We’re seeing unusual patterns of login attempts against our customers netscalers with the only thing in common the user-agent: CitrixReceiver/23.11.1.41…
We have recently identified another new persistent citrix netscaler credential stuffing attack against one of our customers using recently compromised…
We have recently identified a persistent credential stuffing attack against some of our customers. Credential stuffing is a cyberattack method in which…
Problem We manage a MISP instance which receives over 130,000 IOCs every day from multiple sources which we need to…
User names used by actor seen using VPNs with Canadian source IP addresses 10/05/2024. Replace targetDomain below with the domain…
Microsoft have an API to add IOCs to the threat intelligence module in sentinel which can you read about here.…
MISP MYSQL database growing too large and starting to get out of control? API calls getting slower and slower? Maybe…
If you receive a “An internal error has occured” error message when clicking on various menu functions in the MISP…
A threat activity cluster is a grouping of security alerts which are related to a unique or similar activity taking place in…
1. Initial Incident Late 2023, we observed several of our users , working in different locations with different email domains…
