Great presentation from Jason Smart & Kris McConkey on one of the threat actors using Winnti malware, behind targeting of telcos, dissidents, academia (esp in HK), & govt. And who apparently keeps a very close eye on what’s said about them on social media 👀👋 #CyberThreat19

First piece of open-source reporting on China-based Bronze Butler in a while, but looks like they’re still going heavy on Japan

If you’re a girl interested in cyber security or if you know any who might be interested, the Cyber First Girls competition is an amazing opportunity! Registration has just opened for 2020 ⤵️

Super interesting showing how the leak of the unredacted UK-US trade documents was carried out like an information operation - no technical links to Russia tho; the connections include similar language mistakes and media sites used

An international law enforcement operation has exposed the world’s most harmful cyber crime group, Evil Corp. Maksim Yakubets has been indicted in the United States following unprecedented collaboration between the NCA, FBI, NCSC UK & U.S. Department of Justice. nationalcrimeagency.gov.uk/news/internati…

Surely the definition of asking to be caught

Expect all sorts of action against these events by GRU hackers. Especially since the last time they tried we didn’t even bother to blame them for it.

[Thread]1/ This one is about the fake news claiming that a sick boy on the floor of a hospital in leeds was staged by his mother. We know the story is real, Dr Yvette Oade, chief medical officer at Leeds even apologised bbc.com/news/uk-englan…

Threat intel summed up in GIFs

Listen in if you want to hear me try and explain what OSINT is...

cf87475a87cb2172e73ee6afa7eb6384 super interesting lure, 32-bit or 64-bit DLL payload we uniquely associate with #kimsuky. 1305506bc1777f82315412c9faf71b63 8bac633f24d21e9f88425e0d3fbaf5c5 C2 at happy-boy.pe[.]hu, hosted at 156.67.222[.]187 John go team🔥

#Kimsuky Dropper: cf87475a87cb2172e73ee6afa7eb6384 Payloads: 1305506bc1777f82315412c9faf71b63 8bac633f24d21e9f88425e0d3fbaf5c5 C2: happy-boy[.]pe[.]hu CC: The Banshee Queen👑

I’ve been tracking #kimsuky for a while. Excited to share Part 1 of a 2-part series - exploring how the threat actor’s campaigns are connected by infrastructure overlaps, consistent TTPs, and overall strategic objectives. pwc.co.uk/issues/cyber-s…

Check out PwC UK #ThreatIntel 2019 Year in Retrospect report, featuring analysis and commentary on the threats we observed last year! And, shoutout to my amazing team for their research, proud to have been able to contribute to this ⭐️

Covering everything from threats to mobile, to the cyber crime scene, to sabotage threat actors sowing chaos - check out the 2019: A Year in Retrospect report, written by me and The Banshee Queen👑 with help from the rest of the brilliant PwC #ThreatIntel team pwc.co.uk/issues/cyber-s…

So excited to share my newly finished website today! Thanks to @quazums for being a stellar dev (and reverser) and helping me make it amazing. Check out all things me at saffronsec.com

In the much awaited part 2, The Banshee Queen👑 shows infrastructure overlaps of clusters and consistency in overall mission objectives of NK-based Black Banshee/#Kimsuky pwc.co.uk/issues/cyber-s…

Check out my and Louise 's blog on how both misinformation and disinformation campaigns have exploited COVID-19 pwc.to/2WrvTph #cybersecurity

Over the last few months we've been posting about our research into #Wellmess with analysis on the malware, and the controller, this time around we've taken a look at the #Wellmail side of house. #threatintel pwc.co.uk/issues/cyber-s…

CFP closes on Friday, get your submissions in for what is going to be a brilliant conference