Vangelis tix Stykas

@Sagaxyz__ I've send an email to both CEO and CTO. Is there a security email ?

@evstykas please dm.

"kids as a service" wardriving fleet was not on my 2026 bingo card. Children don't know. the parents don't know. the WiFi owners don't know. but the server knows...

@TurvSec I’ve spent (not wasted) thousands of hours on td and hero Defense and still play it from time t time. Especially X hero Defense

@evstykas Struggle to remember the names but this i do remember!

Anyone else play Tower Defence? God I miss those days.

@Gi7w0rm You did not answer though ...

An apparently Chinese Mobile Game heavily marketed in Europe casually asking me if I am a Government employee during a "What do you think about our game" survey...

@Gi7w0rm Oh…

To a specific threatactor out there: Don't attempt to rely on technology you do not understand yourself. I will annoy you now 😈

@L0Psec @malwrhunterteam Any C2s ? Asking for a friend...

More of these stealers shared by @malwrhunterteam :) XOR, system(), popen(), etc. Low detections on VT. Can be time consuming to decode. Both delivered via DMG and named Application\.app, which is weird. Also potentially interesting entitlements.

@TurvSec @hetmehtaa

@hetmehtaa There's some good ways to make money in infosec: ✅YouTube ad revenue ✅Infosec Twitter X revenue ✅Freelance Consulting ✅Building tools for donations ✅Paid speaking at cons/podcasts/whatever

What are the ways people make money in cybersecurity? Apart from bug bounty and courses.

This could’ve been a spreadsheet but i vibecoded a whole web app instead disclosures.kumio.ai 3 of them are solar clouds...

So I guess . "From url to APT wipe in less than 10 minutes!". YEAY ME!

3 minutes and a chatgpted script later we are as good as new! All deleted and clean!

APT you say ? Lets see what we can do in 10 or less minutes to an APT! Ready ? SET ! GO!

Iran: blocks the internet Someone: accidentally becomes the sole operator of their C2 infrastructure. FUCK..

@vxunderground Defcon 34 talk ?

Today ALPHV ransomware group (who swears they've never rebranded) informed me they've made a new ransomware group with a new and cool and badass name. I learned a few things. 1. ALPHV follows me on social media. They pay attention to my posts (including kitty cat pictures). 2. ALPHV informed me that they're no longer going to use TOR for ransomware leaks or negotiations because "the FBI can fuck it". Instead everything they do will be stored on the blockchain. Using the blockchain for malware, and malware accessories, isn't a new malware concept, however it is a relatively ... rare ... or more exotic TTP. If my memory serves me correctly (which it rarely does), the North Korean government has used cryptocurrency blockchains for malware delivery mechanisms and C2 persistence. They told me they'll be using ICP (Internet Computer Protocol) blockchain. I initially thought they meant "Insane Clown Posse" blockchain. For a brief moment in time I thought the Juggalos were getting involved in ransomware. I'm not a cryptocurrency nerd, but they said they use ICP blockchain because ICP can "run smartcontract on server". I have no idea what this means. What does all of this mean? I don't know. I've been out of the loop on cybercrime TMZ.