اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
Source Byte
رفتن به کانال در Telegram
هشیار کسی باید کز عشق بپرهیزد وین طبع که من دارم با عقل نیامیزد Saadi Shirazi 187
نمایش بیشتر7 843
مشترکین
اطلاعاتی وجود ندارد24 ساعت
+367 روز
+18430 روز
آرشیو پست ها
7 844
We should not be happy by every r ocket we fire
and we should not be sad by every r ocket hit us
Iran fight 8 years in this period Iran done around 25 large operations but only 30-40 % of them succeeded , at the end we won because saddam did not take our lands
This gonna be long war .... stay ahead and be patient
7 844
may be useful
might be related to bank melli current breach 🤷🏻♂️
Fact or lie? A superficial review of the latest attack on the National Bank server
( mail[.]sadad[.]co[.]ir , mail[.]bmi[.]ir , mail[.]mail2[.]bmi[.]ir )
https://web.archive.org/web/20221103094525/https://aptiran.github.io/CENTER/
7 844
Repost from ARVIN
And now the developer identity is revealed.
https://by.linkedin.com/in/hady-asmar-414489136
7 844
Repost from ARVIN
i found this stealer developer
This individual executed the stealer on their own device for testing purposes. Here, we are sharing the logs from the developer system.
7 844
ArvinClub has been active for a while
https://t.me/arvinclub3
They done cool things
Such as finding BlackReward onion website IP
DDOS on mojahedin khalq
And also not cool things like ransom companies 👀
7 844
you were right
i can't believe this
same scenario as snappfood !!!!!!!
again stealc WTF !!!!!!!!!!!
7 844
Nobitex Breach: Infostealers Expose Critical Employee Credentials in Latest Crypto Exchange Hack
https://www.infostealers.com/article/nobitex-breach-infostealers-expose-critical-employee-credentials-in-latest-crypto-exchange-hack/
7 844
According to Israeli sources (who obtained a copy of the AFTA report on the recent Sepah Bank attack by Indra):
[00] The attacker gained access through an old Windows Server 2003 machine used for email services. This server was running MDaemon.
Note: The source stated that the specific mail server was server[.]ictops[.]ir, but we found no public records of this domain. It is likely a local/internal domain used by the bank, which reduces the likelihood that this server was the initial entry point in this attack.
[01] The attacker moved Lateral to other servers (no evidence on how this was done).
[02] They reached the targeted server and deployed their C2 (NjRat) via a PowerShell script.
Note : The C2 server was hosted in Canada.
that's all we know :(
i created a chart for better understanding
wish it helps
PDF version :
7 844
Untill now We shared :
[ 00 ] Attack Against Iran’s State Broadcaster (done by Ghyam Sarnegouni TA )
[ 01 ] Indra (گنجشگ درنده) samples related to attacks on Iran Railway Company & some Companies on syria ( related to I.R.G.C )
find them on Samples Topic on Group
Plz share us your IoCs related to current attacks against Iran it will help everyone prepping for Threat Actors as currently we don't have any global CTI
7 844
1FuckiRGCTerroristsNoBiTEXXXaAovLX
DFuckiRGCTerrroristsNoBiTEXXXWLW65t
TKFuckiRGCTerroristsNoBiTEXy2r7mNX
