Discover and read the best of Twitter Threads about #FightAgainstCybercrime

Most recents (2)

Hello @Uber! We know breaches suck. Wanted to reach out and support with some interesting information on the #uberhack. If you need any more details, feel free to contact us.

#FightAgainstCybercrime
On September 16, vx-underground posted screenshots with evidence of access to #Uber internal systems, including #SentinelOne, #Slack and #AWS. The screenshots have been attributed to the threat actor teapots2022. Image
During Group-IB’s analysis of the screenshots, interesting artifacts have been found in the recently downloaded files tray. First 2 files are zip archives and have the same format: "LOGID-\d{7} with names LOGID-4952307" and "LOGID-4953756". Image
Read 9 tweets
About a week ago, @TalosSecurity team shared some insights related to a recent cyber attack on @Cisco. According to Indicators of compromise, mentioned in this article (bit.ly/3K76lFJ), we have known this group of attackers since the beginning of 2022.
Group-IB's researchers has discovered their TTPs in a series of attacks using #CobaltStrike, #Sliver and #Covenant tools. Our internal name of this group is #TridentCrow.
One of the domains that was published by @Cisco (ciscovpn2[.]com) has a self-signed SSL certificate with unique values. According to Group-IB Threat Intelligence database, out of more than 2 billion certificates, only 39 have similar values and mimic well-known IT companies. Image
Read 14 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!