[Securelist] A comprehensive report on common TTPs of modern ransomware groups came out! It contains technical details, attribution, and Sigma rules. Highly recommend reading it: securelist.com/modern-ransomw…

There's just one week left to apply to join our team this fall as a paid intern! Join us remotely to learn more about the intersection of cybersecurity and geopolitics, as well as project management and content development. atlanticcouncil.org/careers/intern…

Released a blog today on #Maui ransomware. No ransom notes and not connected with any RaaS provider. stairwell.com/news/threat-re…

🚨🚨 We are hiring a Deputy Director to help determine the direction of our research + carry out analysis and engagement on open source software, cloud and/or cyber safety. This position is housed in DC with the option for full-time remote work in the US. atlanticcouncil.org/job-opportunit…

New —> US officials say 1000s of North Koreans are landing jobs at tech firms overseas, offering a critical source of funding for DPRK weapons programs. I spoke to 1 crypto entrepreneur who, the FBI told him, had a North Korean on the payroll for months. cnn.com/2022/07/10/pol…

For scholars studying cybersecurity: Center for Peace and Security Studies (cPASS) and the Cyber Escalation Lab at UCSD announced a Call for Papers for a two-day workshop titled "Cyber Escalation in Conflict: Bridging Policy, Data, and Theory." For more information, please visit: cpass.ucsd.edu/cyber/index.ht…

"Bob Jervis made important contributions to research on cyber conflict because he knew that, although it was fought using new kinds of tools, it was still conflict" Honored to share reminiscences & contributions from Bob Saltzman Institute of War and Peace Studies tnsr.org/roundtable/rem…

Albania is severing diplomatic relations with Iran in response to the cyberattack that crippled government services in July. This is one of the strongest diplomatic responses to cyberattacks I've ever seen. For more on the attack and our attribution see: mandiant.com/resources/blog…

The world of Ransomware is full of surprises: LockBit allegedly paid out their first “bug bounty” to someone who highlighted decryption flaws in the LB3 ESXi variant. The flaw made it possible to bypass having to pay the ransom for a key

We had a lovely Columbia University Political Science cohort reunion yesterday after 2+ years. So good to see you all! Lily Yao Jenny Jun Norashiqin Toh @adamparkernyc Daniel Thomas Noah Zucker

🚨🚨 JOB ALERT 🚨🚨 The Atlantic Council's Cyber Statecraft is looking for an Associate Director to help drive the team's research agenda and carry out vigorous analysis and external engagement, focusing on the cybersecurity of digital systems. atlanticcouncil.org/job-opportunit…

The US Government is a step closer to recovering crypto ransom paid by a Kansas healthcare provider last year to suspected North Korean hackers. A judge ruled the govt can take control of the crypto accounts, hackers have 35 days to claim it (unlikely) or risk it being forfeited.

A small push towards bringing the broader pool of Security Studies and International Relations students towards Threat Intel with some confidence in analyzing malware! Tell your friends :)

Make sure to check out this cool virtual event taking place tonight put on by our friends Belfer Center on DPRK cyber operations. The event also features CSI fellow Jenny Jun! Find registration here: belfercenter.org/event/north-ko…

(Have I mentioned, perhaps, that I wrote a book on cryptocurrency tracing and how it's been used to bust one record-breaking cybercriminal operation after another for years and that it's coming out a week from tomorrow?) amazon.com/Tracers-Dark-G…

Today, Natalia Slavney and I published new research on the penetration of cellphones in North Korea. Using data from the 38 North Digital Atlas, we came up with a coverage map of the network based on over 1,000 identified base stations. (1/3) (map by Ryan Kleissler)

Such a mismatch: International relations theorists: ransomware is not much a natsec threat Reality: Over half of UK COBRA meetings are on ransomware. Not half of all *cyber* meetings, half of ALL therecord.media/ransomware-inc…

Tomorrow at 2PM ET, CSET Research Fellow Jenny Jun will testify before the House Foreign Affairs Indo-Pacific Subcommittee on North Korea's use of cyber attacks to fund its nuclear program. Tune in ⬇️ foreignaffairs.house.gov/hearing/illici…

"The focus should be on identifying especially vulnerable targets in specific situations, rather than trying to conduct a net assessment as to whether AI favors the cyber offense or defense writ large." Read Jenny Jun's latest for War on the Rocks. warontherocks.com/2024/04/how-wi…