24 hours until the CfP for "Security BSides Knoxville 2026" closes: https://papercall.io/cfps/6517/submissions/new
#cfp #conference #Offensive security #Defensive security #Application security #Intelligence #Malware #Exploit development #Social engineering #Security management #Grc #Ciso #Dfir #Soc #Osint #Breaking into industry #Physical pen testing #Body hacking #Red team #Blue team #Human factors #Hardware #Soft skills #Management #Appsec #Ics/scada
日本×フィンランド共同製作ドラマ「連続ドラマW BLOOD & SWEAT」インタビュー&メイキング【WOWOW】 https://www.vivizine.com/1150944/ #actor #AXON #drama #ICS #wowow #インタビュー #オリジナル #ドラマ #フィンランド #メイキング #ヤスペル・ペーコネン #修正版 #俳優 #北欧サスペンス #杏 #番宣 #高杉真宙
https://www.wacoca.com/2097751/ 日本×フィンランド共同製作ドラマ「連続ドラマW BLOOD & SWEAT」インタビュー&メイキング【WOWOW】 #AXON #drama #ICS #MahiroTakasugi #Male #TakasugiMahiro #WOWOW #インタビュー #オリジナル #ドラマ #フィンランド #メイキング #ヤスペル・ペーコネン #修正版 #北欧サスペンス #杏 #番宣 #高杉真宙
🚨 CRITICAL: CVE-2026-3611 impacts Honeywell IQ4E (v3.50_3.44) — missing web HMI authentication lets remote attackers create admin accounts, lock out operators, and control building systems. Restrict access & create user accounts ASAP. https://radar.offseq.com/threat/cve-2026-3611-cwe-306-missing-authentication-for-c-2be1059b #OffSeq #ICS #Honeywell
Tanzlernabend
Cologne Dance Center, Thursday, March 12 at 07:00 PM GMT+1
Der Andrang zu Blowzabella wird sicherlich groß werden. Daher werden wir an diesem Abend wichtige Tänze wiederholen und vertiefen, unter anderem:
– Chapeloise
– Fröhlicher Kreis
– Bourree
– Walzer
– Scottisch
Quiz sites trick users into enabling unwanted browser notifications
Users are being tricked into enabling unwanted browser notifications through quiz websites. These sites challenge visitors with quizzes on various topics, but their main goal is to get users to click 'Start the quiz' button. This action triggers a misleading prompt that tricks users into allowing notifications. Once enabled, these notifications can display advertisements, scams, or unwanted downloads even when the user is not on the original website. The article provides instructions on how to remove and block web push notifications across different browsers, including Chrome, Firefox, Opera, Edge, and Safari. It also lists several domains associated with this deceptive campaign.
Pulse ID: 69b014fc00119187bccbf395
Pulse Link: https://otx.alienvault.com/pulse/69b014fc00119187bccbf395
Pulse Author: AlienVault
Created: 2026-03-10 12:56:28
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Browser #Chrome #CyberSecurity #Edge #FireFox #ICS #InfoSec #OTX #OpenThreatExchange #Opera #Safari #bot #AlienVault
What you recommend about fetching ICS calendar from website? To show events in some way. I'm thinking about general calendar, nextcloud, google, doesn't matter. Thanks!
#ics #icalendar #javascript #caldav #calendar
🚩 CVE-2026-2364: HIGH severity TOCTOU flaw in CODESYS Installer (all versions) lets local attackers escalate privileges via user-initiated updates. Restrict access & monitor until patch. No active exploits yet. https://radar.offseq.com/threat/cve-2026-2364-cwe-367-time-of-check-time-of-use-to-5eb858d5 #OffSeq #CODESYS #ICS #Vuln
🔔 CVE-2026-3630: CRITICAL stack-based buffer overflow in DeltaWW COMMGR2 (CVSS 9.8). Remote, unauthenticated RCE risk — no patch yet. Segment & restrict network access, monitor for exploits. More: https://radar.offseq.com/threat/cve-2026-3630-cwe-121-stack-based-buffer-overflow--c00e7f15 #OffSeq #ICS #Vulnerability #OTsecurity
🚨 CRITICAL: CVE-2026-3823 exposes Atop EHG2408 switches to unauthenticated RCE via stack-based buffer overflow. No patch yet — segment, restrict access, and monitor traffic. Full device compromise risk. https://radar.offseq.com/threat/cve-2026-3823-cwe-121-stack-based-buffer-overflow--68d582bc #OffSeq #ICS #Vuln #OTSecurity
Unmasking an Attack Chain of MuddyWater
An intrusion attributed to MuddyWater, an Iranian-linked APT, was identified in a customer environment. The attack involved initial access through RDP, establishing an SSH tunnel, and deploying malware via DLL side-loading. The threat actor used FMAPP.exe, a legitimate Fortemedia Inc. application, to load a malicious FMAPP.dll for C2 communications. The timeline of activities revealed typos in commands, suggesting manual typing by the attacker. The intrusion included reconnaissance efforts, attempts to verify tunnel functionality, and issues with initial C2 communication. The attack targeted an Israeli company, aligning with known MuddyWater tactics.
Pulse ID: 69abf37dfd9bfab829c9913e
Pulse Link: https://otx.alienvault.com/pulse/69abf37dfd9bfab829c9913e
Pulse Author: AlienVault
Created: 2026-03-07 09:44:29
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #ICS #InfoSec #Iran #Israel #Malware #MuddyWater #OTX #OpenThreatExchange #RDP #SSH #bot #AlienVault
New A0Backdoor Linked to Teams Impersonation and Quick Assist Social Engineering
A new backdoor, dubbed A0Backdoor, has been discovered in connection with a campaign using email bombing and IT-support impersonation over Microsoft Teams to gain Quick Assist access. The malware's loader exhibits anti-sandbox evasion techniques, and the campaign's command-and-control has shifted to a covert DNS mail exchange-based channel. This activity is attributed to the threat group Blitz Brigantine, also known as Storm-1811 or STAC5777, and shows similarities to Black Basta-linked social-engineering tactics. The attackers use digitally signed MSI packages, often hosted on Microsoft cloud storage, to deliver their proprietary tooling. The A0Backdoor employs sophisticated techniques such as time-based execution windows, runtime decryption, and DNS tunneling for covert communication. The campaign has been active since August 2025, targeting primarily the finance and health sectors.
Pulse ID: 69abf37e75ba997149f9e95c
Pulse Link: https://otx.alienvault.com/pulse/69abf37e75ba997149f9e95c
Pulse Author: AlienVault
Created: 2026-03-07 09:44:29
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #BlackBasta #Cloud #CyberSecurity #DNS #Email #ICS #InfoSec #Malware #Microsoft #MicrosoftTeams #OTX #OpenThreatExchange #SocialEngineering #Windows #bot #AlienVault
CRITICAL: CVE-2026-3823 in Atop EHG2408 switches — stack-based buffer overflow allows unauth'd remote code exec. No patch yet. Segment, monitor & restrict access ASAP! 🛡️ https://radar.offseq.com/threat/cve-2026-3823-cwe-121-stack-based-buffer-overflow--68d582bc #OffSeq #CVE20263823 #ICS #Vulnerability
🔴 CVE-2026-3630: CRITICAL stack-based buffer overflow in DeltaWW COMMGR2 (ver 0) enables unauthenticated RCE. No patch available. Segment networks, enable IDS/IPS, & monitor for exploitation. Details: https://radar.offseq.com/threat/cve-2026-3630-cwe-121-stack-based-buffer-overflow--c00e7f15 #OffSeq #ICS #Vuln #CyberSecurity
🚨 CRITICAL: CVE-2026-2330 in SICK Lector85x lets remote, unauthenticated attackers modify device configs via the CROWN REST interface. Patch or restrict access now to prevent OT compromise. https://radar.offseq.com/threat/cve-2026-2330-cwe-552-files-or-directories-accessi-493bd9c6 #OffSeq #ICS #Vulnerability #Infosec
South American telecommunication providers targeted with three new malware implants
UAT-9244, a China-nexus advanced persistent threat actor, has been targeting critical telecommunications infrastructure in South America since 2024. The group employs three new malware implants: TernDoor, a Windows-based backdoor variant of CrowDoor; PeerTime, an ELF-based backdoor using BitTorrent protocol; and BruteEntry, a brute force scanner for SSH, Postgres, and Tomcat servers. UAT-9244 uses dynamic-link library side-loading, scheduled tasks, and registry modifications for persistence. The group is closely associated with FamousSparrow and Tropic Trooper, sharing similar tooling and tactics. Their infrastructure includes multiple command and control servers and operational relay boxes for scanning and brute-forcing activities.
Pulse ID: 69a9e3f038f67d31461ec191
Pulse Link: https://otx.alienvault.com/pulse/69a9e3f038f67d31461ec191
Pulse Author: AlienVault
Created: 2026-03-05 20:13:36
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #BruteForce #China #CyberSecurity #ELF #ICS #InfoSec #Malware #OTX #OpenThreatExchange #RAT #RCE #SSH #SouthAmerica #Telecom #Telecommunication #Tomcat #Windows #bot #AlienVault
🔴 CRITICAL: CVE-2026-2331 in SICK Lector85x v2.6.0 allows unauthenticated HTTP access to sensitive files & Lua code execution. No patch yet — segment networks & restrict HTTP access. Monitor for abuse! https://radar.offseq.com/threat/cve-2026-2331-cwe-552-files-or-directories-accessi-5e67b9ed #OffSeq #ICS #Vuln #OTSecurity
1918 International Correspondence Schools: Analog-Era Icon
International Correspondence Schools offers a path to professional advancement through home study, helping families like theirs build a brighter tomorrow. 📚💡
#internationalcorrespondenceschools #ics #ambitiousdreams #brighterfuture #homestudy #careeradvancement #professionaldevelopment #selfimprovement #1910s #1918 #retroad #vintagenostalgia #printad #early20thcentury #historicalads #education #vocationaltraining
Iranian APT Infrastructure in Focus: Mapping State-Aligned Clusters During Geopolitical Escalation
The analysis examines Iranian state-aligned threat actors and their infrastructure patterns during heightened geopolitical tensions. It focuses on mapping network infrastructure, ASN patterns, TLS fingerprints, and hosting clusters associated with various Iranian APT groups. The report highlights the importance of proactive infrastructure monitoring to detect and disrupt potential cyber operations. Key findings include the identification of previously unreported hosts, domains, and servers linked to Iranian operations, as well as insights into the tactics used by groups like MuddyWater and Dark Scepter. The article emphasizes the value of infrastructure intelligence in early threat detection and provides recommendations for organizations to monitor and defend against these threats.
Pulse ID: 69a88b31c4401f717710f864
Pulse Link: https://otx.alienvault.com/pulse/69a88b31c4401f717710f864
Pulse Author: AlienVault
Created: 2026-03-04 19:42:41
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #ICS #InfoSec #Iran #MuddyWater #OTX #OpenThreatExchange #RAT #TLS #bot #AlienVault
Breaking Down the Role of Cyber Operations Taken in the Iran Crisis
The report analyzes the cyber aspects of the ongoing conflict between Iran, the US, and Israel. It details a massive cyberattack launched by the US and Israel against Iran, causing widespread internet disruptions and infrastructure failures. The report also covers the activation and retooling of Iranian APT groups for retaliatory operations, targeting critical infrastructure in the US, Israel, and allied countries. Key actors include MuddyWater, Charming Kitten, OilRig, and Elfin. The analysis covers tactics, techniques, and procedures used by these groups, as well as their strategic objectives. The report also discusses the involvement of hacktivist proxies and the victimology of the attacks, affecting multiple countries and industries.
Pulse ID: 69a8500da3cf3bc380d12303
Pulse Link: https://otx.alienvault.com/pulse/69a8500da3cf3bc380d12303
Pulse Author: AlienVault
Created: 2026-03-04 15:30:21
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberAttack #CyberSecurity #ELF #Hacktivist #ICS #InfoSec #Iran #Israel #MuddyWater #OTX #OilRig #OpenThreatExchange #RAT #bot #AlienVault
