Recent searches

No recent searches

Search options

Only available when logged in.
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

8.8K
active users

fosstodon.org: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.2

#bianlian

0 posts0 participants0 posts today
Dissent Doe :cupofcoffee:<p>NEW: Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024:</p><p><a href="https://databreaches.net/2025/06/28/texas-centers-for-infectious-disease-associates-notifies-individuals-of-data-breach-in-2024/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/28/te</span><span class="invisible">xas-centers-for-infectious-disease-associates-notifies-individuals-of-data-breach-in-2024/</span></a></p><p><a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/thirdparty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>thirdparty</span></a> <a href="https://infosec.exchange/tags/businessassociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>businessassociate</span></a> <a href="https://infosec.exchange/tags/BianLian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BianLian</span></a></p>
Pyrzout :vm:<p>BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan – Source:thehackernews.com <a href="https://ciso2ciso.com/bianlian-and-ransomexx-exploit-sap-netweaver-flaw-to-deploy-pipemagic-trojan-sourcethehackernews-com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/bianlian-and-ran</span><span class="invisible">somexx-exploit-sap-netweaver-flaw-to-deploy-pipemagic-trojan-sourcethehackernews-com/</span></a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rssfeedpostgeneratorecho</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/TheHackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TheHackerNews</span></a> <a href="https://social.skynetcloud.site/tags/BianLian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BianLian</span></a></p>
The Threat Codex<p>Shifting the sands of RansomHub’s EDRKillShifter<br><a href="https://infosec.exchange/tags/EDRKillShifter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EDRKillShifter</span></a> <a href="https://infosec.exchange/tags/MedusaRansomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MedusaRansomware</span></a> <a href="https://infosec.exchange/tags/PLAY" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PLAY</span></a> <a href="https://infosec.exchange/tags/BianLian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BianLian</span></a> <a href="https://infosec.exchange/tags/RansomHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RansomHub</span></a> <br><a href="https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">welivesecurity.com/en/eset-res</span><span class="invisible">earch/shifting-sands-ransomhub-edrkillshifter/</span></a></p>
RansomLook<p>New post from <a href="https://social.circl.lu/tags/Bianlian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bianlian</span></a> : Meridian Senior<br>More at : <a href="https://www.ransomlook.io/group/Bianlian" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">ransomlook.io/group/Bianlian</span><span class="invisible"></span></a> <a href="https://social.circl.lu/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a></p>
RansomLook<p>New post from <a href="https://social.circl.lu/tags/Bianlian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bianlian</span></a> : Saunders And Saunders<br>More at : <a href="https://www.ransomlook.io/group/Bianlian" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">ransomlook.io/group/Bianlian</span><span class="invisible"></span></a> <a href="https://social.circl.lu/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a></p>
RansomLook<p>New post from <a href="https://social.circl.lu/tags/Bianlian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bianlian</span></a> : Cmc Technology Group<br>More at : <a href="https://www.ransomlook.io/group/Bianlian" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">ransomlook.io/group/Bianlian</span><span class="invisible"></span></a> <a href="https://social.circl.lu/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a></p>
RansomLook<p>New post from <a href="https://social.circl.lu/tags/Bianlian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bianlian</span></a> : Sonrisas Dental Health<br>More at : <a href="https://www.ransomlook.io/group/Bianlian" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">ransomlook.io/group/Bianlian</span><span class="invisible"></span></a> <a href="https://social.circl.lu/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a></p>
ESET Research<p><a href="https://infosec.exchange/tags/ESETresearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ESETresearch</span></a> discovered previously unknown links between the <a href="https://infosec.exchange/tags/RansomHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RansomHub</span></a>, <a href="https://infosec.exchange/tags/Medusa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Medusa</span></a>, <a href="https://infosec.exchange/tags/BianLian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BianLian</span></a>, and <a href="https://infosec.exchange/tags/Play" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Play</span></a> ransomware gangs, and leveraged <a href="https://infosec.exchange/tags/EDRKillShifter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EDRKillShifter</span></a> to learn more about RansomHub’s affiliates. @SCrow357 <a href="https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">welivesecurity.com/en/eset-res</span><span class="invisible">earch/shifting-sands-ransomhub-edrkillshifter/</span></a> <br>RansomHub emerged in February 2024 and in just three months reached the top of the ransomware ladder, recruiting affiliates from disrupted <a href="https://infosec.exchange/tags/LockBit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LockBit</span></a> and <a href="https://infosec.exchange/tags/BlackCat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BlackCat</span></a>. Since then, it dominated the ransomware world, showing similar growth as LockBit once did. <br>Previously linked to North Korea-aligned group <a href="https://infosec.exchange/tags/Andariel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Andariel</span></a>, Play strictly denies operating as <a href="https://infosec.exchange/tags/RaaS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RaaS</span></a>. We found its members utilized RansomHub’s EDR killer EDRKillShifter, multiple times during their intrusions, meaning some members likely became RansomHub affiliates. <br>BianLian focuses on extortion-only attacks and does not publicly recruit new affiliates. Its access to EDRKillShifter suggests a similar approach as Play – having trusted members, who are not limited to working only with them.<br>Medusa, same as RansomHub, is a typical RaaS gang, actively recruiting new affiliates. Since it is common knowledge that affiliates of such RaaS groups often work for multiple operators, this connection is to be expected. <br>Our blogpost also emphasizes the growing threat of EDR killers. We observed an increase in the number of such tools, while the set of abused drivers remains quite small. Gangs such as RansomHub and <a href="https://infosec.exchange/tags/Embargo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Embargo</span></a> offer their killers as part of the affiliate program.<br>IoCs available on our GitHub: <a href="https://github.com/eset/malware-ioc/tree/master/ransomhub" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/eset/malware-ioc/tr</span><span class="invisible">ee/master/ransomhub</span></a></p>
RansomLook<p>New post from <a href="https://social.circl.lu/tags/Bianlian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bianlian</span></a> : Goshen Medical Center<br>More at : <a href="https://www.ransomlook.io/group/Bianlian" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">ransomlook.io/group/Bianlian</span><span class="invisible"></span></a> <a href="https://social.circl.lu/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a></p>
RedPacket Security<p>[BIANLIAN] - Ransomware Victim: Allworx - <a href="https://www.redpacketsecurity.com/bianlian-ransomware-victim-allworx/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">redpacketsecurity.com/bianlian</span><span class="invisible">-ransomware-victim-allworx/</span></a></p><p><a href="https://mastodon.social/tags/bianlian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bianlian</span></a> <a href="https://mastodon.social/tags/dark_web" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dark_web</span></a> <a href="https://mastodon.social/tags/data_breach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>data_breach</span></a> <a href="https://mastodon.social/tags/OSINT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OSINT</span></a> <a href="https://mastodon.social/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://mastodon.social/tags/threatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintel</span></a> <a href="https://mastodon.social/tags/tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tor</span></a></p>
RedPacket Security<p>[BIANLIAN] - Ransomware Victim: Minnesota Orthodontics - <a href="https://www.redpacketsecurity.com/bianlian-ransomware-victim-minnesota-orthodontics/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">redpacketsecurity.com/bianlian</span><span class="invisible">-ransomware-victim-minnesota-orthodontics/</span></a></p><p><a href="https://mastodon.social/tags/bianlian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bianlian</span></a> <a href="https://mastodon.social/tags/dark_web" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dark_web</span></a> <a href="https://mastodon.social/tags/data_breach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>data_breach</span></a> <a href="https://mastodon.social/tags/OSINT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OSINT</span></a> <a href="https://mastodon.social/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://mastodon.social/tags/threatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintel</span></a> <a href="https://mastodon.social/tags/tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tor</span></a></p>
RansomLook<p>New post from <a href="https://social.circl.lu/tags/Bianlian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bianlian</span></a> : Island Realty<br>More at : <a href="https://www.ransomlook.io/group/Bianlian" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">ransomlook.io/group/Bianlian</span><span class="invisible"></span></a> <a href="https://social.circl.lu/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a></p>
RansomLook<p>New post from <a href="https://social.circl.lu/tags/Bianlian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bianlian</span></a> : Allworx<br>More at : <a href="https://www.ransomlook.io/group/Bianlian" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">ransomlook.io/group/Bianlian</span><span class="invisible"></span></a> <a href="https://social.circl.lu/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a></p>
RansomLook<p>New post from <a href="https://social.circl.lu/tags/Bianlian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bianlian</span></a> : Minnesota Orthodontics<br>More at : <a href="https://www.ransomlook.io/group/Bianlian" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">ransomlook.io/group/Bianlian</span><span class="invisible"></span></a> <a href="https://social.circl.lu/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a></p>
Pyrzout :vm:<p>Ransomware threat mailed in letters to business owners <a href="https://www.malwarebytes.com/blog/news/2025/03/ransomware-threat-mailed-in-letters-to-business-owners" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">malwarebytes.com/blog/news/202</span><span class="invisible">5/03/ransomware-threat-mailed-in-letters-to-business-owners</span></a> <a href="https://social.skynetcloud.site/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://social.skynetcloud.site/tags/Business" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Business</span></a> <a href="https://social.skynetcloud.site/tags/bianlian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bianlian</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://social.skynetcloud.site/tags/mail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mail</span></a> <a href="https://social.skynetcloud.site/tags/USPS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USPS</span></a></p>
RedPacket Security<p>BianLian Ransom Notes: New Extortion Tactics Target Organizations - <a href="https://www.redpacketsecurity.com/would-be-extortionists-send-bianlian-ransom-notes-in-the-mail/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">redpacketsecurity.com/would-be</span><span class="invisible">-extortionists-send-bianlian-ransom-notes-in-the-mail/</span></a></p><p><a href="https://mastodon.social/tags/threatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintel</span></a> <a href="https://mastodon.social/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://mastodon.social/tags/scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scam</span></a> <a href="https://mastodon.social/tags/BianLian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BianLian</span></a></p>
Dan :dumpster_fire:<p>Not every day you see snail mail paper extortion letters claiming to be <a href="https://infosec.exchange/tags/BianLian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BianLian</span></a> <a href="https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2025-03-04-group-likely-impersonating-BIanLian.md" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/PaloAltoNetworks/Un</span><span class="invisible">it42-timely-threat-intel/blob/main/2025-03-04-group-likely-impersonating-BIanLian.md</span></a></p>
Pyrzout :vm:<p>Scammers Mailing Ransom Letters While Posing as BianLian Ransomware – Source:hackread.com <a href="https://ciso2ciso.com/scammers-mailing-ransom-letters-while-posing-as-bianlian-ransomware-sourcehackread-com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/scammers-mailing</span><span class="invisible">-ransom-letters-while-posing-as-bianlian-ransomware-sourcehackread-com/</span></a> <a href="https://social.skynetcloud.site/tags/1CyberSecurityNewsPost" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>1CyberSecurityNewsPost</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/ScamsandFraud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ScamsandFraud</span></a> <a href="https://social.skynetcloud.site/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttack</span></a> <a href="https://social.skynetcloud.site/tags/CyberCrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberCrime</span></a> <a href="https://social.skynetcloud.site/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a> <a href="https://social.skynetcloud.site/tags/Extortion" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Extortion</span></a> <a href="https://social.skynetcloud.site/tags/BianLian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BianLian</span></a> <a href="https://social.skynetcloud.site/tags/Hackread" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hackread</span></a> <a href="https://social.skynetcloud.site/tags/Ransom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransom</span></a> <a href="https://social.skynetcloud.site/tags/Fraud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fraud</span></a></p>
Pyrzout :vm:<p>Scammers Mailing Ransom Letters While Posing as BianLian Ransomware <a href="https://hackread.com/scammers-mailing-ransom-letters-bianlian-ransomware/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/scammers-mailing-</span><span class="invisible">ransom-letters-bianlian-ransomware/</span></a> <a href="https://social.skynetcloud.site/tags/ScamsandFraud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ScamsandFraud</span></a> <a href="https://social.skynetcloud.site/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttack</span></a> <a href="https://social.skynetcloud.site/tags/CyberCrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberCrime</span></a> <a href="https://social.skynetcloud.site/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a> <a href="https://social.skynetcloud.site/tags/Extortion" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Extortion</span></a> <a href="https://social.skynetcloud.site/tags/BianLian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BianLian</span></a> <a href="https://social.skynetcloud.site/tags/Ransom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransom</span></a> <a href="https://social.skynetcloud.site/tags/Fraud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fraud</span></a></p>
Hackread.com<p>New: Fake <a href="https://mstdn.social/tags/BianLian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BianLian</span></a> ransom letters are showing up in executives’ mailboxes! 📬 Scammers are ditching emails and going old-school to extort money. Don’t fall for it!</p><p>Read: <a href="https://hackread.com/scammers-mailing-ransom-letters-bianlian-ransomware/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/scammers-mailing-</span><span class="invisible">ransom-letters-bianlian-ransomware/</span></a></p><p><a href="https://mstdn.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mstdn.social/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a> <a href="https://mstdn.social/tags/Scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scam</span></a> <a href="https://mstdn.social/tags/Extortion" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Extortion</span></a> <a href="https://mstdn.social/tags/Fraud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fraud</span></a></p>
TrendingLive feeds
About