BIRTHDAY: Team Cymru's #IP2ASN whois service turns 20 today! 🎂 On 26 September 2003 Team Cymru launched whois.cymru.com; one of our most popular and longstanding community tools A tip in the attached Tweet for one of the many use cases:

Admiring both the technical content and graphical creativity of this piece 🫶🏻

Greetings to all five remaining Twitter users! It's been a while, but today we bring you a new BLOG POST. In the blog, which will probably end up being the first in a short series, we examine the #Octo #Coper Android malware family. Check it out 👀👇 team-cymru.com/post/coper-oct…

BLOG POST: Watch this space👀 for some fun content coming soon on #cybercrime topics. In the meantime, we've tried to take a different view of things... something we've been wanting to experiment with for a while. Internet weather reporting!🌤️☔️ team-cymru.com/post/team-cymr… #Outage

BLOG POST: A collaboration with Proofpoint taking a deep dive into #latrodectus. An emergent loader malware from the folks that brought you #IcedID. team-cymru.com/post/latrodect…

A new malware named Latrodectus has been identified by @Proofpoint threat researchers.🕷️ While Lacrodectus is similar in infrastructure to #IcedID, it has new, unique patterns in campaign IDs designating threat actor use in previous IcedID campaigns. Read the full blog written

🚨Largest ever operation against botnets hits dropper malware ecosystem. Operation Endgame, coordinated from Europol headquarters, has led to four arrests and the takedown of over 100 servers worldwide. More information in our press release⤵️ europol.europa.eu/media-press/ne…

We are proud to have been involved in #OperationEndgame. The "largest ever operation" against criminally operated #botnet families. Our analysts collaborated in mapping operational infrastructure with law enforcement & industry partners. 👨‍💻👩‍💻 🤝 👮‍♂️👮‍♀️ operation-endgame.com

BLOG POST: We've been investigating the #Quad7 7777 botnet for a while, we thought it was time to share some of our findings. Includes discovery of the linked 63256 botnet which targets #ASUS routers. team-cymru.com/post/botnet-77… h/t Gi7w0rm

Awesome blogpost from Team Cymru Threat Research! Regarding the #alogin botnet, we (at Sekoia.io) haven't seen it targeting Microsoft 365 accounts but more telnet / ssh services. [1/2]

BLOG POST: Stark insights into upstream 🚣 infrastructure behind the recent #FIN7 domain discoveries shared by the Silent Push Labs team. Featuring a guest appearance! team-cymru.com/post/fin7-the-… @HostingPq 🫡

BLOG POST: Another weather report, this time examining claims that the #Venezuelan presidential elections were disrupted by #CyberAttack Our findings: cloudy with a chance of #DDoS 🍝 team-cymru.com/post/insights-…

BLOG POST: We examine the use of virtual offices by cybercriminals, and the organizations that enable them, to create a facade of legitimacy for their malicious activities. team-cymru.com/post/how-virtu… #bulletproof #hosting #threatintel

BLOG POST: A write-up on some infrastructure we were tracking during 2024, connected to both #SmartApeSG and #NetSupportRAT activities. They do usually follow one another around but we've exposed direct links from a management and oversight perspective. team-cymru.com/post/tracing-t…

We're hosting a practitioners event 22 May in Washington DC. An afternoon of use cases and research presentations, followed by food and drinks at a local restaurant. DM if you are in the DMV area and would like to register your interest!