Tag: tls certificates

3 Attack Reports | 0 Vulnerabilities

Attack reports

Checking all the Boxes: LapDogs, The New ORB in Town

SecurityScorecard's STRIKE team has uncovered a new China-Nexus Operational Relay Box (ORB) network called 'LapDogs', targeting primarily Linux-based SOHO devices globally. The network, active since September 2023, focuses on the United States and Southeast Asia, particularly Japan, South Korea, Ho…
orb
tls certificates
southeast asia
2025-06-26
shortleash
soho devices
CVE-2017-17663
Published: June 26, 2025
Linked vulnerabilities : CVE-2017-17663, CVE-2015-1548
Downloadable IOCs: 26

A Practical Guide to Uncovering Malicious Infrastructure With Hunt.io

This guide demonstrates how to use Hunt.io to investigate and track malicious infrastructure. Starting with a single suspicious IP address, the process involves analyzing hosting providers, domain information, open ports, HTTP responses, and TLS certificates. The investigation reveals connections t…
latrodectus
malicious infrastructure
osint
tls certificates
threat hunting
2025-03-25
latrodectus malware
sql queries
hunt.io
network scanning
cryptocurrency fraud
Published: March 25, 2025
Downloadable IOCs: 0

Suspected DPRK Phishing Campaign Targets Naver; Separate Apple Domain Spoofing Cluster Identified

Researchers discovered a potential North Korean phishing campaign targeting Naver, a major South Korean tech platform. The investigation revealed an exposed directory containing phishing pages designed to steal Naver user credentials. Separately, an infrastructure cluster was identified using domai…
phishing
apple
credential theft
dprk
infrastructure analysis
domain spoofing
2024-10-30
naver
tls certificates
Published: October 30, 2024
Downloadable IOCs: 0
Click here to see more Attack Reports