OSINT collection playbooks updated with recent threats: Domino, PoshC2, Play, WhiteSnake, etc. 🦠

Each month SEKOIA.IO updates the configuration of its collection playbooks to automatically gather Indicators of Compromise (IoCs) of new threats. Our collection playbooks are aggregating, enriching and contextualising IoCs from community threat intelligence feeds (URLhaus, ThreatFox, and others) and analysis of Hatching Triage sandbox. This time, we have added: * New or recent information stealers: Atomic MacOS Stealer (aka AMOS), WhiteSnake (aka Gurcu); * Android trojans: Chameleon, DAAM, FakeCalls, XploitSpy; * Remote access trojans: Lime RAT, RomCom RAT, Rok RAT, Running RAT, Spark RAT, Vanilla RAT; * And other malware families, including Domino backdoor, PoshC2, Play ransomware; SEKOIA proactively monitors new malware advertised on underground forums or Telegram channels, as well as the threat groups operating them. If you want to know more about these malware families, read the associated malware object in the SEKOIA.IO Intelligence Center.