Phishing Kit Archive darkwebinformer.com/breachachu-h...

submitted 193 days ago • 0 comments

Beyond good ol’ Run key, Part 144 www.hexacorn.com/blog/2024/11...

submitted 194 days ago • 1 comment

Ransomlook is a neat lil site also ransomlive kinda wonder if there are some other similar ones

submitted 193 days ago • 0 comments

Still gotta play that horror golf game. Such a jarring combination of genres.

submitted 193 days ago • 0 comments

Tricking the algorithm into thinking I'm a narcissist by liking all my own posts.

submitted 193 days ago • 0 comments

In case you were ever wondering how to load a unsigned driver into Windows :) www.themalwareman.com/Loading-An-U...

submitted 194 days ago • 2 comments

🚨I can't get it to load, but this is a new Ransomware group called: SAFEPAY http://nj5qix45sxnl4h4og6hcgwengg2oqloj3c2rhc6dpwiofx3jbivcs6qd[.]onion/

submitted 194 days ago • 0 comments

Looks like someone went ahead and made it... a "Tweetdeck" for Bluesky. https://deck.blue/

submitted 194 days ago • 12 comments

Holy shit

submitted 194 days ago • 8 comments

🧵Today’s blogpost focuses on a newer ransomware variant named SafePay. Needless to say, ransomware sucks. When this new variant appeared, it gained our attention. 👀 Let’s dig into what happened and what makes it tick ⬇️:

submitted 194 days ago • 2 comments

Really can't recommend tinkering with these tools enough. You'll find all sorts of goodies. Very useful for pivoting and finding related infrastructure. Pretty useful for programmatic alerting as well. Shodan Censys FOFA Validin UrlScan

submitted 194 days ago • 0 comments

github.com/blackorbird/...

submitted 194 days ago • 0 comments

#Latrodectus campaign from today gist.github.com/myrtus0x0/cd.... If anything comes of it, I'll put in thread

submitted 196 days ago • 1 comment

Just gonna reiterate I'll be the first to admit I don't know much, but if anyone ever needs any help in learning infosec type stuff, I'm all for lending a hand 😀 (also if i don't know the immediate answer, I'll learn right along with you.)

submitted 194 days ago • 0 comments