🔥 New open-source #Suricata rules 🔥 rules.ptsecurity.com For over a year now I’ve been sharing interesting #malware findings in network traffic here! Today I want to share our project PT Rules🎉 (there are many rules written for the threats I indicated in my tweets below⬇️)

Nature is Amazing ☘️ Australonuphis or beach worm, you don't see it, but it sees you

Tomorrow (06/12), I and my colleague Aleksandr Badaev will be speak at the 27th Annual Cyber Security Conference #AVAR2024 (AVAR Asia) in Chennai, India 📍 It’s my 2nd international conference as a speaker (eng) 🤩 More details about our talk ⬇️ aavar.org/cybersecurity-…

Everywhere I’ve worked, the GraphQL API was slower than what it replaced.

🇷🇺Recently read an excellent article by Lontz on #LummaC that confirmed patterns I’d been tracking since last year. It was so actionable I used Silent Push to pivot on potential Lumma #Stealer panels (via their favicon) and built a useful VT query to hunt for their #C2 domains

linkedin.com/posts/denis-ku…

krebsonsecurity.com/2025/01/master…

medium.com/@s.lontzetidis…

Ted Codd theorized that tightly coupling storage to the query engine would make it easier for users to access data. Modern #NoSQL databases like MongoDB shatter that belief with robust query API's supporting Document data models. RDBMS was great when apps used data in rigid

PT SWARM expert Vladimir Vlasov found a critical flaw (CVE-2024-50337, CVSS 3.1 score of 9.8) in Chamilo—used by 40M+ e-learning & training accounts—that allowed remote code execution via SOAP. Patches are out after responsible disclosure. #cybersecurity

Hi! We've published an article about new attacks of #darkcaracal #APT on the LATAM region. There we discussed TTPs and the similarities between #bandook and #pocorat. global.ptsecurity.com/analytics/pt-e…

We analyzed the Crypters And Tools service—used by hackers to disguise malware. This CaaS tool has been linked to PhaseShifters, TA558 & Blind Eagle. Attackers hide malware in images & evade detection. Details: global.ptsecurity.com/analytics/pt-e…

Threat Hunting Introduction: Cobalt Strike rushter.com/blog/threat-hu…

⚡️ FreeIPA fixed critical CVE-2025-4404, discovered by our researcher Mikhail Sukhov! This vulnerability allows an authenticated attacker to escalate privileges from host to domain admin. 🔗 Advisory: freeipa.org/release-notes/…

🧠 Our researcher Sergey Tarasov discovered a vulnerability (CVE-2025-49689) in NTFS on MS Windows. The article dives into the exploitation path, file system internals, VHD format, and more. 🔗 Read the article: swarm.ptsecurity.com/buried-in-the-…

Today we released write up about vulnerability that I found and which was patched recently in NTFS.sys CVE-2025-49689. Enjoy! swarm.ptsecurity.com/buried-in-the-…

Sales team will kill me later. I've published Vulners GPT linked to the unlimited OEM API key.....Free for all. Including private exploit databases. Just want to see what will happen :) #chatgpt #exploit #vulners #cve #vulnerability chatgpt.com/g/g-686f5a77f3…

🚨 Ransomware Diaries: Volume 7 is here!!! The story of Yaroslav Vasinskyi, the REvil hacker behind the Kaseya attack. From encrypted cities to a Polish prison cell, this is the human side of state-enabled cybercrime. Read now ➡️ analyst1.com/ransomware-dia… #Ransomware #Cybercrime