Phishing attack against Wio

To be honest I didn't know this bank. Today Matrix identified these two threats and so I did a little research into who they are. It is a bank based in the United Arab Emirates. Looking at the wio.io website the first thing that struck me was that in the management section they don't have … Continue reading Phishing attack against Wio →

Intesa San Paolo phishing kit

A few hours ago Matrix identified a phishing kit targeting customers of the Italian bank Intesa San Paolo (intesasanpaolo[.]com). This site is hosted on cprapid[.]com, the full url is weblntesasanpaolo[.]35-180-129-166[.]cprapid[.]com. I just report it as malicious on urlscan.io. The kit code is a mess 😦 I don't think the low quality indicates attempts at evasion, … Continue reading Intesa San Paolo phishing kit →

Phishing campaign based on .best domains

A new tool launched in recent days has made it possible to quickly detect an attack based on various .best domains.Matrix had reported these domains on urlscan.io several hours ago. From the evidence gathered in recent minutes, it appears that the attack targeted customers of the US bank America First Credit Union. Below is the … Continue reading Phishing campaign based on .best domains →

1M in less than four months:)

After Twitter blocked my account I moved to Urlscan.io where Johannes welcomed and supported me very kindly. I was able to appreciate the platform and today we reached the milestone of one million submissions made. Thanks to the urlscan.io team for their work!

REALFLIGHT EVOLUTION on Lenovo ThinkCentre neo 30a

I think it's been about 30 years since I've installed a game on my computer. The last one I think was Gunship 2000 or something!Today, however, I installed this simulator for model aircraft. From the videos and comments it seemed like a well-made product and so I decided to buy it to learn how to … Continue reading REALFLIGHT EVOLUTION on Lenovo ThinkCentre neo 30a →

No more Twitter!!

After more than 400,000 tweets, the blue bird platform suspended my account for violating the counterfeit goods rules. I've decided to move the publishing of reports to urlscan.io. In the new release I made some changes to the publishing platform, the main one for users is that now sites that don't have a default page … Continue reading No more Twitter!! →

Update from Twitter account

November 2022 saw a new update of "The Smith Project" solution. This update makes it possible to identify a new type of malicious sites that spread malicious Android app and Windows executable. The increase in tweets from October to November was almost 100%. If compared with September the increase was more than 200% It's hard … Continue reading Update from Twitter account →

Infosec people that post IOCs on Twitter

See the live page here

GoodFATR

A Platform for Automated Threat Report Collection and IOC Extraction A few days ago I came across this project from the University of Madrid. Below is a summary and the entire document. Enjoy the reading 🙂 To adapt to a constantly evolving landscape of cyber threats, organizations actively need to collect Indicators of Compromise (IOCs), … Continue reading GoodFATR →

Our fight against fraud and abuse: an update

An interesting article by Namecheap that illustrates their commitment (and to a small extent mine too) in the fight against scams and abuses on the Internet.