D
decio@infosec.exchange
Posts
-
Camarades de l'IT ayons toutes et toutes une pensée émue pour toutes ces sauvegardes qui - tournent dans le vide. -
Camarades de l'IT ayons toutes et toutes une pensée émue pour toutes ces sauvegardes qui - tournent dans le vide.@ptl perso, j’ai peur de tester mes backups.
Je vis dans le paradoxe du backup de Schrödinger :
tant que je ne les restaure pas, ils sont à la fois valides… et complètement inutilisables.
-
Ah interesting: there is indeed at least one C2 server still up in CH for the Belarusian ResidentBat spyware.Ah interesting: there is indeed at least one C2 server still up in CH for the Belarusian ResidentBat spyware. (https://censys.com/blog/residentbat-belarusian-kgb-android-spyware/)
( Query used:
app.http.headermd5:"78bee3c04822d03e0f8f606120771d83" issuer.commonname:"server" )
A strange coincidence, ...or not a coincidence at all, this IP was previously linked in 2022 to a Russian group/website opposing the war in Ukraine...
-
(actionable not delayed #CTI)(actionable not delayed #CTI)
sharing is caring
[ergo marketing CTI is not intelligence]
️
"Threat intelligence supply chain is full of weak links, researchers find"
..."The paper points out that threat intelligence is a big business, but that the quality of information available is not great because different stakeholders release different data.
They reached that conclusion after creating “benign yet suspicious binaries” and sharing them with 30 security vendors. The binaries included code that allowed the researchers to track how the vendors shared the packages.
That experiment revealed that 67 percent of infosec vendors conduct sandbox analysis of newly discovered malware, but only 17 percent share any threat intelligence they gather with that
️ technique. They also found that many researchers share indicators of compromise, but few share binaries that would let other researchers and defenders develop a better understanding of attacks."️
"Threat intelligence supply chain is full of weak links, researchers find"
https://www.theregister.com/2026/02/25/threat_intelligence_supply_chain_research/
️
"Actively Understanding the Dynamics and Risks of the Threat Intelligence Ecosystem"️
"By analyzing each stage of the propagation chain of submitted TI (submission, extraction, sharing, and disruption), we uncover an ecosystem where dissemination almost always leads to the disruption of threats, but vendors who selectively share the TI they extract limit the ecosystem's utility. Further, we find that attempts to curtail threats are often slowed by `bottleneck' vendors delaying the sharing of TI by hours to days."
https://www.ndss-symposium.org/ndss-paper/actively-understanding-the-dynamics-and-risks-of-the-threat-intelligence-ecosystem/ -
[France] "Accès illégitimes au fichier national des comptes bancaires (FICOBA)"👇 https://presse.economie.gouv.fr/acces-illegitimes-au-fichier-national-des-comptes-bancaires-ficoba/[France] "Accès illégitimes au fichier national des comptes bancaires (FICOBA)"
https://presse.economie.gouv.fr/acces-illegitimes-au-fichier-national-des-comptes-bancaires-ficoba/
validé.