Glider's Avatar

Glider

@0xglid3r

All things malware

38
Followers 98
Following 29
Posts 10.11.2023
Joined
Posts Following

Latest posts by Glider @0xglid3r

Are you looking at a non GDPR complaint ASN for the first time

19.10.2025 05:20 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Post image

Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks #cybersecurity #infosec #privacy #news thehackernews.com/20...

19.03.2024 15:12 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0


#LockBit ransomware secretly building next-gen encryptor before takedown
#PotatoSecurity #Ransomware
www.bleepingcomputer.com/news/securit...

23.02.2024 00:10 πŸ‘ 1 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0

Slowly, steadily!

13.02.2024 08:20 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
A Threat Actor operating under the name "Poopingman" has compromised "JoinTheRealWorld" also known as "Hustler's University". It is a website owned by Andrew Tate.

A Threat Actor operating under the name "Poopingman" has compromised "JoinTheRealWorld" also known as "Hustler's University". It is a website owned by Andrew Tate.

Well that sure is a collection of words isn’t it

06.02.2024 23:25 πŸ‘ 558 πŸ” 72 πŸ’¬ 41 πŸ“Œ 11

🚨 After the FBI shut down the KV-botnet network, the malware operators attempted to bounce back by restructuring their operations and engaging with thousands of IP addresses.
themashernews.com/2024/02/afte...
#potatosecurity #malware #informationsecurity

07.02.2024 20:16 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Heads-up to anyone running a Wordpress site. If you get a very convincing looking email from β€œThe Wordpress Security Team about a vulnerability and the message: β€œWe urge you to install the CVE-2024-46188 Patch without any delay”

DO NOT INSTALL!

It’s a scam. The download is malware. DO NOT INSTALL.

03.02.2024 19:58 πŸ‘ 9 πŸ” 7 πŸ’¬ 0 πŸ“Œ 0
Preview
Cloudflare hacked using auth tokens stolen in Okta attack Cloudflare disclosed today that its internal Atlassian server was breached by a suspected 'nation state attacker' who accessed its Confluence wiki, Jira bug database, and Bitbucket source code managem...


"we believe this attack was performed by a nation state with the goal of obtaining persistent and widespread access to Cloudflare global network"

#Okta #cloudflare #Atlassian #Confluence #jira #Bitbucket #software #breach #security #cybersecurity #hacking

www.bleepingcomputer.com/news/securit...

02.02.2024 15:43 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
GitHub - EvilGreys/XLL-DROPPER-: XLL DROPPER | Learn to create Native xll Dropper XLL DROPPER | Learn to create Native xll Dropper. Contribute to EvilGreys/XLL-DROPPER- development by creating an account on GitHub.

Want to learn how to create a native XLL dropper?

30.01.2024 01:49 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
GitHub - Uri3n/Thread-Pool-Injection-PoC: Proof of concept code for thread pool based process inject... Proof of concept code for thread pool based process injection in Windows. - GitHub - Uri3n/Thread-Pool-Injection-PoC: Proof of concept code for thread pool based process injection in Windows.

Proof of concept code for thread pool based process injection in Windows.

28.01.2024 15:57 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Release New Features Β· 22XploiterCrew-Team/Gel4y-Mini-Shell-Backdoor Features [UPDATED] Command Shell Zip Upload (Auto Extract) Obfuscated Code (not a feature in webshell) Multiple File Upload Create Folder and File File Download Full Changelog: v1.2...v1.3

A php-based webshell. The code has been obfuscated to bypass static malware scans.

28.01.2024 15:55 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

Useful websites collecting Linux kernel syscall tables for various architectures and kernel versions

arm64.syscall.sh

syscalls.mebeim.net

#Linux #infosec

28.01.2024 08:56 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image

Unsurprisingly lots of Fortra GoAnywhere MFT CVE-2024-0204 related exploit attempts (based on public PoC exploit) happening. Over 120 IPs seen so far ... However, we think unlikely these will be successful on larger scale as not many admin portals exposed (only ~50, most patched)

25.01.2024 10:58 πŸ‘ 3 πŸ” 3 πŸ’¬ 1 πŸ“Œ 0
Preview
Spica Uncovered: Google’s Response to Russian APT ColdRiver’s Latest Malware | By Lauren LaPorta | Russian advanced persistent threat ColdRiver has expanded and evolved its phishing campaigns against Western officials and allies of Ukraine through the deployment of a new custo...

Russian advanced persistent threat (APT) #ColdRiver has expanded its phishing campaign against Western officials and allies of #Ukraine via deployment of a new custom backdoor, #Spica, while Google's Threat Analysis Group pushes back against #hackers. #cybersecurity #malware #Russia bit.ly/4b9WxI3

27.01.2024 04:18 πŸ‘ 1 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
Wyden Releases Documents Confirming the NSA Buys Americans' Internet Browsing Records

Wyden Releases Documents Confirming the NSA Buys Americans' Internet Browsing Records

26.01.2024 22:16 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image

TweetFeed

List of IOCs shared today by the #infosec community at Twitter:
- domains
- URLs
- IPs
- SHA256/MD5 hashes

tweetfeed.live

Creator twitter.com/0xDanielLopez

23.01.2024 08:45 πŸ‘ 4 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
OpenAl be like, "Ight imma head out".

OpenAl be like, "Ight imma head out".

23.01.2024 01:11 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Would be interesting to see how that trains Linkedin's AI algorithm 🀣

23.01.2024 00:59 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

On the other hand, I have also seen people who intentionally mess with the algorithm by adding the wildest contributions.

For instance, a question about how SOC teams can manage certain alerts was answered by someone with "Delete the internet. That's the cause of all our problems. "

23.01.2024 00:57 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Apart from the collaborative article thingy, yes.
It's fun watching people pour in decades of experience in a collaborative article, which linkedin will subsequently use to train its own AI πŸ˜†

23.01.2024 00:26 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Ngl, silverblue is nice

23.01.2024 00:24 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

You gotta tune the algo. Every time I see "inspiration porn", my reflex is to click on "Not Interested".

Took a few weeks, but linkedin gets me now.

22.01.2024 23:51 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Yes! Even though the concept has been around for ages, we haven't seen a mass adoption among corps.

22.01.2024 23:26 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
GreyNoise Visualizer At GreyNoise, we collect and analyze untargeted, widespread, and opportunistic scan and attack activity that reaches every server directly connected to the Internet.

The attack is ongoing for unpatched servers, with the most used commands being "whoami" and "cat /etc/shadow".

22.01.2024 23:21 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
GreyNoise Visualizer At GreyNoise, we collect and analyze untargeted, widespread, and opportunistic scan and attack activity that reaches every server directly connected to the Internet.

We are detecting activity for CVE-2023-22527, which relates to a critical Atlassian Confluence Template Injection RCE vulnerability. So far, commands are focused on `id` `whoami` and `cat /etc/shadow` - Patch before it's too late!

viz.greynoise.io/tag...

22.01.2024 19:53 πŸ‘ 3 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Post image

We are seeing Atlassian Confluence CVE-2023-22527 pre-auth template injection RCE attempts since 2024-01-19. Over 600 IPs seen attacking so far (testing callback attempts and 'whoami' execution).

Vulnerability affects out of date versions of Confluence:
confluence.atlassian.com/security/cve...

22.01.2024 10:12 πŸ‘ 3 πŸ” 2 πŸ’¬ 1 πŸ“Œ 1

Data Science and Cybersecurity are hot topics that pay well.

22.01.2024 02:40 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Astounding(Blackforums admin) is working on developing a new C++ ransomware known as "TerrorLocker".

22.01.2024 02:37 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0