Historical OSINT – International Institute For Counter-Terrorism Serving Malware – An Analysis

The International Institute For Counter-Terrorism is known to have served malicious software to its targeted user base back in 2013. In this post I’ll provide actionable intelligence behind the campaign and discuss in-depth the tactics technique and procedures of the cybercriminals behind it. Sample malicious software client-side exploits serving chain: hxxp://ict.org.il/js/1.html Sample malicious MD5 known toRead More

Exposing Modern Client-Side Exploits Serving Kits – An AV and Snort IDS MD5 List Compilation

Dear blog readers, It’s been a while since I’ve last posted a quality update and I’ve decided to share with everyone the results of a recent initiative where I aim to provide actionable threat intelligence on some of the key client-side exploits serving kits in terms of actual MD5s for the purpose of empowering AVsRead More

Spamvertised ‘Confirmed Facebook Friend Request’ Themed Emails Serve Client-Side Exploits

A currently circulating malicious spam campaign, entices users into thinking that they’ve received a legitimate ‘Friend Confirmation Request‘ on Facebook. In reality thought, the campaign attempts to exploit client-side vulnerabilities, CVE-2010-0188 in particular. Client-side exploits serving URL: hxxp://facebook.com.n.find-friends.lindoliveryct.net:80/news/facebook-onetime.php?dpheelxa=1l:30:1l:1g:1j&pkvby=h&rzuhhh=1h:33:1o:2v:32:1o:2v:1o:1j:1m&ycxlcvr=1f:1d:1f:1d:1f:1d:1f Detection rate for the malicious PDF: MD5: 39326c9a2572078c379eb6494dc326ab – detected by 3 out of 45 antivirus scannersRead More

Unit-123.org E-shop Owner Information

Who is Dancho Danchev?


Focused on delivering daily batches of personally-produced never-ending supply of high-quality and never-published and released before classified and sensitive Intelligence Deliverables.

Latest Products