Thank you @ecrime.ch for being #PIVOTcon26 Silver Sponsorπ₯³
Read more about: @ecrime.ch here: ecrime.ch
They detect extortion threats, stolen data, and brand exposure before attackers escalate - with verified intelligence.
Our sponsors: pivotcon.org/sponsors
screenshot of tweet saying "who the fuck is playing pokemon in antarctica" with a trade partner in antarctica
photo of me in antarctica playing my switch. adelie penguins are in the background
photo of me in antarctica playing my switch, with pokemon legends z-a. adelie penguins are in the background.
I've waited 3 years to make this post
#PIVOTcon2026 call for papers is open!
Remember, it's #PIVOTcon for a reason - your proposal should give insight into techniques and methodology, not just "what my favorite threat group did last summer". π
Bring on those proposals! #CFP
Our annual review is out covering technical highlights such as
- Engineering resilience against critical loss
- Passkeys
- The future of digital identity
- Post quantum crypt transition
- Our Initiate r&d program with industry
- Radical transparency in technology
.. and more
You know you want to speak at Disobey 2026. And now is your chance to do that!
Our CfP is open at: cfp.disobey.fi/disobey-2026/
Check the guidelines from the link and send your proposal by Sep 30th!
Tap in to the stream this week for some YARA fun, highlighting some crazy rules, how I think about learning yara (or anything) as a mid-career professional, and more!
I don't think it is, but nobody will stop you...
Well, where else do you get fresh Yara rules?
cc @stvemillertime.bsky.social @greg-l.bsky.social
Screenshot of email showing a fake email quarantine summary. Used as a social engineering lure to trick recipients into clicking links and entering their credentials on a phishing site.
Finally a new template for a phishing email.
Sender IP: 45.138.48[.]158
Subject: Your email quarantine summary!!!
URLscan: urlscan.io/result/01980...
Phishing URL reported and blocked by Google Safe Browsing already.
five times more
Which AI do you use for your messaging?
@greg-l.bsky.social drops knowledge on TA406 (Konni) as North Korea shows new interest in Ukraine, likely to keep tabs on the progress of the war and Russia's ability to keep pace on the battlefield www.proofpoint.com/us/blog/thre...
Incidents impacting retailers β recommendations from the NCSC
www.ncsc.gov.uk/blog-post/in...
amazing work from Palo Alto and Wired today on TraderTraitor (aka SlowPisces, UNK_MachoMan, UNC something or other, Jade Sleet)
unit42.paloaltonetworks.com/slow-pisces-...
www.wired.com/story/trader...
and a minor line item, only one mention of the L word is a major success
Infosec must not remain silent while Trump goes after Chris Krebs: www.eff.org/deeplinks/20...
Aaaaand we have just released the #PIVOTcon25 #agenda Again You will find there crΓ¨me de la crΓ¨me of #CTI #ThreatIntel #ThreatReserch Top researchers tracking both APTs and cybercriminals using very clever and effective PIVOTs ππͺ Link and thank you β¬οΈ1/2
Month by month comparison of observed events on data leak sites.
Overview for February 2025 on events, to countries, actors and sector.
Top 10 actors and top 10 countries impacted by ransomware and data leaks.
February 2025 was a high-volume month on data leak and ransomware sites. Our system picked up and enriched 705 events, the highest ever.
CL0p has been active posting victims from their December 2024 attack against vulnerable Cleo servers.
Get the full picture with our subscription at eCrime.ch
And now I need to figure out what is "Zone 1" in London :-D
I'll do the call without you and will repeatedly ask what you have to say π€£
"Greg? Greg? Guess he is not on"
Screenshot showing logos of police organisations involved in taking down/seizing the dark web site
Great job by police organisations around the globe to seize domains and arrest #ransomware operators of Phobos/#8BASE.
www.khaosodenglish.com/news/2025/02...
A teen DOGE staffer recently given access to government systems worked at a startup known for hiring convicted hackers. Someone using a Telegram handle associated with him also solicited a cyberattack-for-hire service in 2022. All raising questions about his vetting. www.wired.com/story/edward...
Subscribing to WIRED should be mandatory for anyone who is concerned about what's happening and wants in-depth coverage from journalists who have been reporting on privacy, security, feds, and national security for years. Plus my besties @dell.bsky.social and @couts.bsky.social work there.
auth is being worked on and new version should come next month
Interesting report from Twitter:
"Another certificate was acquired by this company and used to sign a malicious kernel driver. The driver injects an IIS module into w3wp.exe, embedding JS into webpages that redirects to a Chinese adult site, tricking users into downloading a spyware-like app."
Image generated by Apple "Image Playground" showing a cyclist in front of a mountain scenery.
Strange, dann bin ich einfach ein NachzΓΌgler :)
keine Ahnung, hatte heute einfach eine Meldung und konnte es aktivieren. Habe schon immer Englisch eingestellt.
@benkoe.com Apple Intelligence seit heute in der Schweiz verfΓΌgbar?
Wayback Machine capture of MTV News.
This year, we worked swiftly to save legacy media sites Vice.com and MTVNews before decades worth of valuable journalism could be erased. These sites are now searchable on the Wayback Machine!
Help us in saving these resources:: https://archive.org/donate/?origin=blsky-eoy2024
hey, leave us out of that
