Dropping this today: ChamelGang & Friends | Cyberespionage Groups Attacking Critical Infrastructure with Ransomware. In collaboration with @JulianVoeg from @RecordedFuture . 🧵A quick summary and a few thoughts on the use of RSW by APTs.

Presenting at @HagueTIX with @JulianVoeg was an amazing experience! So many insightful talks! Huge thanks to the organizing team (@monica_kello, Corianne Oosterbaan, and the PC) for having me. Already looking forward to next year, wouldn’t miss it!

RT @JohnLaTwC: Think Deeper. One line of this @SentinelOne blog (🙏 @TomHegel and @milenkowski) stood out to me. 💭"Encrypts and password-p….

RT @780thC: Follow the Smoke | China-nexus Threat Actors Hammer At the Doors of Top Tier Targets.June 9, 2025, Sentinel Labs..

Get the full story here:. [2/2].

We just released our findings on long-term activity clusters attributed to China-nexus actors. We discuss a relatively underreported, yet critical, aspect of the threat landscape: the targeting of cybersecurity vendors. Big shout out to @BlackLotusLabs for their support! [1/2].

Huge thanks to the @SLEUTHCON team for having me and putting on such a great event! It was a pleasure presenting with Sreekar from @ValidinLLC on North Korean activities. Stay tuned, more to come from us soon.

RT @JohnHultquist: Last week to get your @SLEUTHCON tickets!.

RT @BfV_Bund: Das #BfV_Bund und weitere internationale Partner warnen aktuell vor Aktivitäten der russischen GRU-Einheit 26165, die eine Cy….

RT @bindinghook: Read an excerpt from @milenkowski, @jirominier, @JulianVoeg, @Maxwsmeets, and Taylor @tgrossman_’s new report on state use….

It was a pleasure collaborating with @TomHegel and Jim Walter on this one. Read our blog here:. [2/2].

🚨New research drop: Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries. 🌐 China-nexus APTs targeting supply chains.🔍 DPRK IT workers infiltrating hiring pipelines.🛠 Ransomware crews probing EDR platforms [1/2].

Excited to be part of the incredible @SLEUTHCON lineup with the @ValidinLLC team!.

It was a pleasure to collaborate with @jirominier (@DCSO_de), @JulianVoeg (@RecordedFuture), @Maxwsmeets (@VirtualRoutes), and @tgrossman_. Read the report here: [2/2].

🚨New research drop: Ransomware’s New Masters: How States Are Hijacking Cybercrime. This @VirtualRoutes report offers a comparative analysis of ransomware use by suspected state-aligned clusters from Russia, China, North Korea, and Iran. [1/2]

RT @VirtualRoutes: 💡The third report of the Pharos Series, Ransomware’s New Masters: How States Are Hijacking Cybercrime by @milenkowski, @….

RT @securityaffairs: A data leak exposes the operations of the Chinese private firm #TopSec, which provides #Censorship-as-a-Service.https:….

RT @780thC: SentinelLABS has analyzed a data leak from TopSec, a Chinese cybersecurity firm offering services such as Endpoint Detection &….

The leak provides insights into how private cybersecurity firms help the state and the CCP monitor and censor online discourse — especially during corruption scandals. [2/2]. 🔍 Read more:

🚨 New Research Drop. 📢 Censorship as a Service | Leak Reveals Public-Private Collaboration to Monitor Chinese Cyberspace. @spiderspiders_ , @DakotaInDC , and I analyzed a leak containing infrastructure details and work logs from employees of a security firm in China. [1/2].

This is going to be an amazing talk. It is great to see in depth research on an increasingly relevant attack vector: the firmware. Make sure you catch it if you are attending @REverseConf.