Discover and read the best of Twitter Threads about #lockbit
Most recents (8)
Vous vous souvenez de la #cyberattaque contre @OnCloud_BTEnt, au mois de mars ? Elle vient d'être revendiquée. Une revendication qui en dit long sur les attaquants.🧵
#ransomware #OSINT
lemagit.fr/actualites/365…
#ransomware #OSINT
lemagit.fr/actualites/365…
@OnCloud_BTEnt La revendication est tombée chez #ViceSociety. Mais elle ne mentionne pas @OnCloud_BTEnt ! C'est #Nerim qui est nommé. Cela n'a rien d'un hasard... 
@OnCloud_BTEnt est né au printemps 2021 du rapprochement de la branche télécommunications de #Nerim avec #Keyyo 💡
🚨 NEW REPORT ALERT
FIN7 UNVEILED: A deep dive into notorious cybercrime gang
The big day is finally here! 🎊After months of tireless research and analyses, we can present you with the most insightful information: an extensive report on the notorious #cybercrime gang #FIN7.
FIN7 UNVEILED: A deep dive into notorious cybercrime gang
The big day is finally here! 🎊After months of tireless research and analyses, we can present you with the most insightful information: an extensive report on the notorious #cybercrime gang #FIN7.
Thanks to the PTI team, we obtained never-seen-before information about FIN7’s inner workings. We got a deeper understanding of their organizational structures, identities, attack vectors, and proof-supported affiliations with other ransomware groups, among others.
The most enticing remarks of the report are:
🔹 Unveiling FIN7’s development of an auto attack system to exploit the most profitable targets based on their revenue, employee count, headquarters’ location, and website information
Read more👇
🔹 Unveiling FIN7’s development of an auto attack system to exploit the most profitable targets based on their revenue, employee count, headquarters’ location, and website information
Read more👇
The leak of a builder for #LockBitBlack might have given us an intriguing hint. Take a look at the screenshot for the default config file. See the password 123QWEqwe? Keep it in mind for now. 🧵
For most of the leaks of data stolen by #LockBit affiliates, we have a name. Like in this screenshot. In this case, it’s most likely the default name for Windows VPS machines at some hosting providers. @SHODAN data suggests that.
@SHODAN Now, where does that machine name come from? It’s set by #StealBit, the homemade exfiltration tool of #LockBit. @cybereason dug into it. cybereason.com/blog/research/…
Cet article nous apprend que l'enquête a été confiée à @CyberGEND. C'est un indice, en soit, sur le #ransomware impliqué dans l'attaque, même s'il n'est pas mentionné.
@CyberGEND Car voyez-vous, selon le #ransomware, l'enquête est traitée soit côté Gendarmerie, soit côté Police. actu-juridique.fr/app/uploads/20…
@CyberGEND Les articles de presse donnent des indices. Par exemple, celui-ci suggère que les cas #Hive sont traités côté Police. actu.fr/occitanie/toul…
Vous avez raté l'actu du week-end ? Les sites miroirs de #LockBit 3.0 font l'objet d'une attaque #DDoS depuis quelques jours ⬇️
La raison ? La divulgation des données volées lors de la #cyberattaque conduite contre #Entrust, assure l'opérateur de la franchise #LockBit, logs de requêtes à l'appui ! 😲
Faudrait-il y voir une forme de #HackBack ?
Faudrait-il y voir une forme de #HackBack ?
Qu'a donc divulgué #LockBit, vendredi soir ? Des fichiers attribués à @Entrust_Corp, par l'attaquant, assortis d'un nombre, inégalé à ce jour, de 30 captures d'illustration, portant notamment sur ce qui ressemble à des données commerciales. Mais pas que...
#LockBit uploaded their statement:
"Many people ask us, will our international community of post-paid pentesters, threaten the west on critical infrastructure in response to cyber aggression against Russia?" ...🧵
"Many people ask us, will our international community of post-paid pentesters, threaten the west on critical infrastructure in response to cyber aggression against Russia?" ...🧵
"Our community consists of many nationalities of the world, most of our pentesters are from the CIS including Russians and Ukrainians, but we also have Americans, Englishmen, Chinese, French, Arabs, Jews, and many others in our team."
"Our programmers developers live permanently around the world in China, the United States, Canada, Russia and Switzerland. Our servers are located in the Netherlands and the Seychelles, we are all simple and peaceful people, we are all Earthlings."
A major civil war going on the Russian cyber-criminal underground between the #Lockbit #Blackmatter #ransomware groups and other threat actors! @TalosSecurity
After alleging for a long time that Kajit, the former owner of RAMP is a cop, LockBittSupp posted a massive bombshell t0 XSS(DaMaGe LaB) Russian hacking forum
LockBitSupp (#lockbit #ransomware) just shared proof of conversations between vx-underground and Kajit proving that Kajit was the one who leaked the BlackMatter admin panel. What is interesting is that the admin panel was shared with wazawaka/boriselicin
1/
𝗨𝗣𝗗𝗔𝗧𝗘 @Accenture @Accentureitalia
7° giorno D. ADC
Se avete seguito la vicenda, conoscerete la storia dello scoop mondiale a firma @arturodicorinto per #ItalianTech (@GEDIspa)
Sintesi in due screenshot:
𝗨𝗣𝗗𝗔𝗧𝗘 @Accenture @Accentureitalia
7° giorno D. ADC
Se avete seguito la vicenda, conoscerete la storia dello scoop mondiale a firma @arturodicorinto per #ItalianTech (@GEDIspa)
Sintesi in due screenshot:
2/
Negli ultimi 3 giorni ho chiesto, prima ad @arturodicorinto e successivamente a @RiccardoLuna di spiegare CHI e DOVE avrebbe pubblicato 63 TB di dati di #Accenture, perché la notizia non trova riscontro su nessun altro organo d'informazione del pianeta
Negli ultimi 3 giorni ho chiesto, prima ad @arturodicorinto e successivamente a @RiccardoLuna di spiegare CHI e DOVE avrebbe pubblicato 63 TB di dati di #Accenture, perché la notizia non trova riscontro su nessun altro organo d'informazione del pianeta
3/
Ieri, sia @RiccardoLuna (Direttore Responsabile di #ItalianTech) che @arturodicorinto (firmatario dello scoop mondiale) annunciavano "un comunicato da parte dell'Azienda" (devo presumere @Accenture).
Comunicato di cui non c'è traccia (saranno in ferie).
Ieri, sia @RiccardoLuna (Direttore Responsabile di #ItalianTech) che @arturodicorinto (firmatario dello scoop mondiale) annunciavano "un comunicato da parte dell'Azienda" (devo presumere @Accenture).
Comunicato di cui non c'è traccia (saranno in ferie).
