You know you want to speak at Disobey 2026. And now is your chance to do that! Our CfP is open at: cfp.disobey.fi/disobey-2026/ Check the guidelines from the link and send your proposal by Sep 30th!

Tap in to the stream this week for some YARA fun, highlighting some crazy rules, how I think about learning yara (or anything) as a mid-career professional, and more!

Well, where else do you get fresh Yara rules? cc @stvemillertime.bsky.social @greg-l.bsky.social

Finally a new template for a phishing email. Sender IP: 45.138.48[.]158 Subject: Your email quarantine summary!!! URLscan: urlscan.io/result/01980... Phishing URL reported and blocked by Google Safe Browsing already.

@greg-l.bsky.social drops knowledge on TA406 (Konni) as North Korea shows new interest in Ukraine, likely to keep tabs on the progress of the war and Russia's ability to keep pace on the battlefield www.proofpoint.com/us/blog/thre...

Incidents impacting retailers – recommendations from the NCSC www.ncsc.gov.uk/blog-post/in...

amazing work from Palo Alto and Wired today on TraderTraitor (aka SlowPisces, UNK_MachoMan, UNC something or other, Jade Sleet) unit42.paloaltonetworks.com/slow-pisces-... www.wired.com/story/trader... and a minor line item, only one mention of the L word is a major success

Infosec must not remain silent while Trump goes after Chris Krebs: www.eff.org/deeplinks/20...

Aaaaand we have just released the #PIVOTcon25 #agenda Again You will find there crème de la crème of #CTI #ThreatIntel #ThreatReserch Top researchers tracking both APTs and cybercriminals using very clever and effective PIVOTs 😎💪 Link and thank you ⬇️1/2

February 2025 was a high-volume month on data leak and ransomware sites. Our system picked up and enriched 705 events, the highest ever. CL0p has been active posting victims from their December 2024 attack against vulnerable Cleo servers. Get the full picture with our subscription at eCrime.ch

Great job by police organisations around the globe to seize domains and arrest #ransomware operators of Phobos/#8BASE. www.khaosodenglish.com/news/2025/02...

A teen DOGE staffer recently given access to government systems worked at a startup known for hiring convicted hackers. Someone using a Telegram handle associated with him also solicited a cyberattack-for-hire service in 2022. All raising questions about his vetting. www.wired.com/story/edward...

Subscribing to WIRED should be mandatory for anyone who is concerned about what's happening and wants in-depth coverage from journalists who have been reporting on privacy, security, feds, and national security for years. Plus my besties @dell.bsky.social and @couts.bsky.social work there.

Interesting report from Twitter: "Another certificate was acquired by this company and used to sign a malicious kernel driver. The driver injects an IIS module into w3wp.exe, embedding JS into webpages that redirects to a Chinese adult site, tricking users into downloading a spyware-like app."

@benkoe.com Apple Intelligence seit heute in der Schweiz verfügbar?

This year, we worked swiftly to save legacy media sites Vice.com and MTVNews before decades worth of valuable journalism could be erased. These sites are now searchable on the Wayback Machine! Help us in saving these resources:: https://archive.org/donate/?origin=blsky-eoy2024

The Annual Report for the National Cyber Security Centre is out www.ncsc.gov.uk/collection/n... Threat assessment: www.ncsc.gov.uk/collection/n...

It’s complete! The script migrated 37.7 million archived posts, making them lightning-fast to search.

Well, I am doing it a different way now, as the import broke down after two weeks. And now it might actually work and is fast :-D

#PIVOTcon25 #CfP is open and you can submit your proposals till 7 FEB 2025 Remember - one track,30m - no recording/streaming/tweeting. U should feel comfy to share more - No TLP:WHITE - Original content only Let us guide u through with a little meme-thread #CTI #ThreatIntel 1/10

I have no words - and if you know me, that's super surprising! Thank you to the Australian Information Security Association (AISA) for the awards to Kids SecuriDay for Best STEM Promoter of the Year and Community Education Program of the Year!

Another 'major cyber incident' at a UK hospital, outpatients asked to stay away

Discovered bsky-follow-finder.theo.io to find more interesting people to follow here

Yara rule to match concatenated zip files. I like this one (biased) because of how we are able to avoid matching nested zip files. More info: x.com/threatinsigh... #yara github.com/EmergingThre...

Trying to migrate 34 million SQL rows to an OpenSearch system. Time remaining: 1364 hours. I am sure there must be a better way :-D