Lucene search
K

13 matches found

HackRead
HackRead
added 2026/04/02 2:7 p.m.5 views

Yurei Ransomware Uses Common Tools, Adds Stranger Things References

Team Cymru details the Yurei ransomware campaign, using standard tools and a few Stranger Things–named payloads to breach and encrypt systems...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/06 10:13 a.m.14 views

INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrime

INTERPOL on Tuesday said it took down more than 22,000 malicious servers linked to various cyber threats as part of a global operation. Dubbed Operation Synergia II, the coordinated effort ran from April 1 to August 31, 2024, targeting phishing, ransomware, and information stealer infrastructure...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2024/05/25 12:30 p.m.63 views

JA4+ - Suite Of Network Fingerprinting Standards

JA4+ is a suite of network Fingerprinting methods that are easy to use and easy to share. These methods are both human and machine readable to facilitate more effective threat-hunting and analysis. The use-cases for these fingerprints include scanning for threat actors, malware detection, session...

7AI score
Exploits0References17
The Hacker News
The Hacker News
added 2023/08/08 2:15 p.m.22 views

QakBot Malware Operators Expand C2 Network with 15 New Servers

The operators associated with the QakBot aka QBot malware have set up 15 new command-and-control C2 servers as of late June 2023. The findings are a continuation of the malware's infrastructure analysis from Team Cymru, and arrive a little over two months after Lumen Black Lotus Labs revealed tha...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/28 1:10 p.m.27 views

IcedID Malware Adapts and Expands Threat with Updated BackConnect Module

The threat actors linked to the malware loader known as IcedID have made updates to the BackConnect BC module that's used for post-compromise activity on hacked systems, new findings from Team Cymru reveal. IcedID, also called BokBot, is a strain of malware similar to Emotet and QakBot that start...

7AI score
Exploits0
Akamai Blog
Akamai Blog
added 2017/08/28 1:5 p.m.62 views

The WireX Botnet: An example of cross-organizational cooperation

Introduction On August 17th, 2017, multiple Content Delivery Networks CDNs and content providers were subject to significant attacks from a botnet dubbed WireX. The botnet is named for an anagram for one of the delimiter strings in its command and control protocol. The WireX botnet comprises...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2014/03/03 4:32 p.m.15 views

DNS SOHO Router Pharming Attack Takes 300,000 Routers

More than 300,000 small office and home office routers, most in Europe and Asia, were compromised in a campaign that started in mid-December, continuing a rash of security incidents involving home and small business networking equipment. Researchers at Team Cymru published a report today on the...

0.6AI score
Exploits0References2
Kitploit
Kitploit
added 2013/09/17 2:6 a.m.33 views

[OS X Auditor] free Mac OS X computer forensics tool

OS X Auditor parses and hashes the following artifacts on the running system or a copy of a system you want to analyze: the kernel extensions the system agents and daemons the third party's agents and daemons the old and deprecated system and third party's startup items the users' agents the user...

6.7AI score
Exploits0References1
OpenVAS
OpenVAS
added 2013/02/28 12:0 a.m.17 views

Nmap NSE 6.01: asn-query

Maps IP addresses to autonomous system AS numbers. The script works by sending DNS TXT queries to a DNS server which in turn queries a third-party service provided by Team Cymru team-cymru.org using an in-addr.arpa style zone set up especially for use by Nmap. The responses to these queries conta...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2011/06/01 12:0 a.m.12 views

Nmap NSE net: asn-query

Maps IP addresses to autonomous system AS numbers. The script works by sending DNS TXT queries to a DNS server which in turn queries a third-party service provided by Team Cymru team-cymru.org using an in-addr.arpa style zone set up especially for use by Nmap. The responses to these queries conta...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2011/01/20 6:35 p.m.9 views

PandaLabs Uncovers the Cyber-Crime Black Market

Inventory is growing and prices are dropping on the cyber crime black market, according to a new report from security firm Panda Labs. Stolen banking credentials, malicious programs and stolen credit cards are all for sale online in what Panda experts say is a flourishing criminal black market...

1.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2009/12/08 2:15 p.m.10 views

The Malware Oscars Part 2

In part two of this three-part series, Team Cymru members discuss more of the most successful and innovative malware attacks of 2009...

3.1AI score
Exploits0
Nmap
Nmap
added 2008/11/06 2:52 a.m.255 views

asn-query NSE Script

Maps IP addresses to autonomous system AS numbers. The script works by sending DNS TXT queries to a DNS server which in turn queries a third-party service provided by Team Cymru using an in-addr.arpa style zone set up especially for use by Nmap. The responses to these queries contain both Origin...

10CVSS9.4AI score0.99448EPSS
Exploits33
Rows per page
Query Builder