Looks like these were released minutes after Microsoft released Patch Tuesday... I don't know if this is trolling or genuine anger

Honestly if the account didn't release two working exploits before, I'd dismiss YellowKey Bitlocker bypass as an elaborate troll. Just read check the README github.com/Nightmare-Ec...

Babe wake up, new Windows privesc just dropped. #GreenPlasma. Oh and also Bitlocker bypass #YellowKey github.com/Nightmare-Ec...

Intellexa had a secret US partner with government ties that fed it Android and iOS exploits on a revenue sharing scheme 🫥 via @jurrevanbergen.nl www.antenna.gr/ereynes/arti...

Gordon Ramsey, technical writing, and the importance of people who care rachelandrew.co.uk/archives/202...

I'm not joking when I say mRNA technology is more important than "AI" and it's a tragedy we're throwing billions into one while our government is aggressively defunding the other.

Cisco Talos recently published an analysis of an EDR killer used by the #Qilin #ransomware gang. #ESETresearch tracks this threat as #CardSpaceKiller and we recently provided additional insights in our blog www.welivesecurity.com/en/eset-rese... 1/6

ESET Inspect killed the Axios compromise execution chain on Windows straight out-of-the-box. Renaming PowerShell is a terrible tradecraft if it was intended as EDR evasion. "Renamed PowerShell Execution [D0411]" is a simple yet solid EDR indicator.

#ESETresearch has identified a Silver Fox campaign that actively takes advantage of the current annual tax filing and organizational change season in Japan, a period when companies generate a high volume of legitimate financial and HRrelated comms. www.welivesecurity.com/en/business-... 1/8

This is a correct take. AI compliance is over hyped. It’s just a flavor of privacy compliance. Processes and people help mature compliance here.

Is your business thinking about going all-in on AI for cyber defense? Security experts have a warning: Don't do that. "If Claude wrote your YARA rules, they’re probably crap." My story from #RSAC: www.cybersecuritydive.com/news/ai-cybe...

Paying to market your company on an Incel Camino is *A Choice*. I didn't know anything about SecureOS before I saw this. Now I'm on a mission to ensure that doesn't change.

in the age of networked systems where major powers conduct conflicts either through proxies or at stand-off distances, expecting an adversary to abdicate a meaningful means of asymmetric cost imposition simply because of your morality is utterly, laughably naive. the message for defense: git gud.

#ESETresearch analyzed more than 80 EDR killers, seen across real-world intrusions, and used ESET telemetry to document how these tools operate, who uses them, and how they evolve beyond simple driver abuse. www.welivesecurity.com/en/eset-rese... 1/6

June 2023: a Google data center in France floods and they call it a “water intrusion event” February 2026: an Amazon data center in the Middle East is literally struck by a fucking ballistic missile in a hot war and they call it “impacted by objects” https://health.aws.amazon.com/health/status

Definitely a little bit of projection from Microsoft here 😂 www.microsoft.com/en-us/securi...

Microsoft Defender researchers observed attackers using yet another evasion approach to the ClickFix technique: Asking targets to run a command that executes a custom DNS lookup and parses the `Name:` response to receive the next-stage payload for execution.

I'm convinced AI is our generation's radium - a discovery with genuinely useful applications in specific, controlled circumstances that we stupidly put in everything from kid's toys to toothpaste until we realised the harm far too late where future generations will ask if we were out of our minds.

Breaking: Tragedy at the Winter Olympics

Russian GRU-linked cyber-espionage group APT28 is now using an Office zero-day disclosed last week for spear-phishing campaigns targeting Ukrainian targets, per a new Ukraine CERT report cert.gov.ua/article/6287...

#BREAKING #ESETresearch provides technical details on #DynoWiper, a data‑wiping malware used in a data‑destruction incident on December 29, 2025, affecting a company in Poland’s energy sector. www.welivesecurity.com/en/eset-rese... 1/5

Extensive report by CERT.PL on Poland’s energy grid incident. cert.pl/en/posts/202...

Release of ESET Protect Cloud 7.0 marks the beginning of big changes for our EDR cloud console. Advanced Search, the main feature being rolled out, allows you to search through indicators using Lucene. It's a more log-based approach enabling access to the underlying EDR and AV data.

Can we just tell all of the "Signal is an op" guys that all of the real high-opsec organizing is being done on some Telegram channel so they can all go there and cosplay at each other?

Looks like, it really is release day tomorrow.

#BREAKING #ESETresearch identified the wiper #DynoWiper used in an attempted disruptive cyberattack against the Polish energy sector on Dec 29, 2025. At this point, no successful disruption is known, but the malware’s design clearly indicates destructive intent. 1/5

Exclusive: A cyberattack targeting Poland's energy infrastructure in December used wiper malware that would have erased grid computers and rendered them inoperable had it not been thwarted, a researcher at @ESET told me. The researcher calls the attack "unprecedented" for Poland and "substantial"

Now you understand why every pro-Kremlin Twitter bot has spent 90% of its time over the past decade defending or pushing crypto and blockchain tech while randomly publishing some political tweet once in a while?

The data on more than 8,000 users of far-right dating site WhiteDate was scraped and leaked online after its administrators didn't secure their WordPress site properly cybernews.com/security/inv...

In 2025, #ESETresearch analyzed hundreds of hands-on-keyboard ransomware attacks, mostly hitting manufacturing, construction, retail, technology, and healthcare. Most of these were seen in the US (17%), Spain (5%), and France, Italy, and Canada (4% each). 1/5

I can remember two incidents that involved PRNI. In both, the information received helped to contain the incident before ransomware was deployed. Disturbing to see damage to a clearly useful and actually working initiative.

This is super good news: Docker Hardened Images are now available for free for all devs. These can form a much more secure baseline of your containerized apps.

Gotta say, I think Marcus makes an interesting point.

Why is Microsoft bundling Security Copilot licenses with E5? Clearly because they can't sell it as a standalone product. In other news, E5 costs will certainly go up "due to enhanced value." www.darkreading.com/cybersecurit...

bless the heart of whoever posted this and thought it sounded good, lol

I always thought MITRE Enterprise Evals were for security solutions like EDRs. Imagine my surprise seeing Cyberani MDR in the results. MDR is a service, right? Even Cyberani says it's "more than a service". Didn’t Managed Services used to have their own Evals? Did I dream that?

The only thing you really need to know about this year’s MITRE ATT&CK Evaluations is that it had the lowest number of participating vendors ever. Only 11 vendors took part. The APT3 evaluation back in 2018 had 12.

I've built a lot of systems around Elasticsearch and can tell you this Intellexa backend has really shit mapping just based on the screenshots. I'd be embarrassed to show this to the customer. securitylab.amnesty.org/latest/2025/...

#ESETresearch is heading to #AVAR2025? Dec 4, Thursday in Kuala Lumpur, 11:00–11:30 MYT. ESET researchers Anton Cherepanov & Peter Strýček present: "Sniffing Around: Unmasking the LongNosedGoblin operation in Southeast Asia and Japan”. 1/3

Things must be going really well for Cobalt Strike if they’re advertising on …checks notes… Reddit.

Anthropic's AI cyberespionage report feels as odd as the last one. Just 13 pages, it has none of the traditional components of a usual threat intel report (IoCs, payload hashes, etc.) and it seems to bury the lead re: technical sophistication. I wonder if a target will come forward. #infosec

This is spot on. Quantum’s gonna be the next cyber grift (again), after the bottom falls out of GenAI. www.linkedin.com/posts/nathan...

Short Answer: Fuck no. Long Answer: If a company tries AI phrenology in their hiring process, they're guaranteed to do worse things once you work there. Don't.

I'm glad that, until next year, I don't have to be aware of cybersecurity anymore.

LUCASARTS PRESENTS Columbo in: SCUMM of the Earth #pixelart

Saw some cool glowing rocks last week. My brain: These must be delicious.

Omg, the solution to CIA's Kryptos being discovered by someone becoming a subject matter expert, going on location, and finding the plaintext sitting in a vault several miles away is the absolute *perfect* ending to Kryptos. You couldn't write it. Just absolutely A+ www.nytimes.com/2025/10/16/s...