x0rz
@x0rz.bsky.social
📤 1493
📥 211
📝 24
Cybersecurity & Threat Intelligence. Knowledge is power, France is bacon 🥓
reposted by
x0rz
Catalin Cimpanu
about 1 month ago
"A Russian citizen suspected of hacking IT systems of Polish companies was arrested in Krakow, Polish Interior Minister Marcin Kierwinski said on Thursday."
www.reuters.com/world/poland...
loading . . .
Poland arrests Russian suspected of hacking Polish companies
A Russian citizen suspected of hacking IT systems of Polish companies was arrested in Krakow, Polish Interior Minister Marcin Kierwinski said on Thursday.
https://www.reuters.com/world/poland-arrests-russian-suspected-hacking-polish-companies-2025-11-27/
0
13
5
reposted by
x0rz
Reuters
3 months ago
AI assistants make widespread errors about the news, new research shows
reut.rs/4qkIfvx
loading . . .
AI assistants make widespread errors about the news, new research shows
Leading AI assistants misrepresent news content in nearly half their responses, according to new research published on Wednesday by the European Broadcasting Union (EBU) and the BBC.
https://reut.rs/4qkIfvx
32
258
200
reposted by
x0rz
Joseph Menn
4 months ago
Taiwan having to defend itself against both China AND Russia would be a tall order.
www.washingtonpost.com/world/2025/0...
loading . . .
Russia is helping prepare China to attack Taiwan, documents suggest
Russia is using its battlefield experience to give Chinese airborne units the training and technical knowhow to carry out lightning-fast operations.
https://www.washingtonpost.com/world/2025/09/26/russia-china-weapons-sales-air-assault/
1
8
8
reposted by
x0rz
Taggart
4 months ago
Dubai chocolate is a psyop
1
5
2
reposted by
x0rz
Eugenio Benincasa
6 months ago
1/ China’s cyber capabilities didn’t start top-down, they started with raw hacking talent. The new CSS/ETH report "Before Vegas" traces how informal talent shaped China’s cyber ecosystem, moving from online forums to industry leaders (link in thread).
1
15
8
reposted by
x0rz
Kristian Kiehling
7 months ago
2/2 Russia at will. Although he claims to be apolitical, he denies responsibility for the crimes that are enabled by his platform. He loves to dish out advice to Western politicians, but hates paying taxes and prefers to live in a dictatorship. In short, he embodies the stereotypical Russian.
loading . . .
Telegram, the FSB, and the Man in the Middle
The technical infrastructure that underpins Telegram is controlled by a man whose companies have collaborated with Russian intelligence services. An investigation by IStories
https://istories.media/en/stories/2025/06/10/telegram-fsb/
1
17
6
reposted by
x0rz
Kim Zetter
9 months ago
Following long practice of US gov indicting Chinese/Russian state hackers for breaching US systems, China has named and issued warrants for 3 NSA workers it says were behind hacks of China systems during Asian Winter Games. Also says University of California and Virginia Tech participated in attacks
loading . . .
China accuses US of launching 'advanced' cyberattacks, names alleged NSA agents
Chinese police in the northeastern city of Harbin have accused the United States National Security Agency (NSA) of launching "advanced" cyberattacks during the Asian Winter Games in February, targeting essential industries.
https://www.reuters.com/technology/cybersecurity/chinas-harbin-says-us-launched-advanced-cyber-attacks-winter-games-2025-04-15/
1
19
9
reposted by
x0rz
Catalin Cimpanu
10 months ago
ESET disputes Microsoft's classification of the FamousSparrow APT as part of the Salt Typhoon group. ESET believes the two APTs may be using a shared digital quartermaster (malware and tools developer).
www.welivesecurity.com/en/eset-rese...
loading . . .
You will always remember this as the day you finally caught FamousSparrow
ESET researchers uncover the toolset used by the FamousSparrow APT group, including two undocumented versions of the group’s signature backdoor, SparrowDoor.
https://www.welivesecurity.com/en/eset-research/you-will-always-remember-this-as-the-day-you-finally-caught-famoussparrow/
1
6
5
reposted by
x0rz
Coach Finstock
10 months ago
When the answer to "are you cheating on me?" is "who told you that?" and not "no"
add a skeleton here at some point
66
2197
401
@hpiedcoq.bsky.social
🇷🇺👀
10 months ago
1
3
0
reposted by
x0rz
Lisa Reyna Loe
10 months ago
Extraordinary comment from Tory MP Graham Stuart: “We have to consider the possibility that President Trump is a Russian asset. If so, Trump's acquisition is the crowning achievement of Putin's FSB career.” (Narrator: It’s extraordinary because our own gd government didn’t say it first.)
126
2661
1049
reposted by
x0rz
John Scott-Railton
12 months ago
It shouldn’t take a panic over Chinese AI to remind people that most companies in the business set the terms for how they use your private data. And when you use their AI apps, you’re doing work for them, not the other way round.
3
75
19
reposted by
x0rz
Deirdre Connolly¹ ²
12 months ago
being able to walk away from the internet, even via laptops was nice
add a skeleton here at some point
0
8
3
reposted by
x0rz
Katie Martin
12 months ago
Ah yes. We're at the 'pUt It On ThE bLoCkChAiN' stage.
27
293
48
reposted by
x0rz
The Register
12 months ago
It's like Ivanti. Every month is zero-day awareness month.
0
2
1
I can never fully know if I already read this "Fortinet 0day in the wild" article 3 weeks ago or if it’s new. Ha, never mind! It’s new 🥲
add a skeleton here at some point
12 months ago
3
17
8
reposted by
x0rz
Sean Lyngaas
12 months ago
LeMonde investigation finds that members of a French nuclear-armed submarine crew inadvertently shared sensitive information about the patrol schedule of the ship via the Strava workout app:
www.lemonde.fr/videos/artic...
loading . . .
StravaLeaks : des dates de patrouilles des sous-marins nucléaires français dévoilées par l’imprudence de membres d’équipage
Des membres d’équipage des sous-marins français dotés de l’arme atomique partagent publiquement leurs activités sportives par le biais de l’application Strava, divulguant ainsi, par inadvertance, des ...
https://www.lemonde.fr/videos/article/2025/01/13/stravaleaks-des-dates-de-patrouilles-des-sous-marins-nucleaires-francais-devoilees-par-l-imprudence-de-membres-d-equipage_6495762_1669088.html
2
26
22
reposted by
x0rz
vx-underground (automated mirror)
about 1 year ago
We're witnessing the evolution of ransomware. Yesterday someone informed us of the existence of the new TTP of AWS S3 extortion. More specifically, Threat Actors abusing the Amazon Key Management Service (KMS) to encrypt company AWS buckets (or any cloud provider).
8
88
34
reposted by
x0rz
hakan
about 1 year ago
incredibly detailed piece on Salt and Volt Typhoon (apparently named as if they're brothers) "a cybersecurity vendor notices the activity and flags it to the port's cybersecurity chief, who examines it and decides it's a false alarm. He heads to lunch at Whataburger."
www.wsj.com/tech/cyberse...
loading . . .
How Chinese Hackers Graduated From Clumsy Corporate Thieves to Military Weapons
Massive “Typhoon” cyberattacks on U.S. infrastructure and telecoms sought to lay the groundwork for potential conflict with Beijing, as intruders gathered data and got in position to impede response a...
https://www.wsj.com/tech/cybersecurity/typhoon-china-hackers-military-weapons-97d4ef95
1
27
8
reposted by
x0rz
John Scott-Railton
about 1 year ago
BREAKING: court finds NSO Group liable for
#Pegasus
hacking of
#WhatsApp
users. Big win for spyware victims. Big loss for NSO. Bad time to be a spyware company. Landmark case. Huge implications. 1/ 🧵
12
653
351
reposted by
x0rz
Max Smeets
about 1 year ago
This aspect of restructuring authority between NSA and USCYBERCOM in light of a dual-hat split is one I hadn’t considered before:
1
9
4
reposted by
x0rz
Ciaran Martin
about 1 year ago
I don’t normally get worked up about the naming threat actors thing. But the Volt & Salt Typhoon is a disaster as it’s so hard for non-specialists to tell them apart: - Salt is Snowden style espionage by China against US - Volt is a direct 🇨🇳 military threat to degrade western infrastructure 1/2
7
131
45
reposted by
x0rz
Catalin Cimpanu
about 1 year ago
The US Treasury has sanctioned Sichuan Silence, the Chinese company that developed exploits against Sophos firewalls
home.treasury.gov/news/press-r...
1
18
11
Why the f*ck does my Windows trying to reach browser.events.data.msn[.]cn
about 1 year ago
1
4
0
reposted by
x0rz
Nicolas Grégoire
about 1 year ago
"The networks are still compromised, and booting the hackers out could involve physically replacing “literally thousands and thousands and thousands of pieces of equipment across the country,” specifically outdated routers and switches" 🕵️♂️
loading . . .
Top senator calls Salt Typhoon ‘worst telecom hack in our nation’s history’
The severity of the Chinese breach highlights the need for more telecommunications regulation, lawmakers say.
https://www.washingtonpost.com/national-security/2024/11/21/salt-typhoon-china-hack-telecom/
1
46
40
More people should use QubesOS
about 1 year ago
3
3
0
reposted by
x0rz
hakan
about 1 year ago
Seems kind of important that Bruno Kahl, head of german foreign intelligence, said that it's his assessment that Russia by the end of this decade will be in a position to initiate an attack against NATO
www.spiegel.de/politik/bnd-...
loading . . .
BND-Chef warnt vor Putins konventioneller und hybrider Kriegsführung
Der Kreml wird versuchen, die Bundestagswahl zu beeinflussen. Davon geht BND-Chef Bruno Kahl aus. Und seine Agenten kommen zu dem Schluss: Russland wird wahrscheinlich Ende der Zwanzigerjahre in der L...
https://www.spiegel.de/politik/bnd-chef-warnt-vor-putins-konventioneller-und-hybrider-kriegsfuehrung-a-63024d92-a241-4aca-9864-19b9606f4557?utm_source=dlvr.it&utm_medium=bluesky#ref=rss
4
34
14
It’s a matter of time, Chinese media/bots will eventually target this platform as well.
add a skeleton here at some point
about 1 year ago
0
12
4
reposted by
x0rz
Winnona
about 1 year ago
CTI is the cause of my brainrot but I really cooked on this
#salttyphoon
#telecomhack
loading . . .
5
49
21
reposted by
x0rz
Taggart
about 1 year ago
Firefox, Thunderbird, Tor Browser RCE:
www.welivesecurity.c...
loading . . .
RomCom exploits Firefox and Windows zero days in the wild
ESET Research details the analysis of a previously unknown vulnerability in Mozilla products exploited in the wild and another previously unknown Microsoft Windows vulnerability, combined in a zero-click exploit.
https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/
0
8
8
reposted by
x0rz
Gabriel Thierry
about 1 year ago
Bonjour, Bienvenue dans ce live-skeet du procès de Florent Curtet, ce trentenaire poursuivi pour des extorsions numériques, jugé en cette fin de mois à Paris par le tribunal judiciaire.
6
51
32
reposted by
x0rz
Sean Gallagher
about 1 year ago
👏IF YOU HAVE A VPN APPLIANCE 👏ON YOUR NETWORK AND 👏YOU DON'T HAVE 2FA OR OTHER VERIFICATION 👏JUST USERNAME/PASSWORD CREDS 👏YOU HAVE AN OPEN DOOR TO YOUR NETWORK 👏YOU ARE GOING TO GET RANSOMWARED
6
98
33
Just got a TLS certificate error on
bsky.app
for a while. Showing the cert for ism[.]bible. The fuck?
about 1 year ago
0
3
0
reposted by
x0rz
Horkos
about 1 year ago
Nearest Neighbor? Espionage.
www.wired.com/story/russia...
Salt Typhoon? Espionage.
wapo.st/3CHK3dQ
GRU’s use of Moobot? Espionage.
www.justice.gov/opa/pr/justi...
MSS hack of MSFT? Espionage.
www.cisa.gov/sites/defaul...
SolarWinds? Espionage.
www.lawfaremedia.org/article/sanc...
add a skeleton here at some point
0
24
7
Why is it *ALWAYS* UTC+8 👀🇨🇳
add a skeleton here at some point
about 1 year ago
0
3
0
reposted by
x0rz
Taggart
about 1 year ago
This is your reminder that DMs here are _not encrypted_. They're not even really part of ATProto. It's on the roadmap, but that's not the case now. DMs are centralized and unencrypted. Behave accordingly.
5
63
29
reposted by
x0rz
Horkos
about 1 year ago
Close access technical operations are never going away; there’ll always be at least edge cases requiring physical proximity to target. But given the risks involved, pursuing remote means to achieve “close”-style tactics is likely a trend that has been ongoing but only just now coming into the light.
add a skeleton here at some point
1
28
4
reposted by
x0rz
Andy Greenberg
about 1 year ago
Russian spies—likely Russia's GRU intelligence agency—used a new trick to hack a victim in Washington, DC: They remotely infected another network in a building across the street, hijacked a laptop there, then breached the target organization via its Wifi.
www.wired.com/story/russia...
loading . . .
Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack
In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street.
https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/
12
580
375
reposted by
x0rz
Melissa K. Griffith
about 1 year ago
The “messy middle between war and peace is not the only grey zone that hackers are exploiting. They are also straddling the line between “crime and statecraft” and the distinction between “espionage and attacks”." Read my latest piece in Articles of War below.
loading . . .
Hybrid Threats and Grey Zone Conflict Symposium – Cyber Operations are Thriving in the Grey - Lieber Institute West Point
Cyber operations are thriving in a series of grey zones, widening the aperture of what is possible short of war.
https://lieber.westpoint.edu/cyber-operations-thriving-grey/
1
3
3
Bluesky be like
add a skeleton here at some point
about 1 year ago
0
5
0
reposted by
x0rz
Steve YARA Synapse Miller
about 1 year ago
Much like the conservation of mass-energy, the "detection evasion paradox" suggests that detection surface area cannot be created nor destroyed, only transformed or transferred to another form. Every attempt to hide generates a new signal.
0
15
3
reposted by
x0rz
DPRK CERT
about 1 year ago
We are excited to announce
#Trump
has nominated our very own Park Jin Hyok as director of the
#FBI
.
0
59
18
The X social network is being weaponized by both its CEO and Russia. It’s more of a botnet now. Sad world.
add a skeleton here at some point
about 1 year ago
0
6
0
Oopsec
add a skeleton here at some point
about 1 year ago
0
4
0
reposted by
x0rz
lcamtuf
about 1 year ago
Vulnerability names: this is log4shell. We named it this way because it's in log4j and gives you shell. Threat actor names: this is HAIRY EEL, aka VIOLIN HIPPO, no relation to VEXING MACKEREL. Also known as APT-74, formely APT-C-92. We named it this way because he's a guy in Bulgaria
3
110
34
reposted by
x0rz
Sam Sabin
about 1 year ago
CrowdStrike has identified a new China hacking group that's been targeting telecom networks since at least 2020. The group has primarily targeted networks in SE Asia and Africa — but it also have the ability to use their access to breach other networks.
www.axios.com/2024/11/19/c...
loading . . .
Exclusive: CrowdStrike finds that yet another China-linked hacking group is targeting telecom networks
The discovery comes as the U.S. responds to a sprawling China hack of officials' phones.
https://www.axios.com/2024/11/19/china-liminal-panda-telecom-breaches
2
28
21
reposted by
x0rz
Intel Night OWL 🦉🇺🇸
about 1 year ago
The two submarine cables that are cut:
#CLion1
- between
#Finland
and
#Germany
#BSC
- between
#Sweden
and
#Lithuania
yle.fi/a/74-20125395
Thank you
@henrikytonen.bsky.social
for the correction of the second cable name!
loading . . .
Yritykset Ylelle: Liettuasta Ruotsiin menevään datakaapeliin kohdistunut fyysistä vahinkoa
Yle kertoo tuoreimmat tiedot aiheesta tässä artikkelissa.
https://yle.fi/a/74-20125395
4
92
47
reposted by
x0rz
Ryan Castellucci 🜬
about 1 year ago
Oh, I never posted my gotofail story on here. Early 2014, someone came to me about a catastrophic vulnerability in Apple's TLS implementation. I shit you not, they'd overheard someone at a bar drunkenly bragging about how they were going to sell it to a FVEY intelligence agency for six figures.
7
459
121
Load more
feeds!
log in
