Josh
@xorJosh
Followers
1K
Following
1K
Statuses
267
RT @EncapsulateJ: Fake Zoom updates lead to rouge RMM installation and hands on threat actor activity
0
5
0
RT @CyberRaiju: I frequently get asked is "what skills do I need need to excel as an analyst", so I figure this is a good opportunity to sh…
0
19
0
RT @0xffaraday: @HuntressLabs SOC is seeing a newly suspected KoiLoader/KoiStealer attack chain. Details below:
0
4
0
RT @HuntressLabs: ⚠️ Remote Support Software “SimpleHelp” is vulnerable to multiple CVEs that can be leveraged for full compromise. ⚠️ Pat…
0
7
0
RT @0xffaraday: @HuntressLabs SOC is seeing further malicious activity from SimpleHelp RMM. Please update your SimpleHelp instance to its l…
0
2
0
RT @CyberRaiju: This is really big at the moment and you should absolutely be looking at your M365 logs to identify this activity. https:/…
0
94
0
RT @Limitlezz_Dream: We observed an interesting case via the process insights detections. These happen to be one of my favorite things to r…
0
5
0
@birchb0y has an really amazing blog on similar activity he previously looked into:
⚠️ Developers, please be careful when installing Homebrew. Google is serving sponsored links to a Homebrew site clone that has a cURL command to malware. The URL for this site is one letter different than the official site.
1
7
26
hxxps://rosecloud-security[.]com/1-93248234/index.html?user_id= hxxps://cdn-general[.]cyou/o.txt hxxps://cdn-general[.]cyou/1-723628312/hope4583945834-16-1-25.zip hxxps://cdn-general[.]cyou/2-912381232/sendNotification.php
0
0
3
RT @CyberRaiju: 👀 A threat actor has cloned the California Freights website, modified it, is gathering information, and trying to make it f…
0
7
0
RT @nosecurething: New @huntress blog where @birchb0y @Laughing_Mantis and I tell the story of 🕵️and 🤜 ➡️🗑️ some cyber espionage activity i…
0
6
0
RT @birchb0y: reminder to say happy new years to the russian espionage groups in ur network 🥰🇷🇺 @nosecurething (🐐), @Laughing_Mantis (🐐),…
0
38
0
RT @patrickwardle: Interested in all the new macOS malware of 2024!? 🍎🐛 I've started my annual "The Mac Malware of <Insert Year>" report.…
0
95
0
RT @pe4Chscreeching: 🔍 Recent IoC from a BianLian Investigation @HuntressLabs Scheduled task, 'SystemsUpdate', had been created containing…
0
9
0