It’s messages like this from DFIR teams, in the trenches, helping victims recover from ransomware attacks, on the daily, that say my resource is “saving us loads of time” is what makes being a security researcher sooo fulfilling at times 🤘💯 #CTI #ThreatHunting

🇷🇺 Pavel Durov, CEO of Telegram, has been arrested in 🇫🇷 France for allowing criminal activity on Telegram. ➡️ Big implications here due to the Russian military’s reliance on Telegram for communications as well as its overall popular use in Russia. reuters.com/world/europe/t…

Never forget 👇

Great article and advice on UK 🇬🇧 legal and ethical guidelines around OSINT investigations 🕵🏻‍♂️🕵🏻‍♀️

Update on the ransomware attack during the 🇫🇷 Paris 2024 Olympics: - It was the Brain Cipher group - They also attacked the Indonesian national data center a few months ago - They reportedly use the leaked LockBit 3.0 builder theregister.com/2024/08/29/bra…

ICYMI: #StopRansomware alert on RansomHub

Bruno Mars = DPRK 🇰🇵 Confirmed

If you take the 14 #Bitcoin wallet addresses from the Br0k3r 🇮🇷 report by CISA & FBI and put them into Arkham, you can see that Br0k3r has been using Binance 🕵🏻‍♂️ cisa.gov/news-events/cy…

Created a VT collection of 9 likely Havoc C2s on BL Networks (AS399629/BLNWX) following the recent Operation Oxidový report by SEQRITE on a suspected 🇷🇺 #Russian #APT campaign targeting Czech officials with #NATO-themed lures 1.virustotal.com/gui/collection… 2.seqrite.com/blog/operation…

I'm excited to be speaking at the Infosecurity Magazine Online Summit on September 10th! Register for your free ticket and to access expert education sessions, hear from information security experts and join the discussion on the latest trends! invt.io/1txb1tdrmb7

And it seems that more cybercriminals from outside of Russia, are joining or using this global underground economy too from: — Iran 🇮🇷 (Br0k3r, DarkBit) — DPRK 🇰🇵 (H0lyGh0st, Maui, FakePenny) — China 🇨🇳 (ChamelGang, Cinnamon Tempest)

New advisory on 🇷🇺 Cadet Blizzard (aka Ember Bear) - FBI, NSA, and CISA assess Cadet Blizzard is GRU Unit 29155, consisting of junior active-duty GRU officers - This is the group that infamously deployed WhisperGate against 🇺🇦 Ukraine, pre-war in Jan 2022 cisa.gov/news-events/cy…

It was interesting to me how it was called out that GRU Unit 29155 is consisting of “junior active-duty GRU officers” — tracking this group further shall, in theory, reveal the cyber warfare development pipeline for these GRU destructive teams