Search
Home
Request an Invite
Thank You
Home
Request an Invite
Thank You
Search
Home
Request an Invite
Thank You
Back to Home
Research
C2
Malware
Chinese Malware Delivery Domains Part II: Data Collection
This report dives deeper into activity relating to the previously reported cluster of Chinese Malware Delivery domains. Spoofed...
Account Trafficking
Disinformation
Fraud
Account Trafficking Websites in December 2024
This report examines the illicit online trade of aged and verified accounts for platforms like social media, email, and Google...
C2
Malware
Chinese Malware Delivery Websites
Malicious Browsers, Messengers, VPNs, and More… Hundreds of newly registered domains are actively targeting Chinese-speaking...
CTI Grapevine Becomes DomainTools Investigations
Hello CTI Grapevine Superfriends! You may have noticed some subtle changes to our website: As of today, CTI Grapevine became part...
Phishing
Cyberhaven Breach Likely Part of a Long-Term Criminal Campaign
Overview On 27 December 2024, the technology company Cyberhaven reported that an unnamed actor replaced its Google Chrome...
Domain Hijacking
Malware
Phishing
Spam
Subdomain Takeover
Industrial Spam Network
Overview Domain hijacking attacks like subdomain takeover and SPF hijacking take advantage of vulnerable or stale configurations...
C2
Cloudflare
CloudPhish
Cyber Espionage
BlackBerry, SloppyLemming, and Guess Who...Cloudflare
On 18 November 2024, BlackBerry’s threat research team reported on a cyber espionage campaign targeting the Pakistan Navy....
APT42
Charming Kitten
Mint Sandstorm
Phishing
Fake Job Boards
Fake government job boards attempt to trick job seekers into providing personal information that may be used for fraud, phishing,...
APT42
Charming Kitten
Credentials
Iran
Mint Sandstorm
Phishing
TA453
Hunting Phishers
Ever think about the duality of fishing and hunting? Folks may argue fishing is a more passive endeavor. One sets a lure...
China
Credentials
Phishing
South Asia
Credential Phishing Pages Mimicking Legitimate Webmail Login Portals
Since 1 August 2024, a likely India-nexus targeted intrusion actor has targeted entities in China and South Asia using credential...
