https://riga.sh/tags/threat-intel/Recent content in Threat-Intel on RigaHugo 0.125.0en-usFri, 12 Jun 2026 00:00:00 +0000https://riga.sh/toolbox/-threat-intel/Fri, 12 Jun 2026 00:00:00 +0000https://riga.sh/toolbox/-threat-intel/I endorse nothing you’ll do with these tools, use them at your own risks. Combining multiple sources while investigating is highly recommended. Remember, these tools are only there to help your investigation, the conclusion is up to you. This list is updated often, check the date above for the latest update. Domain and IP Threat Intel Search by IP, domain, or network owner for real-time threat data https://talosintelligence.com/ Website reputation checkerhttps://riga.sh/investigations/noname05716/Sun, 21 Jul 2024 00:00:00 +0000https://riga.sh/investigations/noname05716/NoName057(16) is a pro russian hacking group targeting multiple strategic organizations (by DOS/DDOS) associated with countries supporting Ukraine in the ongoing war. They also rely on Botnets (infected machines) to carry large scale attacks. They are very talkative on different platforms, sharing their assets and targets, so I’ll try to summarize all of this here. NoName057(16) operates on two principal Telegram channels: 🇷🇺 https://t.me/noname0571 🇬🇧 https://t.me/noname05716eng They mainly share news about their attacks: What makes NoName057(16) interesting, is their community implication where anyone can download their DOS/DDOS tools, ask questions and support their actions broadly.https://riga.sh/investigations/government-phishing/Wed, 20 Dec 2023 00:00:00 +0000https://riga.sh/investigations/government-phishing/Recently, I received quite an unusual phishing email. At first, it looks like a typical delivery phishing, but it came from… a government address! It came from the doctor appointment service from the Serbian Ministry of Health: This domain has no DMARC policy in place, meaning it could be more easily beings used to spread malicious emails. The email is simply an image rendered by HTML, and linked 2 fraudulent files: