The new wave of attacks on Iranian organizations: the release of infected files through the mirror links of the Soft98 website
https://news.amnpardaz.com/1404/10/17868/%da%a9%d9%85%d9%be%db%8c%d9%86-%d8%ac%d8%af%db%8c%d8%af-%d8%a8%d8%af%d8%a7%d9%81%d8%b2%d8%a7%d8%b1%db%8c-%d8%a7%d8%b3%d8%aa%d9%81%d8%a7%d8%af%d9%87-%d8%a7%d8%b2-soft98-%d8%a8%d9%87%d8%b9/
😁7
Forwarded from RME-DisCo @ UNIZAR [www.reversea.me]
Reverse-engineering the Yamaha DX7 synthesizer's sound chip from die photos http://www.righto.com/2021/11/reverse-engineering-yamaha-dx7.html?m=1
Righto
Reverse-engineering the Yamaha DX7 synthesizer's sound chip from die photos
The Yamaha DX7 digital synthesizer was released in 1983 and became "one of the most important advances in the history of modern popular mu...
👍3
Forwarded from APT IRAN
طبق بررسیهایی که انجام دادیم، از دیروز چندین آیپی از کشور امارات متحده عربی شروع به یک حمله سایبری سازمانیافته علیه سیستم ردیابی پیشرفتهای به نام MammutConnect کردند. این سیستم در واقع یک پلتفرم پیشرفته برای ردیابی و مدیریت ناوگان حملونقل سنگین و... در سطح کشور است که روی خودروهای سنگین مثل کامیونها و اتوبوسها نصب شده.
مهاجمین به سرورهای مرکزی این سیستم که روی سرویس ابری ایرانی "ابرآروان" قرار دارد، نفوذ کردند و اقدام به پاکسازی کامل اطلاعات (Data Wiping) کردند. این اطلاعات شامل موقعیتهای لحظهای خودروها، دادههای فنی موتور، مصرف سوخت، رفتار رانندگان و سایر اطلاعات حیاتی بود
مهاجمین به سرورهای مرکزی این سیستم که روی سرویس ابری ایرانی "ابرآروان" قرار دارد، نفوذ کردند و اقدام به پاکسازی کامل اطلاعات (Data Wiping) کردند. این اطلاعات شامل موقعیتهای لحظهای خودروها، دادههای فنی موتور، مصرف سوخت، رفتار رانندگان و سایر اطلاعات حیاتی بود
❤1
APT IRAN
Photo
Attribution base on IP address is bad idea
Here is cool report about UAE APT , "Stealth Falcon".
https://research.checkpoint.com/2025/stealth-falcon-zero-day/
Here is cool report about UAE APT , "Stealth Falcon".
https://research.checkpoint.com/2025/stealth-falcon-zero-day/
❤4
a little "toolbox" of a Chinese red-team/pen-tester
https://netaskari.substack.com/p/whats-in-the-box
https://netaskari.substack.com/p/whats-in-the-box
👾4👍2❤1
#Venezuela
any professional security guy from Venezuela?
i'm looking for any technical details about following cyber incidents.
1- BGP Anomalies
2- Petróleos de Venezuela (PDVSA)
plz send a direct message i'm open to cooperate and TI sharing.
any professional security guy from Venezuela?
i'm looking for any technical details about following cyber incidents.
2- Petróleos de Venezuela (PDVSA)
plz send a direct message i'm open to cooperate and TI sharing.
❤4🔥1😁1🤯1
Denmark’s Military Intelligence (FE) warned officials to stop using Bluetooth headphones on duty due to eavesdropping risks, advising them to completely power off devices. This appears to be related to recent vulnerabilities in BT pairing.
https://whisperpair.eu/
https://whisperpair.eu/
😁5❤1👍1
Forwarded from Freedom Fox 🏴☠
Please open Telegram to view this post
VIEW IN TELEGRAM
👍2
Starlink Star-Earth Asset Collection and Detection Framework Seestar and Starlink Star-Earth Intelligence Data Collection
https://mp.weixin.qq.com/s?__biz=MzkwNjM4NTg4OQ==&mid=2247495727&idx=1&sn=30b9ff98d3f76c09882ff922aa2b5f57
https://mp.weixin.qq.com/s?__biz=MzkwNjM4NTg4OQ==&mid=2247495727&idx=1&sn=30b9ff98d3f76c09882ff922aa2b5f57
👍3
Source Byte
Starlink Star-Earth Asset Collection and Detection Framework Seestar and Starlink Star-Earth Intelligence Data Collection https://mp.weixin.qq.com/s?__biz=MzkwNjM4NTg4OQ==&mid=2247495727&idx=1&sn=30b9ff98d3f76c09882ff922aa2b5f57
This media is not supported in your browser
VIEW IN TELEGRAM
Virus disguised Sogou input method, malicious noscript embedded in formal signature
https://zhuanlan.zhihu.com/p/1949553669189116360
https://zhuanlan.zhihu.com/p/1949553669189116360
👍3
Forwarded from Malware, Cats and Cryptography
GRAPH_RU-APT-ChainReaver-L_Report_EN.pdf
36.9 MB
The CTI team at Graph Inc. has successfully identified and tracked a large-scale campaign leveraging a supply chain attack, which spreads globally through the compromise of mirror websites and the poisoning of trusted Git repositories, backed by a large and well-structured infrastructure, multiple malware families, and advanced infostealer techniques.
The campaign represents a new level of operational maturity, combining:
- Compromised legitimate websites & GitHub repositories
- Cross-platform malware delivery at scale
- Credential, document, browser data, and access-token theft
- Evasion techniques designed to bypass traditional security controls
#apt #iran #hacking #malware #github #threathunting #threatintel
The campaign represents a new level of operational maturity, combining:
- Compromised legitimate websites & GitHub repositories
- Cross-platform malware delivery at scale
- Credential, document, browser data, and access-token theft
- Evasion techniques designed to bypass traditional security controls
#apt #iran #hacking #malware #github #threathunting #threatintel
❤7👍5👎3🔥1
The Central Bank of Iran has acquired US dollar stablecoins worth at least half a billion dollars
https://www.elliptic.co/blog/iran-has-acquired-us-dollar-stablecoins-worth-at-least-half-a-billion-dollars
https://www.elliptic.co/blog/iran-has-acquired-us-dollar-stablecoins-worth-at-least-half-a-billion-dollars
🤔3
Coinicap
هشدار: هر روز بیشتر از قبل به رقم 1میلیارد دلار مسدودی نزدیک میشیم ولی صدایی از هیچ نهاد، انجمن یا رسانه ای در نمیاد. جبران این حجم از مسدود سازی به هیچ عنوان برای بخش خصوصی قابل تصور هم نیست.
according to Coincap around 1 billion dollars being blocked by tether company !
following addresses are leaked and publicly available,this wallet addresses are related to Iran Central bank , even with small trace you can reach final node of this money flow which leads to Iran local crypto exchanges ! it's so scary Iran Gov still relay on Emirati companies to bypass sanctions, aren't they an ally to Israel ?
source : link
following addresses are leaked and publicly available,this wallet addresses are related to Iran Central bank , even with small trace you can reach final node of this money flow which leads to Iran local crypto exchanges ! it's so scary Iran Gov still relay on Emirati companies to bypass sanctions, aren't they an ally to Israel ?
TBaxHwoXQjAmiNZgRKECoA3b6fsrtmoZvB
THwJSxR9qREsgEQjX1cpRw4Rw9WbmPSHVh
source : link
👍3