Author Archives: Emin Baylarov

During my daily monitoring, I uncovered a number of Airbnb phishing pages harvesting user account credentials. This got me thinking about the types of fraud targeting Airbnb users and the hosts. Airbnb is not a typical target for phishing, compared to the vast number of phishing pages targeting banks, HMRC, DVLA, and mobile carriers. However, it […]

https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1284141956201943043&lang=en-gb&origin=https%3A%2F%2Fblog.bushidotoken.net%2F2020%2F07%2Femotet-returns.html&sessionId=17ed75f280911c0f261a08dc3a92cef43a6208a3&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px The infamous Emotet botnet has returned. In February 2020, the Emotet botnet, largely made up of compromised WordPress servers, ceased to send spam emails. This period of inactivity has now ended with threat intelligence sources now observing an even large number of URLs and C&C servers than before. Emotet botnet activity resumed around 15-17 […]

As of 1 August, I have been working in the cyber threat intelligence industry for one whole year. It has been a steep, but rewarding, learning curve that gives as much back as you put into it. In 2016, I started university doing a cybersecurity-specific course as I knew it was what I wanted to […]

On March 13, SanSec revealed a new Magecart domain used to host malicious JavaScript (.js) files designed to capture credit card details from e-commerce checkout pages. The domain (jquerycdn[.]at) hosted these scripts across at least 299 different victim stores. The Magento 1 e-commerce platform was the most frequently targeted, and it’s important to note that […]

ophisticated cyberattacks targeting some of the most secure networks globally have been carried out by Advanced Persistent Threat (APT) groups. Many of these groups operate on behalf of national intelligence agencies or military forces, while others may be private hacking groups hired for specific missions. An APT group is skilled at gaining access to a […]