Créer un compteSe connecter

Recherches récentes

Aucune recherche récente

Options de recherche

Disponible uniquement lorsque vous êtes connecté.
mastouille.fr est l'un des nombreux serveurs Mastodon indépendants que vous pouvez utiliser pour participer au fédiverse.
Mastouille est une instance Mastodon durable, ouverte, et hébergée en France.

Administré par :

Statistiques du serveur :

596
comptes actifs

mastouille.fr: À proposAnnuaire des profilsPolitique de confidentialité

Mastodon: À proposTélécharger l’applicationRaccourcis clavierVoir le code sourcev4.3.4

#pikabot

0 message0 participant0 message aujourd’hui
Public
Threat Insight

Today we celebrate a major cybersecurity victory. 👏 Operation Endgame, a global law enforcement effort supported by insights from experts at Proofpoint and other industry vendors, resulted in:

• The disruption of major botnets
• Four arrests
• Over 100 servers taken down across 10 countries
• Over 2,000 domains brought under the control of law enforcement
• Illegal assets frozen

Proofpoint’s mission is to provide the best human-centric protection for our customers against advanced threats. Whenever possible and appropriate to do so, Proofpoint uses its team’s knowledge and skills to help protect a wider audience against widespread malware threats.

For #OperationEndgame, Proofpoint threat researchers lent their expertise in reverse engineering malware, botnet infrastructure, and identifying patterns in how the threat actors set up their servers to help authorities understand the malware and safely remediate the bot clients.

Proofpoint’s unmatched threat telemetry and researcher knowledge played a crucial role in the operation, providing key insights in identifying the new botnets that are most likely to grow and become the dominant threats affecting the most number of people around the world.

More information on the takedown and Proofpoint’s involvement can be found in our blog: proofpoint.com/us/blog/threat-.

Proofpoint · Operation Endgame - Global Law Enforcement Malware Takedown | Proofpoint USOperation Endgame was a widespread effort to disrupt malware and botnet operations. Learn how global law enforcement collaborated with Proofpoint to succeed.
#IcedID#SystemBC#Pikabot
Public
Redhotcyber

Operazione Endgame: Europol Demolisce Le Reti Botnet e Dropper e Arresta i Cybercriminali

Tra il 27 e il 29 maggio 2024 l’operazione #Endgame, coordinata dal quartier generale di #Europol, ha preso di mira i dropper tra cui #IcedID, #SystemBC, #Pikabot, #Smokeloader, #Bumblebee e #Trickbot.

#redhotcyber #online #it #ai #hacking #innovation #privacy #cybersecurity #technology #engineering #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity

redhotcyber.com/post/operazion

il blog della sicurezza informatica · Operazione Endgame: Europol Demolisce Le Reti Botnet e Dropper e Arresta i CybercriminaliTra il 27 e il 29 maggio 2024, l'operazione Endgame di Europol ha preso di mira dropper come IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee e Trickbot.
Public
The Spamhaus Project

🚨#IcedID, #Smokeloader, #SystemBC, #Pikabot and #Bumblebee botnets have been disrupted by Operation Endgame!! This is the largest operation EVER against botnets involved with ransomware, with gargantuan thanks to a coordinated effort led by international agencies 👏👏

As with the #Qakbot and #Emotet takedowns, Spamhaus are again providing remediation support - those affected will be contacted from today with steps to take.

👉 For more information, read our write-up here: spamhaus.org/resource-hub/malw

The Spamhaus ProjectMalware | Operation Endgame | Botnets disrupted after international action | Resources
#OperationENDGAME
Public
Not Simon

Zscaler identified Pikabot malware loader's string obfuscation algorithm. They describe the algorithm and their approach to decrypt the binary strings using IDA's microcode. They developed an IDA plugin to automatically decrypt Pikabot's obfuscated strings and released the source code. IOC provided. 🔗 zscaler.com/blogs/security-res

www.zscaler.comAutomating Pikabot’s String DeobfuscationThreatLabz created an IDA plugin to automate the deobfuscation of Pikabot’s strings.
#Pikabot#threatintel#IOC
Public
Redhotcyber

TA577 sotto i riflettori: la nuova minaccia del phishing per rubare hash NTLM

Il gruppo noto come #TA577, identificato come un initial access broker (#IAB) e precedentemente associato a Qbot e al #ransomware #BlackBasta, ha recentemente modificato le sue tattiche operative.

Sebbene in passato TA577 abbia mostrato una preferenza per l’implementazione di #Pikabot, due recenti ondate di #attacco hanno rivelato una strategia diversa.

Condividi questo post se hai trovato la news interessante.

#redhotcyber #online #it #web #ai #hacking #privacy #cybersecurity #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity

redhotcyber.com/post/ta577-sot

Red Hot Cyber · TA577 sotto i riflettori: la nuova minaccia del phishing per rubare hash NTLMIl gruppo noto come TA577 ha recentemente modificato le sue tattiche operative, utilizzando il phishing via email per rubare gli hash di autenticazione NT LAN Manager (NTLM) e compromettere gli account aziendali.
Public
Valéry Rieß-Marchive :verified:

🚨 Nouveau malware alerte! Pikabot, identifié pour la première fois en février 2023, est un logiciel malveillant sophistiqué qui échappe à la détection et à l'analyse grâce à ses techniques de furtivité avancées. 🕵️‍♂️ Distribué principalement via des campagnes de malspam et de malvertising, il évite les systèmes liés à la Russie et pourrait avoir des liens avec le maliciel Matanbuchus. 📧 Méfiez-vous des emails piégés et des fausses publicités, car Pikabot est associé à des cyberattaques et au ransomware Black Basta. #CyberSécurité #Malware #Pikabot
lemagit.fr/conseil/Maliciel-a-

LeMagITMaliciel : à la découverte de Pikabot | LeMagITApparu début 2023, Pikabot est un logiciel malveillant associé à la nébuleuse Conti, et en particulier à Black Basta. Ses modes de distribution ont varié au fil du temps, du malvertising au « malspam ».
Public
Brad

From a post I authored for my employer at linkedin.com/posts/unit42_ta57 and twitter.com/Unit42_Intel/statu

2023-11-02 (Thursday) - Like many others, we've also seen #TA577 #Pikabot activity throughout this week. We collected indicators of compromise (IOCs) from a 10 hour infection run. List of IOCs available at github.com/PaloAltoNetworks/Un

A #pcap of the 10 hour Pikabot infection run, associated malware samples, and copies of the exported registry updates are available at malware-traffic-analysis.net/2

Public
Brad

Post I wrote for my employer at twitter.com/Unit42_Intel/statu and linkedin.com/posts/unit42_ta57

2023-10-17 (Tuesday): #TA577 #Pikabot infection with HTTPS #CobaltStrike traffic on 45.155.249[.]171:443 using ponturded[.]com.

Thanks to the @cryptolaemus1 group on for their initial post on today's Pikabot activity! IOCs from our infection run available at github.com/PaloAltoNetworks/Un

#pcap of the infection traffic, along with the associated malware and artifacts are available at malware-traffic-analysis.net/2

Public
Brad

Tweet I wrote for my employer at the bird site: twitter.com/Unit42_Intel/statu

2023-05-17 (Wednesday): Today, this week's BB28 #Qakbot-style distribution chain pushed #Pikabot instead of Qakbot. Followed up with #CobaltStrike using #DNSTunneling. We later saw additional Cobalt Strike traffic over HTTPS. List of IOCs available at github.com/pan-unit42/tweets/b

A carved #pcap of the infection traffic (removed everything not related to the #Pikabot & #CobaltStrike) and the associated malware/registry updates available at malware-traffic-analysis.net/2

ExplorerFlux en direct
À propos