The open sourced Twitter algorithm has been assigned its first CVE: CVE-2023-29218.

tl;dr denial of service via reduction of reputation score

Intel via Ax_Sharma

More information: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29218

Our malware database will be moving into beta soon. It will be free and publicly available. We will also open source it.

It is bare bones, but it will allow you to search for malware samples by hash

We did this on a budget of $0. We rely on your donations to survive.

Thank you

We will also allow individuals to upload their own malware samples discovered.

*vetted researchers, so it is not junk malware

More to come. All thanks to the hard work of guessthepw and DuchyRE

Final note: this is not meant to compete with any vendor. This is to allow individuals, researchers, or the morbidly curious, a way to get malware samples without costing a fortune.

tl;dr free education, free information

Yesterday we tweeted IntelBroker had compromised the United States Citizenship and Immigration Services by discovering a publicly exposed AWS bucket.

Today the USCIS released a public statement regarding the incident.

tl;dr they state it is a vendor provided demo account

Genesis market, the infamous initial access brokerage forum, has been seized by the United States Department of Justice in cooperation with EUROPOL in what was named "Operation Cookie Monster".

Also, this image asserts that the FBI wears hoodies while browsing the internet. Strange.

There is a void in the cyber crime marketplace. It is time vx-underground capitalizes on this.

We plan on launching our own cybercrime forum soon. It will primarily be pictures of cats.

vx-honeypot-raidforums-breached-genesis-underground.org.

The GenesisMarket domain seizure was a coordinated international effort involving 17 countries.

Registration for our malware database beta will go live later today. It is a simple way to search through our malware database.

Verified users can submit malware samples of their own.

https://vxu.fly.dev/

The National Crime Agency of the United Kingdom has released some footage of Genesis Market arrests.

The United States Department of Justice has released documents regarding the Genesis Market domain seizure.

The FBI got a copy of the Genesis Market backend December 9th, 2020. They were able to get usernames, passwords, emails, Jabber accounts, BTC addresses, etc.

You can read the full document here: https://s3.documentcloud.org/documents/23742615/genesis-market.pdf

The Polish CBZC (Central Bureau for Combating Cybercrime) has released some footage of Genesis Market arrests

Karakurt extortion group is back.

Hello.

Our new malware database is not quite ready yet. We very briefly enabled registration for testing and you nerds came flooding in. The registration was enabled for less than 15 minutes....

Are you nerds just sitting there smashing refresh? Geez.

Paper Trail Media, an investigative journalist group based out of München, has released 660 pages of Vulkan file documents.

The Vulkan files are Russian military and intelligence documents - specifically for cyberwarfare.

You can check it out here: https://www.documentcloud.org/app?q=%2Borganization%3Apaper-trail-media-40926

We've updated the vx-underground malware sample collection.

- Bazaar 2023.03
- Virusshare.00465
- 55,679 malware samples
- Named using Kaspersky naming convention

Check it out here: https://samples.vx-underground.org/samples/Blocks/

The ACRO Criminal Records Office of the United Kingdom, which manages criminal record information and the exchange of records with other countries, has been hit by ransomware.

They released a statement regarding the matter online.

Information via BrettCallow