Samples of (VXUG) aka (DG) aka DEV-0586 (MSTIC) - the MBR Overwriter targeting Gov samples.vx-underground.org/APT (pass "infected")

The adoption of @signalapp is directly a result of Moxie’s long term connections to anarchist communities and the sheer strength of the cryptograhic model. Now that he is stepping down as CEO, what does this mean for the future of the app? We weigh in. itsgoingdown.org/signal-warnin

[:tw: tweets.newsbots.eu/IGD_News/st#bot]

CVE-2021-32648 (Score 6.4) - attacker can request an account password reset and then gain access to the account using a specially crafted request.
CVE Publish Date: 26.08.2021
OctoberCMS Patch Commit Date: 07.04.2021
Total disgrace

Show thread

15 gov sites in Ukraine - all using OctoberCMS - have been defaced, incl Min of Foreign Affairs, Cabinet of Ministers, Min of Ed, Emergency Services, Treasury, Environmental Protection. Looks like the attackers used CVE-2021-32648 in all cases.

Considering the fact that miners would go unnoticed for several months and #Mirai worm itself is quiet enough... So this is not the end of #log4j
ioc.exchange/@gsc/107477757176

published a first worm sample that uses a to install Monero-miner.
Self-propagating -bot identified by security researcher 1ZRR4H@twitter.com

IOC.exchange

INDICATORS OF COMPROMISE (IOC)
InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

We have a Getting Started Guide here: https://ioc.wiki/mastodon

HAVE FUN and STAY SAFE!