all InfoSec news
Network-based IOC s for the current Ivanti attacks, these were collected from a ton of MISP feeds and other threat intelligence platforms. Hope this helps someone out
Feb. 16, 2024, 7:11 p.m. | /u/Proof-Requirement-41
cybersecurity www.reddit.com
domain gpoaccess.com Suspected UTA0178 domain discovered via domain registration patterns
domain webb-institute.com Suspected UTA0178 domain discovered via domain registration patterns
domain symantke.com UTA0178 domain used to collect credentials from compromised devices
domain symantke.com WARPWIRE C2 server
domain miltonhouse.nl WARPWIRE variant C2 server
domain entraide-internationale.fr WARPWIRE variant C2 server
domain clickcom.click WARPWIRE variant C2 server
domain clicko.click WARPWIRE variant C2 server
domain duorhytm.fun WARPWIRE variant C2 server
domain line-api.com WARPWIRE variant C2 server
domain areekaweb.com WARPWIRE variant C2 …
attacks collect compromised credentials current cybersecurity domain hope intelligence ioc ivanti misp network patterns platforms registration threat threat intelligence threat intelligence platforms ton value webb
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Cyber Security Culture – Communication and Content Specialist
@ H&M Group | Stockholm, Sweden
Container Hardening, Sr. (Remote | Top Secret)
@ Rackner | San Antonio, TX
GRC and Information Security Analyst
@ Intertek | United States
Information Security Officer
@ Sopra Steria | Bristol, United Kingdom
Casual Area Security Officer South Down Area
@ TSS | County Down, United Kingdom