Saturday, September 21, 2024

The 911 S5 Proxy Botnet

The 911 S5 Proxies-as-a-Service was a prolific proxy service that was utilizing botnets to offer a very good degree of anonymity for the act...

Profiling the Gaza Hackers Team

In the following post I'll profile the Gaza Hackers Team. Sample photos: Primary group's domains: hxxp://gaza-hacker.com hxxp://hack...

Exposing an Indian Police Spyware Cyber Operation

This analysis is based on this Wired.com story. Sample Gmail accounts known to have been involved in the campaign include: jagdish.meshraam...
Wednesday, September 18, 2024

Spamvertized Github Powershell Malicious Software Executing Campaign Spotted in the Wild

Dear blog readers, I've recently intercepted a currently circulating spamvertised campaign enticing users into interacting with a Powers...

An OSINT Profile of U.S Secret Service's Most Wanted Cybercriminal Danil Potekhin

In this analysis we’ll take a look at the Internet connected infrastructure of U.S Secret Service’s most wanted cybercriminal with a $10M re...

Dynamic DNS Service Providers for APT Command and Control (C&C) - An Analysis

Dear blog readers, The following is a compilation of dynamic DNS providers in specific ones used by APTs and various other targeted campaign...
Tuesday, September 17, 2024

The Intellexa Commercial Spyware Consortium, The Predator Spyware, NSO Group and Bulgaria's Circles Commercial Spyware Vendor

Dear blog readers, I've decided to continue my post on Bulgaria's Circles commercial spyware vendor which I profiled here in depth ...