admin

Proxy Resilience and Reflexive Control As of late March 2026, Russia’s war in Ukraine has entered its fifth year as a brutal war of attrition. Moscow continues to make incremental territorial gains at enormous human and material cost, yet it is clear that the Russian military is far from the force that launched the full-scale … Read more

Ever thought of hosting a honeypot on your own VM or server image instead of just using a VPS like DigitalOcean, GCP, Azure, or AWS? Continue reading on OSINT Team »

Understanding the theory before analyzing real attack logs I’m learning about WMI persistence. This is not research. This is me documenting what I found while studying a technique that APT29 and 20+ other APT groups use. Part 2 will be different — actual lab testing, real Sysmon logs, detection methodology. This is just my notes. Why I’m Studying This I kept … Read more

Ransomware revenue was roughly $820 million in on-chain payments last year, according to Chainalysis. Down from the $1.25 billion record in 2023, but still one of the more reliable criminal revenue streams on the planet. Eighty-five extortion groups competed for that market in Q3 2025, per Checkpoint. Forty-seven of them claimed fewer than ten victims each. That … Read more

It Didn’t Look Dangerous at First Every SOC analyst knows this feeling.You’re watching dashboards.Logs are flowing.Nothing critical. Nothing red.Then you notice one IP address.It’s not triggering a high-severity alert.It’s not exploiting anything.It’s just persistent.50–100 requests per second.Not a spike.Sustained.That’s when instinct kicks in. Introduction:- When “Google LLC” Doesn’t Mean Safe In security operations, not every investigation starts with … Read more

Reverse Engineering a Banking Malware Hidden Inside an APK The Call That Started Everything It started with something that looked completely normal. A phone call. Someone claiming to be from SBI customer support informed the victim that their YONO SBI application needed an urgent update. The reason sounded serious enough to create panic. “If you don’t update your AADHAR … Read more

Your organization is drowning in data. Logs, alerts, threat feeds, dashboards. Continue reading on OSINT Team »

If you have been following this series, you know where we are. The first version was a command-line script. The second integrated everything into the full threat intelligence platform. The third pulled the channel monitor out into a standalone Flask app with a web UI, job history, and live log streaming. because many people just … Read more