St3C4nB5T25

NOTE: This is the 2nd time Twitter API suffered from information disclosure. The first time, 9,000,000+ users were scraped. This time, 221,000,000+ users were scraped. According to Threat Actors, the issue is now patched. https://rss.app/articles/cb4e791f6f6d729c074351566bd3a7c508111d6e0927a7efc6e7951d978972c9e650b648389c9b2beca36c7cdf130f9468d16ae2ca137314883ec762 NOTE: This is the 2nd time Twitter API suffered from information disclosure. The first time, 9,000,000+ users were scraped. This time, 221,000,000+ users were scraped. According to Threat Actors, the issue is now patched.— vx-underground (@vxunderground) January 4, 2023 (https://twitter.com/vxunderground/status/1610707842381803521?ref_src=twsrc%5Etfw)

We are reporting out Microsoft Exchange servers still likely vulnerable to CVE-2022-41082 #ProxyNotShell. Nearly 70K IPs found without MS patches applied (based on version info). Previously recommended mitigation techniques can be bypassed by attackers https://t.co/ApcM9HwiOK pic.twitter.com/dGA0LvEAbG https://rss.app/articles/cb4e791f6f6d729c074351566bd3a7c508111d6e2c37b3e5cdf5941f979062d5ad0cb15d2d9d9d77f2a46a7adb17069163d26ee0c7167a1d8f3bc5 We are reporting out Microsoft Exchange servers still likely vulnerable to CVE-2022-41082 #ProxyNotShell (https://twitter.com/hashtag/ProxyNotShell?src=hash&ref_src=twsrc%5Etfw). Nearly 70K IPs found without MS patches applied (based on version info). Previously recommended mitigation techniques can be bypassed by attackershttps://t.co/ApcM9HwiOK pic.twitter.com/dGA0LvEAbG (https://t.co/dGA0LvEAbG)— Shadowserver (@Shadowserver) December 26, 2022 (https://twitter.com/Shadowserver/status/1607439237615419400?ref_src=twsrc%5Etfw)

Found new #Android #malware that read all the sms and send to a server 👀A website sells account creations (Fb, Google..) it uses infected phones to make the registrations with auth sms 🥷🏻 N°1 in new sms app in Play Store in #India it has infected 100k+ people there 👾 pic.twitter.com/VH6DHWEG4y https://rss.app/articles/cb4e791f6f6d729c074351566bd3a7c508111d6e3631b5f3c3edaa1b9d8f6ac2ad0cb15d2d9d9d77f2a7637add160b9265d26ae2c11b7f168e39cd Found new #Android (https://twitter.com/hashtag/Android?src=hash&ref_src=twsrc%5Etfw) #malware (https://twitter.com/hashtag/malware?src=hash&ref_src=twsrc%5Etfw) that read all the sms and send to a server 👀 A website sells account creations (Fb, Google..) it uses infected phones to make the registrations with auth sms 🥷🏻 N°1 in new sms app in Play Store in #India (https://twitter.com/hashtag/India?src=hash&ref_src=twsrc%5Etfw) it has infected 100k+ people there 👾 pic.twitter.com/VH6DHWEG4y (https://t.co/VH6DHWEG4y)— Maxime Ingrao (@IngraoMaxime) November 28, 2022 (https://twitter.com/IngraoMaxime/status/1597224157233942528?ref_src=twsrc%5Etfw)

On November 21st #ESETResearch detected and alerted @_CERT_UA of a wave of ransomware we named #RansomBoggs, deployed in multiple organizations in Ukraine🇺🇦. While the malware written in .NET is new, its deployment is similar to previous attacks attributed to #Sandworm. 1/9 pic.twitter.com/WyxzCZSz84 https://rss.app/articles/cb4e791f6f6d729c074351566bd3a7c508111d6e3a0c97d5d0e7941f849464cfad0cb15d2d9d9d77f2a7637bde1c0e9a62d06ee7c1157d148833c3 On November 21st #ESETResearch (https://twitter.com/hashtag/ESETResearch?src=hash&ref_src=twsrc%5Etfw) detected and alerted @_CERT_UA (https://twitter.com/_CERT_UA?ref_src=twsrc%5Etfw) of a wave of ransomware we named #RansomBoggs (https://twitter.com/hashtag/RansomBoggs?src=hash&ref_src=twsrc%5Etfw), deployed in multiple organizations in Ukraine🇺🇦. While the malware written in .NET is new, its deployment is similar to previous attacks attributed to #Sandworm (https://twitter.com/hashtag/Sandworm?src=hash&ref_src=twsrc%5Etfw). 1/9 pic.twitter.com/WyxzCZSz84 (https://t.co/WyxzCZSz84)— ESET research (@ESETresearch) November 25, 2022 (https://twitter.com/ESETresearch/status/1596181925663760386?ref_src=twsrc%5Etfw)

DOCGuard found a #qakbot HTA sample that bypassed nearly all the AV and sandbox vendors in @virustotal.HTA => Password Protected ZIP => IMG => JS and a hidden DLL and txt file contains part of "regsvr32.exe" string ==> Regsvr32.exe@malwrhunterteam https://t.co/r1qTP1l4Br pic.twitter.com/d7xUOMOJsa https://rss.app/articles/cb4e791f6f6d729c074351566bd3a7c508111d6e1b30b1dec5f7860881c974d3e30bb04f76d9db61f0a4687dd9160c9a63d16be5c3137910 DOCGuard found a #qakbot (https://twitter.com/hashtag/qakbot?src=hash&ref_src=twsrc%5Etfw) HTA sample that bypassed nearly all the AV and sandbox vendors in @virustotal (https://twitter.com/virustotal?ref_src=twsrc%5Etfw). HTA => Password Protected ZIP => IMG => JS and a hidden DLL and txt file contains part of "regsvr32.exe" string ==> Regsvr32.exe@malwrhunterteam (https://twitter.com/malwrhunterteam?ref_src=twsrc%5Etfw)https://t.co/r1qTP1l4Br pic.twitter.com/d7xUOMOJsa (https://t.co/d7xUOMOJsa)— DOCGuard - Detect Maldocs in Seconds! (@doc_guard) November 18, 2022 (https://twitter.com/doc_guard/status/1593620623934341124?ref_src=twsrc%5Etfw)

Top passwords used in RDP brute-force attacks by @helpnetsecurity https://t.co/EBlKhs348h https://rss.app/articles/cb4e791f6f6d729c074351566bd3a7c508111d6e2c2be1c296eca54f91d43288f10ba4482c9bc169f6ab697cdb150b9665d169e2c0137a15883d Top passwords used in RDP brute-force attacks by @helpnetsecurity (https://twitter.com/helpnetsecurity?ref_src=twsrc%5Etfw)https://t.co/EBlKhs348h— St3C4nB5T25 (@St3C4nB5t25) November 17, 2022 (https://twitter.com/St3C4nB5t25/status/1593141455413211136?ref_src=twsrc%5Etfw)

APT Groups Map from Microsoft Digital Defense Report 2022. https://t.co/ALzpcoa14z pic.twitter.com/1uo7xPA5tM https://rss.app/articles/cb4e791f6f6d729c074351566bd3a7c508111d6e1d33b3e2c9ed95188c946388f10ba4482c9bc169f6aa627adc15079063d66ce5c61773138e3f APT Groups Map from Microsoft Digital Defense Report 2022.https://t.co/ALzpcoa14z pic.twitter.com/1uo7xPA5tM (https://t.co/1uo7xPA5tM)— blackorbird (@blackorbird) November 5, 2022 (https://twitter.com/blackorbird/status/1588731833344458754?ref_src=twsrc%5Etfw)

Mark Sokolovsky, a Ukrainian and the alleged author of Raccoon Stealer, was arrested in the Netherlands in March, 2022 with the accidental help of his girlfriendThey fled Ukraine together. She documented everything on InstagramShe posted this photo 2 days prior to his arrest pic.twitter.com/Oa5bWZM5vV https://rss.app/articles/cb4e791f6f6d729c074351566bd3a7c508111d6e0927a7efc6e7951d978972c9e650b648389c9b2beca36f75d8170f9766d069e5c0147817893dc260 Mark Sokolovsky, a Ukrainian and the alleged author of Raccoon Stealer, was arrested in the Netherlands in March, 2022 with the accidental help of his girlfriend They fled Ukraine together. She documented everything on Instagram She posted this photo 2 days prior to his arrest pic.twitter.com/Oa5bWZM5vV (https://t.co/Oa5bWZM5vV)— vx-underground (@vxunderground) November 1, 2022 (https://twitter.com/vxunderground/status/1587304651426332673?ref_src=twsrc%5Etfw)

🇲🇽 Distribuyen 72,853 archivos de la Secretaría de Finanzas del Gobierno de la Ciudad de MéxicoSon 6 GB de información robada¿Otro sistema Zimbra? pic.twitter.com/rZCfbixseW https://rss.app/articles/cb4e791f6f6d729c074351566bd3a7c508111d6e1736a0e0cfe1881595c974d3e30bb04f76d9db60f4a0697fdf15099269d26fe2c6167b11 🇲🇽 Distribuyen 72,853 archivos de la Secretaría de Finanzas del Gobierno de la Ciudad de México Son 6 GB de información robada ¿Otro sistema Zimbra? pic.twitter.com/rZCfbixseW (https://t.co/rZCfbixseW)— Hiram Alejandro (@hiramcoop) October 31, 2022 (https://twitter.com/hiramcoop/status/1587232016197734405?ref_src=twsrc%5Etfw)

To whomever it concerns: I am NOT in any ways affiliated with Azov (or any other #ransomware). It’s a common practice among cyber criminals to try to frame security researchers. pic.twitter.com/zvlwWvroaD https://rss.app/articles/cb4e791f6f6d729c074351566bd3a7c508111d6e173ea1e9c7f0820084826288f10ba4482c9bc169f6aa6c7bd91d069561d56be7c2167d17883c To whomever it concerns: I am NOT in any ways affiliated with Azov (or any other #ransomware (https://twitter.com/hashtag/ransomware?src=hash&ref_src=twsrc%5Etfw)). It’s a common practice among cyber criminals to try to frame security researchers. pic.twitter.com/zvlwWvroaD (https://t.co/zvlwWvroaD)— hasherezade (@hasherezade) October 30, 2022 (https://twitter.com/hasherezade/status/1586669961036046337?ref_src=twsrc%5Etfw)