Don't miss @tlansec's talk at 12:00 BST tomorrow, Oct 5, at #VB2023 in London! He will share @Volexity's research + observations of a North Korean #apt using unique, persistent #socialengineering techniques to target victims. More here: https://t.co/kwj60Nch3K #threatintel #dfir

North Korea 🇰🇵 thinks it's easier to steal 0day from researchers than to find it themselves. If you are doing security research or have privileged access you have to assume you could be targeted at some point by a nation state.

Check if you've communicated with Paul091_! Outside of the 0-day, they also pushed their github project, GetSymbol - meant to help researchers download symbols. But it contains an update channel that could allow them to run arbitrary exes on machines of interest!

This is peak UI design.

@Volexity @Microsoft365 @Microsoft It turns out our investigation turned up nothing because there was nothing for us to find. The incident was invisible to us with the data at our disposal and this was due to the customer's M365 license level: E3. This is likely the most common license level for most orgs. 3/7

3 vacantes abiertas en Google Malaga Software Engineer, Backend, VirusTotal, Google Cloud https://t.co/ZepgQtyhgC Solutions Consultant, VirusTotal https://t.co/O599caIz7U Security Engineer, VirusTotal https://t.co/j9d22Z3Ukj

Snap is hiring security engineers for D&R and threat intel roles in Switzerland (we have offices in Zurich and Yverdon-les-Bains): https://t.co/gp9oql7oVF & https://t.co/J9oI2wxXzq Retweets for visibility are much appreciated!

The legend of @moranned coming to present research at BlueHat Israel 🎉

We are hurtling towards our finale. Join us to meet the character who helped us reach an assessment of Xiaoruizhi's APT affiliation.

Introducing our main character of this investigation... Wuhan Xiaoruizhi Science and Technology Company

Google Málaga += 2 vacantes Software Engineer, Infrastructure Integrator, VirusTotal, Google Cloud https://t.co/e1cwtr1IgN Security Engineer, VirusTotal https://t.co/zyk9zrEfE9

Officially on the job market today. Anyone looking for an old TI guy with a "smidge" of years under his belt, let me know. Happy to have a chat.

So finally feel like I can talk about this. Santa as in https://t.co/1T0hNmP7lt now supports file access authorization. This means that we can authorize if a binary should be able to open a file/path and leverage code signing for targeting/filtering.

“Litigation was filed against several of CryptBot’s major distributors who we believe are based in Pakistan and operate a worldwide criminal enterprise.” @pmbureau and the team taking on cybercrime on a number of fronts. https://t.co/me0xTx1Jrd

@vtxproject is looking for non-profit orgs with an intelligence use case that would benefit from having #synapse. We plan to select a few with compelling missions and donate #synapse enterprise licenses/support. Reply, DM, or join slack https://t.co/lU0MpjB70M if you have ideas!

In a previous life, Alex found more APT campaigns in a day than most vendors did in a year. If you want to increase positive coverage of your flashy new widget, no better person to help you do it!

The likely DPRK 3CX incident was part of a DOUBLE supply chain incident (access from one supply chain compromise was used to create another). Leapfrogging this way allows the actor to create a vicious cycle that expands their footholds exponentially.

🆕 Updates from @Google TAG on recent APT, IO and Crime from 🇷🇺🇧🇾 actors against 🇺🇦 and regionally. 🎣 and more from 🇷🇺GRU, 👻🖊️, 🇨🇺💰 looking like APT and IO from the once adored 👨‍🍳. 1/🧵 https://t.co/vKd8VCUUj2

7 Apr: iOS/Mac 0day in the wild patched https://t.co/WPbcBm5wtJ 14 Apr: Chrome 0day in the wild patched https://t.co/MUqdJqLMmK Both found by @_clem1 (TAG). Two different surveillance vendors. Great finds! Great fast patching! 👍 Wish these weren't so common though. 😔

"To maximize the performance of Chrome on high-end devices, we are now targeting them with a version of Chrome that uses compiler flags tuned for speed rather than binary size." Up to 30% faster on the Speedometer 2.1 benchmark! 🏎 https://t.co/6iDsKYJVn8