Kurt Baumgartner

@re_and_more kayaker sez ebfeebfeebfeebfeebfeebfeebfebefe

RE tip of the day: To stop at the entry point of malware that will eventually be executed, insert \xEB\xFE (an infinite loop) bytes there. Then, attach to the corresponding process (consuming a lot of CPU) and restore the original bytes #cybersecurity #malware #reverseengineering

Two U.S. Nationals Sentenced for Facilitating Fraudulent Remote Information Technology Worker Scheme that Generated $5M in Revenue for the Democratic People’s Republic of Korea “For years, the defendants enriched themselves by assisting North Korean actors in a fraudulent scheme to gain employment with U.S. companies,” said Assistant Attorney General for National Security John A. Eisenberg. “The ruse placed North Korean IT workers on the payrolls of unwitting U.S. companies and in U.S. computer systems, thereby harming our national security. NSD will hold accountable those who facilitate North Korea’s illicit revenue generation efforts.” 🔗: justice.gov/opa/pr/two-us-…

filed under harvard law professors that cant read... av: i take the first sentence, especially when i stick my own words in it, to become something of my making, and completely out of place from the rest of the text that follows by the writer.

BREAKING: You checked the weather this morning. And you just told a surveillance company where you sleep. Meet #Webloc, used by ICE, cops & foreign govs to track 500m+ phones. No warrant required. Our latest @citizenlab investigation + how to protect yourself 🧵/1

The @FBI has identified cyber actors associated with Russian Intelligence Services targeting users of commercial messaging applications, including Signal. The campaign targets individuals of high intelligence value, including current and former U.S. government officials, military personnel, political figures, and journalists.   Globally, this effort has resulted in unauthorized access to thousands of individual accounts. After gaining access, the actors can view messages and contact lists, send messages as the victim, and conduct additional phishing from a trusted identity. It's important for you to be aware and take action - this vulnerability is not with the application - but you as the end user.   The FBI and CISA have released a joint PSA to help you identify this activity and protect your accounts: ic3.gov/PSA/2026/PSA26…

Today the Danish Defence Intelligence Service attributed two cyberattacks to Russia. We strongly condemn these attacks against a Danish water utility and Danish websites during elections in DK. We call on Russia to cease these malicious cyber activities fe-ddis.dk/globalassets/f…

his shaihulud-infected package has ~700k weekly downloads. what is the shell-exec package used for? socket.dev/npm/package/sh…

It’s been a while since I read a good blog post about WiFi hacking tricks. The hack does not necessarily have to be complex to work.

Well, that was nuts! Thank you to all of our speakers, staff, sponsors, and guests who made the inaugural 🆘 a smashing success and deepened the vibe. We hope you had as much fun as we did. Au revoir?

On the pod, Dave Aitel reacts to a L3Harris Trenchant exec pleading guilty to selling exploits to Russian brokers @daveaitel

another jabberzeus roundup! krebsonsecurity.com/2025/11/allege…

We’re excited to announce that The Vertex Project (@vtxproject) is a sponsor of State of Statecraft 2025. Their generous support helps make our event possible. The Vertex Project creates technology for analytical teams to provide intelligence-driven insights to decision makers. Check out their website vertex.link to learn more and join us in thanking them for their support! 🙌 #what_is_sos #VertexProject #VertexSynapse

@sygnia_labs hey guys, awesome work. and, typo in your post? "This finding aligns with reporting by Google Cloud Threat Intelligence, which documented the use of CVE-2023-34048 by UNC3668 to exploit vCenter" <-- i think you mean 3886

Sygnia has uncovered #FireAnt — a China-nexus cyber espionage campaign targeting critical infrastructure. The threat actor exploits VMware #ESXi, #vCenter, and network appliances with stealthy, multilayered attacks, showing ties to #UNC3886. Read the full report and defense recommendations: bit.ly/4m3tJWi

State of Statecraft (SOS) is a new security and intelligence conference purposed to bring together observers of espionage, sabotage, influence, and other unique forms of covert statecraft to share their work with a community hyper-focused on tackling state-sponsored ops.

A Chinese cyberespionage actor was arrested in Italy over the holiday and faces extradition to the US. The crew he's connected to is pretty serious. reuters.com/world/china/it…

hey folks, you'll find me where the skies are blue, as "kurtisj". more open source and real free speech, much less trash

@greglesnewich geopolitical power on multiple levels. sometimes you get the led out

apropo of nothing, and not a subtweet at any company/team What causes once great research / intel teams to fade? Obvious answers seem talent flight and stifling from acquisitions, but that can’t be all of it right? Or are our the legacies limited to our tenure?

x-middleware-subrequest: middleware

🚨 GreyNoise has detected active exploitation of Silk Typhoon-linked CVEs in the past 24 hours. 90 threat IPs actively targeting. Full analysis: greynoise.io/blog/active-ex… #GreyNoise #Cybersecurity #SilkTyphoon