Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
ioc.exchange is one of the many independent Mastodon servers you can use to participate in the fediverse.
INDICATORS OF COMPROMISE (IOC) InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

Administered by:

Server stats:

1.3K
active users

ioc.exchange: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

Just Another Blue Teamer

The known as strikes again, this time targeting think tanks, academia, and media organizations with a social engineering. The goal? Stealing Google and subscription credentials of a news and analysis service that focuses on North Korea. Enjoy and Happy Hunting!

Link in the comments!

***This one is a little different. In this article, SentinelLabs mentioned ReconShark being used. Can you provide me with any TTPs that are associated with that ?***

TA0001 - Initial Access
T1566.002 - Phishing: Spearphishing Link
T1566.001 - Phishing: Spearphishing File

TA0002 - Execution
T1204.001 - User Execution: Malicious Link
T1204.002 - User Execution: Malicious File

TA0006 - Credential Access
T1056.003 - Input Capture: Web Portal Capture

ReconShark TTPs:
Here is your chance to shine! Let me know what TTPs are associated with this malware!

Initial Email (from source)
Malicious Google Docs site (from source)
#CyberSecurity#ITSecurity#InfoSec
Jun 06, 2023, 12:40 PM·Public·Web
4boosts·1favorite
ExploreLive feeds
About