Subtle Snail (UNC1549, TA455), an Iran-nexus espionage group linked to the Eclipsed Wasp (Charming Kitten) network, has been active since at least November 2022 - IoCs
digicat @ digicat @infosec.pub Posts 282Comments 15Joined 2 yr. ago
digicat @ digicat @infosec.pub
Posts
282
Comments
15
Joined
2 yr. ago
Linux-persistence: A no-reboot, in-memory Linux persistence PoC leveraging namespace joining, user-namespace elevation, and self‑deletion.
SCENE 1: SoupDealer - Technical Analysis of a Stealth Java Loader Used in Phishing Campaigns Targeting Türkiye
クルド人グループによる日本の組織を狙ったサイバー攻撃 - Cyber attacks by Kurdish groups targeting Japanese organizations
Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Hybrid Exchange Deployments
BamboozlEDR: A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.
Hidden Black Hands: How $1.46 Billion Disappeared in Silence - "This incident demonstrates the exceptionally targeted nature of Lazarus's attacks"
turnt: A tool designed for smuggling interactive command and control traffic through legitimate TURN servers hosted by reputable providers such as Zoom.
From The Depths of the Shadows IRGC and Hacker Collectives Of The 12-Day War
Cyber Assessment Framework v4.0 released in response to growing threat - UK
yaraast: A powerful Python library and CLI tool for parsing, analyzing, and manipulating YARA rules through Abstract Syntax Tree (AST) representation
GRITREP: Observed Malicious Driver Use Associated with Akira SonicWall Campaign
Related https://www.jpcert.or.jp/english/at/2025/at250016.html