.

This is one of the best takeways from #fast16 story. I cannot but agree more. This is so close to how I explain the journalists why fast16 hasn't been found until now. Kudos to Trey Darley. Checkout his full piece on Trusting Trust: propertools.be/fieldwork/fiel…

After 11 years of silence at Black Hat, I am delivering a speech today. In memory of a legendary APT Hunter, Mr Sergey Mineev, who passed away 40 days ago. If you cannot attend, here is the write-up: sentinelone.com/labs/fast16-my…

Sergey Mineev was the greatest APT hunter of all time. He sought no glory, he just loved the hunt. And his discoveries repeatedly redefined our collective knowledge of global cyberespionage.

Cybersecurity 2026 | The Year Ahead in AI, Adversaries, and Global Change: sentinelone.com/blog/cybersecu…

NEW: Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels sentinelone.com/labs/operation… Collab from @milenkowski and @luigi_martire94

Here's the decrypted, 2nd stage dex payload of the Android Monokle spyware from this amazing story below: 3613a76be3c6f0d7f6108920cbd4bcedc4c9a4c3607136a747f77f3c099f7322 - on @virustotal: virustotal.com/gui/file/49023…

The Global Surveillance Free-for-All in Mobile Ad Data: krebsonsecurity.com/2024/10/the-gl…

#SaveTheDate 🚨🚨🚨#PIVOTcon25 is coming: 7-9 May 2025 👀👀👀 Book your calendars to sit with us on the #yellowsofa and listen to the top threat intelligence research and analytical pivots 💪 #CTI #ThreatIntel New venue ⬇️ 🇪🇸 🏖️ 1/3

💔 This week's show is the full keynote day remarks from Juan Andres Guerrero-Saade at #LABScon24. In this talk, Juanito addresses the current state of threat intel, expressing a need for a difficult conversation about its direction and purpose. He discusses feelings of disenfranchisement among professionals, the void in meaningful work, and the importance of reclaiming control and value in cybersecurity. @juanandres_gs @craiu LISTEN: securityconversations.com/episode/ep13-t…

🎉 #ENISA's Threat Landscape 2024 is now live! Based on the analysis of over 11,000 incidents, the report highlights the top cybersecurity threats and trends of the past year. 🔗Download the full report here: europa.eu/!FxYT9v #EnisaTL24

We @vtxproject have decided to make the Synapse Bootcamp training materials freely available for anyone to learn on their own! Let us know what you think! vertex.link/training/bootc…

Hackers the movie was released 29 years ago today! September 15th 1995. Hack the planet!

The time has come, and with it your reading material for the week. Phrack #71 is officially released ONLINE! Let us know what you think! phrack.org/issues/71/1.ht…

#FIN7 Reboot | Cybercrime Gang Enhances Ops with New EDR Bypasses and Automated Attacks: sentinelone.com/labs/fin7-rebo…

Hacktivism or just cybercrime? NullBulge is using poisoning-the-well attacks to hit AI enthusiasts and game modders alongside big compenies like Disney, deploying ransomware, and claiming to rebel against AI. Great work by Jim Walter 👇

Previously on Dragon Ball Z, the Spanish media reported a 'hacker' was arrested via the Spanish Police working in conjunction with the United States Federal Bureau of Investigation. The individual arrested as a 22-year-old male from the United Kingdom. He was not immediately identified to the media by law enforcement. Today we received confirmation on this individuals identity and alleged crimes. For the safety and privacy of multiple parties involved (including the accused) we cannot divulge too much information. The individual arrested operated under the alias 'Tyler'. He is a sim swapper and is allegedly involved with the infamous Scattered Spider group. Most notably he is believed to be a key component of the MGM ransomware attack, and is believed to be associated with several other high profile ransomware attacks performed by Scattered Spider.

Yet another example of why the "APT vs Cyber Crime" debate is myopic, outmoded, and needs to be put out to pasture... 😅 microsoft.com/en-us/security…

NEW: Spyware maker pcTattletale says it's shuttered and is "out of business" after the recent data breach. pcTattletale founder Bryan Fleming said he no longer has access to the company’s AWS account, which was used to store terabytes of victim's data. techcrunch.com/2024/05/28/pct…

#XZ Utils #Backdoor | Threat Actor Planned To Inject Further Vulnerabilities: sentinelone.com/blog/xz-utils-…

After TheTruthSpy got hacked again, time to update the list of hacked stalkerware makers. -Retina-X (2x) -FlexiSpy -Mobistealth -Spy Master Pro -SpyHuman -Spyfone -Family Orbit -mSpy -Copy9 -Xnore -TheTruthSpy (3x) -KidsGuard -Xnspy -Support King -LetMeSpy -Spyhide -WebDetective