CIRCLE WITH A DOT

ThreatIntelChecker: a cross-platform Python and PowerShell tool that checks IPs, domains, URLs, and SHA256 hashes across VirusTotal, AbuseIPDB, Shodan InternetDB, GreyNoise, CIRCL hashlookup, URLScan, and OS-level DNS and WHOIS enrichment.The output is Splunk-compatible key=value pairs, one event per line, piped directly to stdout. Designed for SOC triage, IR enrichment, and SOAR playbook integration. No paid APIs required.https://github.com/eddietorial/ThreatIntelChecker#SOC #ThreatIntelligence #BlueTeam #SIEM #Splunk #Python #PowerShell #CyberSecurity

ThreatIntelChecker: a cross-platform Python and PowerShell tool that checks IPs, domains, URLs, and SHA256 hashes across VirusTotal, AbuseIPDB, Shodan InternetDB, GreyNoise, CIRCL hashlookup, URLScan, and OS-level DNS and WHOIS enrichment.The output is Splunk-compatible key=value pairs, one event per line, piped directly to stdout. Designed for SOC triage, IR enrichment, and SOAR playbook integration. No paid APIs required.github.com/eddietorial/ThreatIntelChecker#SOC #ThreatIntelligence #BlueTeam #SIEM #Splunk #Python #PowerShell #CyberSecurity

New ransom group blog posts!Group name: akiraPost title: Alva ManufacturingInfo: https://cti.fyi/groups/akira.htmlGroup name: qilinPost title: Heartland Steel ProductsInfo: https://cti.fyi/groups/qilin.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: qilinPost title: Roman Catholic Archdiocese of St JohnInfo: https://cti.fyi/groups/qilin.html#ransomware #cti #threatintelligence #cybersecurity #infosec

Today we're talking about another (???) issue in the Cursor AI IDE. Well actually it's two issues, one of which is simple command injection; the other is takeover via Dev tunnels. Don't know what dev tunnels are? Come find out—then block them with extreme prejudice.https://discourse.ifin.network/t/cursors-remote-tunnel-capability-is-vulnerable-to-malicious-prompt-injection/295#IFIN #ThreatIntel #ThreatIntelligence

DFIR Report – The Gentlemen & SystemBC: A Sneak Peek Behind the Proxyhttps://research.checkpoint.com/2026/dfir-report-the-gentlemen/Read on HackerWorkspace: https://hackerworkspace.com/article/dfir-report-the-gentlemen-systembc-a-sneak-peek-behind-the-proxy#cybersecurity #incidentresponse #threatintelligence

New ransom group blog posts!Group name: akiraPost title: Integra ArchitectureInfo: https://cti.fyi/groups/akira.htmlGroup name: krybitPost title: imbriefamilylaw.comInfo: https://cti.fyi/groups/krybit.html#ransomware #cti #threatintelligence #cybersecurity #infosec

Inside the Tech: New Talk Added to BSides Luxembourg𝗠𝗔𝗦𝗧𝗘𝗥𝗜𝗡𝗚 𝗜𝗡𝗖𝗜𝗗𝗘𝗡𝗧 𝗥𝗘𝗦𝗣𝗢𝗡𝗦𝗘 𝗪𝗜𝗧𝗛 𝗞𝗔𝗡𝗩𝗔𝗦 – Ardit BeuBring clarity to chaos in this hands-on 40-minute talk focused on modern incident response workflows. Discover how Kanvas transforms scattered investigations into structured, visual timelines—replacing messy spreadsheets with a unified, collaborative workspace.From case management and attack chain mapping to threat intelligence lookups and reporting, this session showcases how open-source tooling can streamline IR, improve team collaboration, and accelerate investigations. Whether you're mapping MITRE ATT&CK or leveraging LLM-assisted workflows, this is a practical deep dive into making incident response faster and smarter.Ardit Beu is an Information Security Specialist at ESET with expertise in incident response, threat hunting, and security monitoring. His work focuses on improving real-world investigation workflows and empowering teams with practical, effective tooling. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026 #BSidesLuxembourg2026 #IncidentResponse #ThreatIntelligence #DFIR #CyberSecurity #OpenSource

New ransom group blog post!Group name: krybitPost title: rhode-hv.deInfo: https://cti.fyi/groups/krybit.html#ransomware #cti #threatintelligence #cybersecurity #infosec

We've been tracking #Iran cyber activity since the beginning of March, consolidating high-value intelligence into a single thread. One of the most comprehensive resources on the topic, if we do say so ourselves. https://discourse.ifin.network/t/iran-conflict-cyber-threat-activity/145/#ThreatIntel #ThreatIntelligence #IFIN

Inside the Tech: New Talk Added to BSides Luxembourg 𝗧𝗛𝗘 𝗙𝗢𝗥𝗚𝗢𝗧𝗧𝗘𝗡 𝗙𝗜𝗡𝗚𝗘𝗥𝗣𝗥𝗜𝗡𝗧: 𝗗𝗡𝗦 𝗕𝗔𝗦𝗘𝗗 𝗢𝗦𝗜𝗡𝗧 𝗧𝗘𝗖𝗛𝗡𝗜𝗤𝗨𝗘𝗦 𝗙𝗢𝗥 𝗣𝗥𝗢𝗗𝗨𝗖𝗧 & 𝗦𝗘𝗥𝗩𝗜𝗖𝗘 𝗗𝗜𝗦𝗖𝗢𝗩𝗘𝗥𝗬 – Rishi ( @rxerium ) Reveal hidden infrastructure in a Talk (40 min) using DNS TXT records to map technologies, dependencies, and external services at scale.DNS is often treated as infrastructure plumbing, but TXT records quietly expose far more than most defenders realize. This session introduces a DNS-based OSINT methodology that leverages large-scale TXT record analysis to uncover embedded service dependencies such as cloud platforms, SaaS integrations, and identity providers.By programmatically scanning DNS zones and integrating the technique into tools like Nuclei and OWASP Amass, this approach enables security teams to build detailed maps of organizational technology stacks and attack surfaces. A real-world case study from the Salesloft breach demonstrates how these signals translate into actionable intelligence for both offensive and defensive use cases.Rishi ( @rxerium ) is a London-based security researcher focused on vulnerability research, threat intelligence, and OSINT-driven attack surface discovery. He contributes to open-source security tooling, supports the UK OSINT community, and focuses on building scalable reconnaissance and detection methodologies. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/ View full schedule & build your agenda: https://hackertracker.app/schedule?conf=BSIDESLUX2026 #BSidesLuxembourg2026 #OSINT #DNS #AttackSurface #ThreatIntelligence #CyberSecurity

New ransom group blog posts!Group name: linkcPost title: Network Technology Services of New JerseyInfo: https://cti.fyi/groups/linkc.htmlGroup name: linkcPost title: StrongLinkInfo: https://cti.fyi/groups/linkc.htmlGroup name: linkcPost title: Sajet ProductsInfo: https://cti.fyi/groups/linkc.htmlGroup name: gunraPost title: KUKJE PHARM CO.,LTDInfo: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: bkksky.comInfo: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: triotech.com.sgInfo: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: ASPShipsInfo: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: DiamondInfo: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: VINTAGE HOMESTEAD GmbHyInfo: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: Envy RecyclingInfo: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: Ventilaciones Nerual, S.L.Info: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: Eric Davis DentalInfo: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: INCARFE S.L.Info: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: NeoDermInfo: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: Ipiranga ContábilInfo: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: Grupo PyDInfo: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: Thai Petroleum & Trading Co., Ltd.Info: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: El Ezh Building Contracting LLCInfo: https://cti.fyi/groups/gunra.htmlGroup name: gunraPost title: Frontier Financial GroupInfo: https://cti.fyi/groups/gunra.htmlGroup name: SilentRansomGroupPost title: Fagen Friedman & Fulfrost LLPInfo: https://cti.fyi/groups/SilentRansomGroup.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: crypto24Post title: Qatar Biomedical Research Institute (QBRI)Info: https://cti.fyi/groups/crypto24.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: safepayPost title: bbalawgroup.comInfo: https://cti.fyi/groups/safepay.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: safepayPost title: cheeky.com.arInfo: https://cti.fyi/groups/safepay.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: safepayPost title: firstcambodia.com.khInfo: https://cti.fyi/groups/safepay.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: safepayPost title: abfall-kreis-kassel.deInfo: https://cti.fyi/groups/safepay.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: safepayPost title: genealogysa.org.auInfo: https://cti.fyi/groups/safepay.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: safepayPost title: lynxprecast.co.ukInfo: https://cti.fyi/groups/safepay.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: safepayPost title: favellefavco.comInfo: https://cti.fyi/groups/safepay.html#ransomware #cti #threatintelligence #cybersecurity #infosec