Method of infection: Water-holing
OSIRIS used a Social Engineering method called “water holing” to attack German IP addresses.
How does water holing attack work?
- The victim enters the infected website.
- The website checks if the target IP is German.
- If it’s a German IP – few evasion techniques are used to bypass EDR
- And then the virus connects to its command server through the Darknet
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW,
And see where your Company is Exposed to Hackers
Recently Posted on AUMINT.io Blog
🕵️♂️ Free Threat Intel Feeds CISOs Secretly Rely On 🕵️♂️
Behind the scenes, most CISOs quietly tap into open-source threat intelligence feeds that rival paid platforms. Here are some that consistently deliver high value at zero cost:
1️⃣ Abuse.ch Feeds – Malware, ransomware, and botnet tracking (URLhaus, SSLBL, MalwareBazaar).
🔗 https://abuse.ch
2️⃣ AlienVault OTX – Community-driven IoCs with global sharing.
🔗 https://otx.alienvault.com
3️⃣ MISP Feeds – Indicators from the popular open-source threat sharing platform.
🔗 https://www.misp-project.org/feeds/
4️⃣ Cybercrime Tracker – C2 server tracking for malware families.
🔗 http://cybercrime-tracker.net
5️⃣ PhishTank – Verified phishing URLs submitted by the community.
🔗 https://phishtank.org
6️⃣ ThreatFox – IOC sharing platform focused on malware & threat actors.
🔗 https://threatfox.abuse.ch
7️⃣ Feodo Tracker – Botnet C2 feed with real-time updates.
🔗 https://feodotracker.abuse.ch
⚡These feeds fuel SOC alerts, enrich SIEM rules, and give CISOs a tactical edge without blowing the budget.
At AUMINT.io, we push this further – simulating how attackers test these same intel gaps against your employees through spear-phishing, vishing, and real-world deception. Because knowing about threats is one thing – training humans to resist them is the real defense.
🔗 Ready to test your human threat surface? Book a free demo
#ThreatIntelligence #CISO #CyberSecurity #AUMINT #FraudPrevention