kurt baumgartner

Is Now on VT! on X: "Although none of the Coruna hashes mentioned by Google and iVerify are on @virustotal just yet, we uploaded a number of samples from live exploit kit harvesting, using the URLs from the @ValidinLLC blog and also samples shared by @matteyeux on GitHub. Here's a list of" / X Although none of the Coruna hashes mentioned by Google and iVerify are on @virustotal just yet, we uploaded a number of samples from live exploit kit harvesting, using the URLs from the @ValidinLLC blog and also samples shared by @matteyeux on GitHub. Here's a list of

Although none of the Coruna hashes mentioned by Google and iVerify are on
@virustotal
just yet, we uploaded a number of samples from live exploit kit harvesting, using the URLs from the
@ValidinLLC
blog and also samples shared by
@matteyeux
on GitHu...

x.com/Now_on_VT/st...

These ridiculous mega-projects like "datacenters in space" (doomed by thermodynamics) make a LOT more sense when you realize they're massive Ponzi schemes designed to transfer wealth from pension funds to VC's through "fee stacking."

It's the old Assets Under Management con. It should be illegal.

If you are a resident of California, the state now has a portal where you can demand deletion of your personal data from 500+ registered data brokers with a single request form, for free.

consumer.drop.privacy.ca.gov

MatrixLLC sanctioned "for their acquisition and distribution of cyber tools harmful to U.S. national security". it appears that they acquired eight stolen 0day and/or "tools" and sold to non-NATO

home.treasury.gov/news/press-r...

Russia charges Telegram founder Pavel Durov with facilitating terrorism as the Kremlin escalates its crackdown on the app — Meduza Russia has opened a criminal investigation into Telegram founder Pavel Durov on charges of facilitating terrorist activity, according to articles published February 24 in the nation’s newspaper…

Russia has reportedly launched a criminal investigation into Telegram founder Pavel Durov, accusing him of enabling "terrorist activity." This follows months of "traffic degradation" and attempts to move the public to Max, a state-sponsored alternative. meduza.io/en/feature/2...

I don’t understand how people can say the billionaires are out of touch, this person has obviously studied humans.

you brought his search history to bluesky? you are the pam bondi of playground romance committee

Epstein is mentioned very often in the Trump files.

AI found 12 of 12 OpenSSL zero-days (while curl cancelled its bug bounty) — LessWrong This is a partial follow-up to AISLE discovered three new OpenSSL vulnerabilities from October 2025. …

Have we reached the stage of “many AIs make all bugs shallow”?
Great writeup on AI, open source, & bug bounties by @stanislavfort.bsky.social cofounder of AISLE.

“Mass adoption collapsed the median quality (“slop” killed bug bounty..) but.. raised the ceiling”

www.lesswrong.com/posts/7aJwgb...

ghidrav12 pyghidra problems?
pip/pip3, versioning, virtual environments?

unpopular opinion - python still sucks

if only they collected a royalty every time that thing showed up. or they could have charged per pew...

the related propublica link is here

www.propublica.org/article/the-...

Predator iOS Spyware: Undocumented Anti-Analysis Techniques Jamf Threat Labs reveals Predator spyware's sophisticated anti-analysis capabilities including error code taxonomy, crash monitoring and detection evasion.

www.jamf.com/blog/predato...

Cyberattack Targeting Poland’s Energy Grid Used a Wiper A cyberattack that targeted power plants and other energy producers in Poland at the end of December used malware known as a “wiper” that was intended to erase computers and cause a power outage and o...

Exclusive: A cyberattack targeting Poland's energy infrastructure in December used wiper malware that would have erased grid computers and rendered them inoperable had it not been thwarted, a researcher at @ESET told me. The researcher calls the attack "unprecedented" for Poland and "substantial"

Google Pixel 'zero-click' exploit caused by AI, mysterious Poland grid attacks, China bans US cyb... YouTube video by Three Buddy Problem

great start with opsec tips...
1. don't upset the tail.
2. if you end up face to face, just ask for the time and DO NOT take a selfie with them. :)
3. oh yeah, and use google docs, at the appropriate time. no surprises.

youtu.be/pooCY4ZOYSM?...

DEF CON Radio from SomaFM Music for Hacking. The DEF CON Year-Round Channel.

Just a friendly reminder that the exemplary humans at @somafm keep #defconradio going all year long. Stream the vibe immaculate at somafm.com/defcon/.

#defcon #grooves

kevin still maintains the title for the best business card i received

Advertising is coming (to AI)

confer.to/blog/2025/12...

sorry, disagree. this person has certainly heard of the civil rights movement...

Looking Back at 2025's Cybersecurity Landscape: Key Trends to Watch in 2026
tlpblack.net/blog/2025121...

Belarusian KGB put spyware on phones of detained journalist.

Growing list of cases where authoritarian regimes use detention to implant spyware on phones:

🦠Belarus
🦠Kenya
🦠Serbia

And likely plenty more.

Important investigation & reminder that dictators don't always need zero-days.

React2Shell Exploitation in the Wild: CVE-2025-55182 Analysis

Full technical analysis on our blog:

tlpblack.net/blog/2025120...

i was cranked up on a cranberry sauce rage yesterday. there were no posters to warn us

Someone on Twitter writes: "Why are we normalizing $85-90 hoodies?" The attached photo shows a woman who looks exasperated.

Let me show you the difference between a $40 hoodie and a ~$100 hoodie. 🧵

RE//verse 2026 Training - Advanced Linux Malware Reverse Engineering with Marion Marschalek This fast-paced 3-day training explores Linux internals and Linux binary analysis techniques, before jumping right in with common Linux malware. Work through advanced samples, Linux software protectio...

Squeeeee 🥳 I'll be teaching my Advanced Linux Malware Reverse Engineering class at RE//verse conference in 2026!! MORE Linux APT insides and peculiarities😍🥰🤩Pls share if you can🙃
shop.binary.ninja/products/re-...

cool. aluminum can strip?

LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices Commercial-grade LANDFALL spyware exploits CVE-2025-21042 in Samsung Android’s image processing library. The spyware was embedded in malicious DNG files.

The spyware is delivered through malformed DNG image files exploiting CVE-2025-21042...

The exploit chain possibly involved zero-click delivery using maliciously crafted images, similar to recent exploit chains seen on iOS and Samsung Galaxy.

unit42.paloaltonetworks.com/landfall-is-...

Crossed wires: a case study of Iranian espionage and attribution | Proofpoint US Proofpoint would like to thank Josh Miller for his initial research on UNK_SmudgedSerpent and contribution to this report.  Key findings  Between June and August 2025,

New Iran drop from me tracking an attribution nightmare - UNK_SmudgedSerpent! A little Charming, a little Muddy, and a lot C5. Targeting policy experts with benign conversation starters, health-themed infra, OnlyOffice spoofs, and RMMs. Check out the full story www.proofpoint.com/us/blog/thre...

according to the liberation newspaper, documents dating back to a 2014 inspection by the French National Agency for the Security of Computer Systems reported a staggering detail: "the password of the louvre's video surveillance server was simply " louvre. "

the password to the louvre surveillance server was "louvre"

www.thesocialpost.it/2025/11/02/f...

Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody A Ukrainian man indicted in 2012 for conspiring with a prolific hacking group to steal tens of millions of dollars from U.S. businesses was arrested in Italy and is now in custody in the United States...

another jabberzeus roundup!
krebsonsecurity.com/2025/11/alle...