Belgrade tonight: It looks like the Serbian people have had enough of Kremlin puppet Vučić. https://t.co/VlyPgkXE3A

Hello, @socradar team. I understand that you’re desperately trying to make money and continually lowering your standards, but MiniMedusa is not a DDoS attack tool. Neither is my parser. Maybe spend some bucks on training your AI goons?

Public Advisory 🚨: The National Security Operations Centre warns the public about a Chinese cyber-espionage group exploiting vulnerabilities in outdated Juniper routers, urging users to upgrade hardware, apply patches, and tighten access controls. #NetworkSecurity #NSOC

I created a small parser for Minimedusa (the MegaMedusa configuration, an L7 DDoS tool). It uses @teamcymru Whois, @circl_lu Passive DNS service and an RDNS lookup for enrichment. There's also a MISP JSON to import the feed in @MISPProject https://t.co/239uhpYkf3

Did you know that since v3.0.0 of misp-modules and v3.0.1 of misp-docker/misp-modules it is possible to load custom misp-modules without building your own image? Just drop them in the corresponding /custom/ directory. https://t.co/xlRr5kat9R https://t.co/5ID9j5Ppg4

New publication by ANSSI: "Cyber Threat Overview 2024". CERTFR-2025-CTI-004 https://t.co/AVtMwhLDJe

“Washington est devenu la cour de Néron”.

Clever technique by UNC5792. Abusing the Signal “Linked Devices" feature, by replacing the code for an invite to a group with the code to link a new device to Signal. https://t.co/3LvtQRrOcT

#homeoffice

Vulnerability in Billion Electric Router - Use of Hard-coded Credentials. https://t.co/gDBSF3PN7U CVE-2025-1143 ; routers typically used in an industrial environment. #cve #ics

A clever technique to fool detection analysts: path masquerading to disguising malware as legit system files in SIEM logs. Unicode tricks make C:\Program Files\Windows Defender look real, hiding payloads in plain sight. https://t.co/9RJl5q8pDW #siem #soc #monitoring

Garden view ...

Reporting by AhnLab shows Kimsuky keeps relying on LNK malware in spear-phishing attacks, but also shifting to the use of RDP Wrapper and Proxy to remotely control the infected systems instead of installing backdoors. https://t.co/aRNHJrPJxX IOCs: https://t.co/vZ5yKiLa9r

AIL Project v6.1 released with new features including unsafe filter for Tor crawling, many bugs fixed and Telegram attachment analysis #darkweb #opensource #ail #threatintelligence #threatintel https://t.co/FqXuhO4zZS

Agencies now released guidance on digital forensics & monitoring for edge devices to boost threat detection & incident response. https://t.co/Z1qsfqbwCl #initialaccess #ir

Malware Bible is now opensource: https://t.co/6ztrul9P2M Feel free to make pull requests how you see fit, ilysm!

Google’s Threat Intelligence Group (GTIG) found that threat actors (mostly Iran, China and DPRK) using generative AI (Gemini) gain productivity but no novel capabilities. https://t.co/tNasp32NE4 #ai

If you’re using @letsencrypt certificates it becomes time to setup a certificate expiration monitor (if you haven’t done already).

#fosdem

"Open Source is political" ... #fosdem "Cryptography is political"