Notable discovery from @DragosInc on a newly weaponized ICS capability referred to as "FrostyGoop" used in a real-world disruptive event leading to a power outage in Western Ukraine in January 2024. This finding is important for the global Energy sector relying on internet-accessible ENCO devices. “The fact that it can interact with devices remotely means it doesn't necessarily need to be deployed to a target environment,” [Magpie] Graham says. “You may potentially never see it in the environment, only its effects.” A remotely deployable capability in-the-wild combined with prevalent exposure of ENCO devices is likely to increases the risk profile of horizontal escalations in the event of cyber-misfires resulting from testing, refinement, mis-attribution of infrastructure, or misguided cyber attacks.

#TheGazaYouDontSee is a fascinating hashtag that shows a different perspective of what life in Gaza is/was like

ShodanHQ offers again a lifetime membership for one time 5 USD (you have to login with a free account to see the offer) @shodanhq account.shodan.io/billing/me…

Threads by @instagram is live!

Financially motivated cybercriminal group Sangria Tempest (ELBRUS, FIN7) has come out of a long period of inactivity. The group was observed deploying the Clop ransomware in opportunistic attacks in April 2023, its first ransomware campaign since late 2021.

Orqa claims a 'greedy former contractor' secretly installed malicious code into the headset's firmware years ago. But the contractor claims it all boils down to a licensing dispute. pcmag.com/news/headset-maker…

ICYMI - We published our Q1 2023 Adversarial Threat Report today: about.fb.com/news/2023/05/me… #threatintel #cybersecurity #disinformation

Introducing VirusTotal Code Insight: empowering threat analysis with generative AI. This tool is based on Sec-PaLM (LLM) and helps explaining behavior of suspicious scripts. Code Insight is available now for all our users! More details by @bquintero: blog.virustotal.com/2023/04/…

Today VirusTotal announced that each sample uploaded will be accompanied by "Code Insight". Code Insight uses Sec-PaLM, one of the generative AI models by Google, to explain what the malicious binary is doing. Code Insight is available to all users. tl;dr "they took my job"

A recent leak of sensitive US intelligence documents, including some marked “Top Secret”, has caught the attention of the US Justice Department and Pentagon. But where and how did these documents appear online? Bellingcat investigates: bellingcat.com/news/2023/04/…

In response to the #3CXpocalypse / #3CX, a group of us have put together a self-service site to look up if you were potentially impacted. If you're connecting from an IP address that was flagged, the header will turn red. checkmyoperator.com/

A small glimpse into how AI will fundamentally change our lives in the coming years.

Quite possibly the easiest info op ever

If you're looking for readings for your morning coffee, let it be this.

Took about 80 years to develop but the V-3 rocket is finally live...

It had to be on a Friday

Just a reminder that Queen Elizabeth has reigned for 30% of U.S. history.