Discover and read the best of Twitter Threads about #C2

Most recents (4)

Der Angriff auf #Kerch-Brücke dürfte in die Kriegsgeschichte eingehen: Zeitpunkt (1), Nachrichtenlage (2), technische Ausführung (3) und die unmittelbare Verbreitung von Bildmaterial (4) bedingen eine präzise Planung auf der Basis der totalen Informationsüberlegenheit. (1/5)
1. Zeitpunkt: Der Angriff erfolgt symbolisch am Geburtstag von #Putin - kommt aber auch #operativ zur rechten Zeit. Der direkte Versorgungswege aus #Russland Richtung #Kherson-Front ist unterbrochen. Die Ausweichrouten liegen in Artillerie-Reichweite der #Ukraine. (2/5)
2. Nachrichtenlage: Der Zug mit #Treibstoff muss lange vor dem Eintreffen auf der Brücke erkannt und verfolgt werden. Dies ist nur mit einer überlegenen #Sensorik und #Führung (#C2) möglich. (3/5)
Read 5 tweets
#apt37 #goldbackdoor #loader active #C2
- SHA256: bd4ef6fae7f29def8e5894bf05057653248f009422de85c1e425d04a0b2df258
- C2: hxxps://dallynk.com/wp-sup3
- Encoded Child SHA256: a81b38cda1ad1a1ed2cfc9647e678831fe77500da8ce095667ca5a7d93f8e732
- Child Endpoints (possibly google api key): hxxps://dallynk.com/4332.hwp, hxxp://asplinc.com/xe/modules/page/queries/query_read.dsql, hxxp://www.bsef.or.kr/board/upfile/bbsB/166737125620120323174332.hwp
- Endpoints appear to be compromised.
- All 3 endpoints download same SHA256: 5b1536c4ca22bc202543afea51279c78fa6033b393e86f2b97750ddfd4d8b263
- Decoded Child contains embedded 3 encoded (simple xor) modules, #shellcode loader/#infostealer/#keylogger
Read 3 tweets
#Sidewinder #APT

It seems that #Indian APTs have been raging war on #Pakistan with the same payloads over and over again. Meanwhile, Pakistani #Government and #Military is either helpless or over occupied. Following is another new sample that goes ages back.
A variant of this sample has attributed to #Sidewinder #APT by Govt. of Pak. The #malware is deployed using the shared image in a #phishing email using a similar methodology to that of Image
DOCX MD5: 2a6249bc69463921ada1e960e3eea589 Mech 8 ZIRC0N-TSIRK0N.doc
#Exploit: hashcheck[.]xyz/PY8997/yrql/plqs
RTF MD5: 7c11d5125c3fb167cca82ff8b539e3c7 plqs
#C2: sportfunk[.]xyz/topaz/foti
CVE-2017-11882 Image
Read 12 tweets
The Caribbean is where all the beautiful people go in the winter, and their yachts predictably show up near their business associates and friends (other Billionaires).

You'll notice they don't hide, they have their transponders on 24x7, AIS-T and AIS-S.

The start of a recap:
🇧🇲 Bermuda-flagged 113m (~370') yacht Le Grand Bleu (IMO:1006829|MMSI:310380000|CS:ZCDF7) owned by Eugene Shvidler

#EugeneShvidler #LeGrandBleu #AIS
marinetraffic.com/en/ais/details…
🇧🇲 Bermuda-flagged 163m (~530') yacht Eclipse (IMO:1009613|MMSI:310593000|CS:ZCDX4) owned by Roman Abramovich

#RomanAbramovich #Eclipse #AIS
marinetraffic.com/en/ais/details…
Read 17 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!