Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Administered by:

Server stats:

224
active users

eupolicy.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

#cybersecurity

393 posts215 participants80 posts today
Public
OTX Bot

Illuminating Transparent Tribe

This analysis explores the infrastructure of APT36, also known as Transparent Tribe, using passive DNS and host response history. Starting with indicators from a CyberXTron report on a targeted phishing attack against Indian Government and Defense, the investigation expands through DNS history, IP pivoting, and host response analysis. Key findings include shared name server patterns, non-Cloudflare IP addresses, and connections to previously unreported domains. The research identifies potential new infrastructure using ETag pivoting, revealing domains with similar subdomain conventions to known Transparent Tribe assets. The methodology demonstrates the power of comprehensive DNS data and host response history in uncovering hidden connections and potential threat infrastructure.

Pulse ID: 683f3e227b61a544a68ded67
Pulse Link: otx.alienvault.com/pulse/683f3
Pulse Author: AlienVault
Created: 2025-06-03 18:25:38

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#Cloud#CyberSecurity#DNS
Public
OTX Bot

Victims risk AsyncRAT infection after being redirected to fake Booking.com sites

Cybercriminals have launched a campaign redirecting users from gaming sites and social media to fake Booking.com websites. The scam uses fake CAPTCHA prompts to trick visitors into executing malicious commands on their devices. If successful, the attack downloads and installs AsyncRAT, a backdoor Trojan that allows remote monitoring and control of infected computers. The campaign, which began in mid-May, frequently changes its final redirect destination. The malicious actors exploit the fact that 40% of people book travel through online searches, creating ample opportunities for deception. To stay safe, users are advised to be cautious of website instructions, use anti-malware solutions, employ browser extensions that block malicious domains, and consider disabling JavaScript on unknown websites.

Pulse ID: 683f4a28139ebdbc4b63fd2d
Pulse Link: otx.alienvault.com/pulse/683f4
Pulse Author: AlienVault
Created: 2025-06-03 19:16:56

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#AsyncRAT#BackDoor#Browser
Public
CybersecKyle

PSA: This is a reminder to have offline versions of your stuff!

Cloud services are good but we should be relying on them solely.

#cybersecurity #infosec #tech infosec.exchange/@fifonetworks

(Description of screenshot: a woman posted on Threads that she lost access to her Microsoft account through a combination of events, some of which she could have prevented, and now it will be thirty days before Microsoft will allow her access to her files).
Infosec ExchangeBob Young (@fifonetworks@infosec.exchange)Attached: 1 image Stop trusting cloud service providers so much. This screenshot from a post on Threads is a great example of the kinds of real-world problems people (and companies) experience when they use a cloud-only architecture, through ignorance or intentional design. Every person, and every company, needs to design their data systems architecture so that they have local control of all data. Put it in the cloud if it’s essential to your business operations, sure, but keep local copies as well. We live in a time when most systems architects don’t even consider off-cloud elements in their design. It literally does not occur to them. When I do crisis support for companies after a ransomware attack, it’s gotten to the point where I expect them to say “no” when I ask them, “Do you have any offline copies of your data?” (Description of screenshot: a woman posted on Threads that she lost access to her Microsoft account through a combination of events, some of which she could have prevented, and now it will be thirty days before Microsoft will allow her access to her files). #CallMeIfYouNeedMe #FIFONetworks #cybersecurity #DisasterPreparation #backups
Public
Chris

There is currently a wave of phishing emails going to 20i customers claiming that a domain renewal payment failed

The emails look legitimate but comes from an unconnected domain & has masked links

20i are aware of it and confirm that it started today & their abuse team are working on resolving the issue

If you or anyone you know uses 20i, be aware of this and be very careful

The renewal date listed was also wrong

Scam email pretending to be from 20i claiming that a domain name renewal failed The text reads Dear Customer, We tried to renew your services but the payment failed. The following services are due for renewal: domain name redacted We'd recommend taking the following steps: 1. Head to https://my.20i.com/account/billing-details and check your payment methods are up-to-date. 2. Try processing the renewals manually from https://my.20i.com/account/renewals. Select Renew on the services due for renewal. Sometimes your bank will require the card holder to be present for the transaction due to new Strong Customer Authentication rules, a manual renewal of the services will resolve this. If you're still having problems we'd recommend reaching out to the bank that issued the card for more information. Please note that unless action is taken in the next 14 days these products may be suspended and eventually deleted. As per our terms and conditions, non-payment isn't considered cancellation of your service, if you have any questions regarding your account or billing, please login at https://my.20i.com and select Contact Customer Services. Kind regards, The 20i Team https://www.20i.com
#scam#20i#Phishing
Public
Miguel Afonso Caetano

"EFF has joined more than 80 civil society organizations, companies, and cybersecurity experts in signing a letter urging the European Commission to change course on its recently announced “Technology Roadmap on Encryption.” The roadmap, part of the EU’s ProtectEU strategy, discusses new ways for law enforcement to access encrypted data. That framing is dangerously flawed.

Let’s be clear: there is no technical “lawful access” to end-to-end encrypted messages that preserves security and privacy. Any attempt to circumvent encryption—like client-side scanning—creates new vulnerabilities, threatening the very people governments claim to protect.

This letter is significant in not just its content, but in who signed it. The breadth of the coalition makes one thing clear: civil society and the global technical community overwhelmingly reject the idea that weakening encryption can coexist with respect for fundamental rights."

eff.org/deeplinks/2025/06/eus-

Electronic Frontier Foundation · The EU’s “Encryption Roadmap” Makes Everyone Less SafeEFF has joined more than 80 civil society organizations, companies, and cybersecurity experts in signing a letter urging the European Commission to change course on its recently announced “Technology Roadmap on Encryption.” The roadmap, part of the EU’s ProtectEU strategy, discusses new ways for...
#EU#CyberSecurity#Encryption
Public
Aircorridor

Cybersecurity pros—your health matters, too.
Long hours and high pressure can drain you fast.
airacademy.gumroad.com/l/cyber
Get the Cybersecurity & Health Medical Guide—crafted with medical experts to help you stay sharp, healthy, and resilient.
#cybersecurity #infosec #health #tech

GumroadCyber Health: A Guide to Preventing Occupational Diseases in Cybersecurity ProfessionalsCybersecurity Professionals: Prioritize Your Well-BeingIn the dynamic world of cybersecurity, your well-being is just as crucial as your technical skills. Long hours, intense focus, and constant pressure can take a toll on your health, impacting your performance and career longevity."Cybersecurity and Health: A Medical Guide for Professionals" is your essential resource for maintaining peak health and performance. Developed in collaboration with medical experts, this guide addresses the unique challenges faced by cybersecurity professionals.Key Benefits: Understand the impact of your work on your body and mind. Identify potential health risks before they become problems. Discover practical strategies to boost your energy, manage stress, and improve focus. Take proactive steps to ensure your long-term well-being and career success. Invest in yourself and your future. Claim your copy of "Cybersecurity and Health: A Medical Guide for Professionals" today – exclusively from Air Academy.Your dedication keeps us safe—let us help keep you protected.
Public
Prof. Dr. Dennis-Kenji Kipker

Eigentlich ist es nur schwer vorstellbar, dass man einer einzelnen #Cybercrime-Gruppierung 48 unterschiedliche Namen zuweisen kann.

Das liegt daran, dass die damit befassten Organisationen (also vor allem die Hersteller von Sicherheitssoftware) bislang ihre völlig eigene #Taxonomie hatten.

Nun haben sich die "Großen" wie Microsoft und Co. zusammengeschlossen, um eine einheitliche Taxonomie zu erarbeiten. Frage nur: Warum machen wir das nicht selbst?

reuters.com/sustainability/boa #cybersecurity

Public
Lenin alevski 🕵️💻

New Open-Source Tool Spotlight 🚨🚨🚨

Cortex by TheHive Project is a powerful open-source engine for observable analysis and active response. Supporting integration with MISP & TheHive, it offers 39+ analyzers to streamline DFIR tasks. Built using Scala, AngularJS, and Python for scalability. #CyberSecurity #DFIR

🔗 Project link on #GitHub 👉 github.com/TheHive-Project/Cor

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

Public
Prof. Dr. Dennis-Kenji Kipker

Wenn die #Gemeindeverwaltung nur per #Handy erreichbar ist: Dass kommunale #Cybersecurity keine deutsche Stärke ist, ist bereits seit Längerem bekannt.

Demnach reiht sich mit #Ostercappeln nun akut auch die nächste Kommunalverwaltung in die Reihe kompromittierter Institutionen der öffentlichen #Daseinsvorsorge ein.

Wann die gemeindliche IT wieder benutzbar ist und damit Bürgerdienstleistungen wieder in vollem Umfang erbracht werden können, steht zurzeit noch nicht fest:
ostercappeln.de/portal/meldung

Public
Prof. Dr. Dennis-Kenji Kipker

Heute haben das #BMI und das #BKA das #Bundeslagebild #Cybercrime 2024 vorgestellt. Natürlich wird es nicht besser mit der Gesamt-Cyberbedrohungslage - was zu erwarten gewesen ist, denn weder sind #Digitalisierung noch Vernetzung zurückgegangen oder hat sich seit dem letzten Jahr die globale Gesamtsituation irgendwie zum Besseren verändert. Vor allem relevant sind die "#Auslandstaten" - denen zumeist nur durch Cybersecurity-Prävention begegnet werden kann:

intrapol.org/2025/06/03/neues- #cybersecurity

ExploreLive feeds
About