Crystal Diaz
@crisscr0ss.bsky.social
Threat hunter | Malware nerd
🇵🇷🪖👾
🇵🇷🪖👾
Pinned
Crystal Diaz
@crisscr0ss.bsky.social
· Nov 16
Welp, time to build again. Let’s get started 😎
Reposted by Crystal Diaz
Angelina Jolie used her Instagram platform to shed light on Russia’s so-called ‘human safari’ in Kherson. It is a deeply important and much-appreciated gesture.
November 9, 2025 at 12:51 PM
Angelina Jolie used her Instagram platform to shed light on Russia’s so-called ‘human safari’ in Kherson. It is a deeply important and much-appreciated gesture.
Reposted by Crystal Diaz
Hey, so as a veteran and incident responder I need to warn you to pay attention to something in America.
The human brain is resilient. While you're watching kids get dragged away from the parents and people being beaten in the streets, you're accumulating trauma but also being desensitized.
The human brain is resilient. While you're watching kids get dragged away from the parents and people being beaten in the streets, you're accumulating trauma but also being desensitized.
October 29, 2025 at 9:15 PM
Hey, so as a veteran and incident responder I need to warn you to pay attention to something in America.
The human brain is resilient. While you're watching kids get dragged away from the parents and people being beaten in the streets, you're accumulating trauma but also being desensitized.
The human brain is resilient. While you're watching kids get dragged away from the parents and people being beaten in the streets, you're accumulating trauma but also being desensitized.
Reposted by Crystal Diaz
Forget common backdoors — a DLL hijack in Windows Narrator can grant SYSTEM-level persistence at login. In our new blog, Principal Security Consultant Oddvar Moe shows how attackers abuse accessibility features and what defenders should monitor. Read now! trustedsec.com/blog/hack-ce...
Hack-cessibility: When DLL Hijacks Meet Windows Helpers
trustedsec.com
October 28, 2025 at 3:01 PM
Forget common backdoors — a DLL hijack in Windows Narrator can grant SYSTEM-level persistence at login. In our new blog, Principal Security Consultant Oddvar Moe shows how attackers abuse accessibility features and what defenders should monitor. Read now! trustedsec.com/blog/hack-ce...
Reposted by Crystal Diaz
Ransomware payment rates have dropped below 25% for the first time in history.
Coveware says cyber defenders, law enforcement, and legal specialists should take this as a validation of their efforts.
www.coveware.com/blog/2025/10...
Coveware says cyber defenders, law enforcement, and legal specialists should take this as a validation of their efforts.
www.coveware.com/blog/2025/10...
October 26, 2025 at 11:14 AM
Ransomware payment rates have dropped below 25% for the first time in history.
Coveware says cyber defenders, law enforcement, and legal specialists should take this as a validation of their efforts.
www.coveware.com/blog/2025/10...
Coveware says cyber defenders, law enforcement, and legal specialists should take this as a validation of their efforts.
www.coveware.com/blog/2025/10...
Reposted by Crystal Diaz
I'm honored to have President @barackobama.bsky.social on Team Mikie.
This movement is about delivering something better for New Jersey — lower costs, more opportunity for our kids, and a government that's truly accountable to the people.
This movement is about delivering something better for New Jersey — lower costs, more opportunity for our kids, and a government that's truly accountable to the people.
October 17, 2025 at 11:18 AM
I'm honored to have President @barackobama.bsky.social on Team Mikie.
This movement is about delivering something better for New Jersey — lower costs, more opportunity for our kids, and a government that's truly accountable to the people.
This movement is about delivering something better for New Jersey — lower costs, more opportunity for our kids, and a government that's truly accountable to the people.
Reposted by Crystal Diaz
NSO Group confirms that it has a US buyer and whole thing is even sketchier than you would imagine: techcrunch.com/2025/10/10/s...
Spyware maker NSO Group confirms acquisition by US investors | TechCrunch
NSO Group confirmed to TechCrunch that an unnamed group of American investors has taken “controlling ownership” of the surveillance tech maker.
techcrunch.com
October 14, 2025 at 6:38 PM
NSO Group confirms that it has a US buyer and whole thing is even sketchier than you would imagine: techcrunch.com/2025/10/10/s...
Reposted by Crystal Diaz
ICE reactivated its contract with spyware manufacturer Paragon Solutions. You can read more about it here, but what does that mean for using encrypted chat apps like Signal? 🧵(1/8)
EFF Statement on ICE Use of Paragon Solutions Malware
This statement can be attributed to EFF Senior Staff Technologist Cooper QuintinIt was recently reported by Jack Poulson on Substack that ICE has reactivated its 2 million dollar contract with Paragon...
www.eff.org
September 8, 2025 at 10:09 PM
ICE reactivated its contract with spyware manufacturer Paragon Solutions. You can read more about it here, but what does that mean for using encrypted chat apps like Signal? 🧵(1/8)
Been on BlueSky for a bit now. Unfortunately I still have some valuable Intel sources on the other platform but each time I make the switch between the two it is so refreshing to see more authentic content that does not feel forced down my throat by some BS money grubbing algorithm. Keep it up!
August 24, 2025 at 6:34 PM
Been on BlueSky for a bit now. Unfortunately I still have some valuable Intel sources on the other platform but each time I make the switch between the two it is so refreshing to see more authentic content that does not feel forced down my throat by some BS money grubbing algorithm. Keep it up!
Reposted by Crystal Diaz
Unfortunately, Bluesky is unavailable in Mississippi right now, due to a new state law that requires age verification for all users.
While intended for child safety, we think this law poses broader challenges & creates significant barriers that limit free speech & harm smaller platforms like ours.
While intended for child safety, we think this law poses broader challenges & creates significant barriers that limit free speech & harm smaller platforms like ours.
August 22, 2025 at 7:54 PM
Unfortunately, Bluesky is unavailable in Mississippi right now, due to a new state law that requires age verification for all users.
While intended for child safety, we think this law poses broader challenges & creates significant barriers that limit free speech & harm smaller platforms like ours.
While intended for child safety, we think this law poses broader challenges & creates significant barriers that limit free speech & harm smaller platforms like ours.
Reposted by Crystal Diaz
🩸& #threatintel | We (GreyNoise) just published a quick note (www.greynoise.io/blo...) regarding CVE-2025-5777 - CitrixBleed 2
1/2
1/2
Exploitation of CitrixBleed 2 (CVE-2025-5777) Began Before PoC Was Public
GreyNoise has observed active exploitation attempts against CVE-2025-5777 (CitrixBleed 2), a memory overread vulnerability in Citrix NetScaler. Exploitation began on June 23 — nearly two weeks before a public proof-of-concept was released on July 4.
www.greynoise.io
July 16, 2025 at 9:05 PM
🩸& #threatintel | We (GreyNoise) just published a quick note (www.greynoise.io/blo...) regarding CVE-2025-5777 - CitrixBleed 2
1/2
1/2
Reposted by Crystal Diaz
Another mindfuck is realizing that decision about some aspect of a massive company. There wasn't some process or jury. There's just Some Person that decided most of it. And when that person is you, you get it. People come and think a choice was some huge deliberation. It wasn't. You just... decided.
Everyone who has ever worked their way up in a large org knows this.
At some point you look around and realize "wait... this is it?" - then you realize, its the same at every other large org on the planet.
And you realize that all of modern society just keeps working mostly by luck.
At some point you look around and realize "wait... this is it?" - then you realize, its the same at every other large org on the planet.
And you realize that all of modern society just keeps working mostly by luck.
July 12, 2025 at 5:30 PM
Another mindfuck is realizing that decision about some aspect of a massive company. There wasn't some process or jury. There's just Some Person that decided most of it. And when that person is you, you get it. People come and think a choice was some huge deliberation. It wasn't. You just... decided.
Reposted by Crystal Diaz
Sen. Bernie Sanders held a "Fighting Oligarchy" rally in Tulsa, Oklahoma, when he received news of President Donald Trump's strikes on Iran.
June 22, 2025 at 9:08 PM
Sen. Bernie Sanders held a "Fighting Oligarchy" rally in Tulsa, Oklahoma, when he received news of President Donald Trump's strikes on Iran.
Reposted by Crystal Diaz
If people really find this to be such an easy conclusion, then Congressional authority should be easy to get.
So why don’t they insist on a vote?
They know this isn’t “progressive” resistance. They want to marginalize it as such because on top of this war being ILLEGAL, it’s also deeply unpopular.
So why don’t they insist on a vote?
They know this isn’t “progressive” resistance. They want to marginalize it as such because on top of this war being ILLEGAL, it’s also deeply unpopular.
CNN’s Van Jones urges “progressives” to “get on board” with bombing Iran:
“I think progressives underestimate how dangerous Iran is. Iran is not a normal country,” he said on air.
Jones did not share whether he considers Israel—an apartheid state currently committing genocide—a “normal country.”
“I think progressives underestimate how dangerous Iran is. Iran is not a normal country,” he said on air.
Jones did not share whether he considers Israel—an apartheid state currently committing genocide—a “normal country.”
June 22, 2025 at 4:29 PM
If people really find this to be such an easy conclusion, then Congressional authority should be easy to get.
So why don’t they insist on a vote?
They know this isn’t “progressive” resistance. They want to marginalize it as such because on top of this war being ILLEGAL, it’s also deeply unpopular.
So why don’t they insist on a vote?
They know this isn’t “progressive” resistance. They want to marginalize it as such because on top of this war being ILLEGAL, it’s also deeply unpopular.
Reposted by Crystal Diaz
Note to self: start scheduling backups and don’t be surprised by cyber attacks from Iran or their supporters. Right after dismantling CISA, perfect timing.
June 22, 2025 at 1:43 AM
Note to self: start scheduling backups and don’t be surprised by cyber attacks from Iran or their supporters. Right after dismantling CISA, perfect timing.
Reposted by Crystal Diaz
An organization providing cybersecurity assistance to emergency services has shut down at the end of May.
The Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) ceased operations after CISA cut funding earlier this year.
www.darkreading.com/threat-intel...
The Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) ceased operations after CISA cut funding earlier this year.
www.darkreading.com/threat-intel...
EMR-ISAC Shuts Down: What Happens Now?
The Emergency Management and Response - Information Sharing and Analysis Center provided essential information to the emergency services sector on physical and cyber threats and its closure leaves an ...
www.darkreading.com
June 3, 2025 at 12:25 AM
An organization providing cybersecurity assistance to emergency services has shut down at the end of May.
The Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) ceased operations after CISA cut funding earlier this year.
www.darkreading.com/threat-intel...
The Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) ceased operations after CISA cut funding earlier this year.
www.darkreading.com/threat-intel...
Reposted by Crystal Diaz
Common headline these days: “impending disaster delayed a bit.”
April 16, 2025 at 3:27 PM
Common headline these days: “impending disaster delayed a bit.”
Reposted by Crystal Diaz
18F was doing exactly the type of work that DOGE claims to want – yet we were eliminated shortly after midnight. Read our letter to the American people:
18f.org
18f.org
We're not done yet | 18F
18f.org
March 1, 2025 at 11:38 PM
18F was doing exactly the type of work that DOGE claims to want – yet we were eliminated shortly after midnight. Read our letter to the American people:
18f.org
18f.org
Reposted by Crystal Diaz
Reposted by Crystal Diaz
🚨 #Sweden Wants Backdoors in Encrypted Apps! Lawmakers push for access to private messages in Signal & WhatsApp, but experts & even Sweden’s military warn of serious security risks.
Read: hackread.com/signal-threa...
#CyberSecurity #Privacy #Encryption #Signal #WhatsApp
Read: hackread.com/signal-threa...
#CyberSecurity #Privacy #Encryption #Signal #WhatsApp
Signal Threatens to Exit Sweden Over Government's Backdoor Proposal
Follow us on Bluesky, Twitter (X) and Facebook at @Hackread
hackread.com
February 26, 2025 at 12:26 PM
🚨 #Sweden Wants Backdoors in Encrypted Apps! Lawmakers push for access to private messages in Signal & WhatsApp, but experts & even Sweden’s military warn of serious security risks.
Read: hackread.com/signal-threa...
#CyberSecurity #Privacy #Encryption #Signal #WhatsApp
Read: hackread.com/signal-threa...
#CyberSecurity #Privacy #Encryption #Signal #WhatsApp
Reposted by Crystal Diaz
Reposted by Crystal Diaz
Cherry Hill, New Jersey:
The Tesla Cherry Protest is over 300 strong! Way to show up South Jersey! #teslatakedown #protest
February 24, 2025 at 5:44 PM
Cherry Hill, New Jersey:
Reposted by Crystal Diaz
This seems like a phisher's dream. Announcing that a government email is about to go out and that recipients are required to respond to it seems like the kind of thing cybercriminals would love to spoof in order to infect workers or trick them into revealing their login credentials.
February 22, 2025 at 10:11 PM
This seems like a phisher's dream. Announcing that a government email is about to go out and that recipients are required to respond to it seems like the kind of thing cybercriminals would love to spoof in order to infect workers or trick them into revealing their login credentials.
Reposted by Crystal Diaz
Defense Secretary Pete Hegseth has ordered U.S. Cyber Command to fast-track a long-awaited overhaul plan, @martinmatishak.bsky.social reports. DOD leadership also wants to know if CyberCom needs new authorities or faces legal hurdles. bit.ly/3D5zHoH
February 21, 2025 at 5:02 PM
Defense Secretary Pete Hegseth has ordered U.S. Cyber Command to fast-track a long-awaited overhaul plan, @martinmatishak.bsky.social reports. DOD leadership also wants to know if CyberCom needs new authorities or faces legal hurdles. bit.ly/3D5zHoH
Reposted by Crystal Diaz
"Approximately 500 NIST staffers, including at least three lab directors, are expected to lose their jobs at the standards agency as part of the ongoing DOGE purge, sources tell @WIRED." www.wired.com/story/the-na...
The National Institute of Standards and Technology Braces for Mass Firings
Approximately 500 NIST staffers, including at least three lab directors, are expected to lose their jobs at the standards agency as part of the ongoing DOGE purge, sources tell WIRED.
www.wired.com
February 20, 2025 at 9:50 PM
"Approximately 500 NIST staffers, including at least three lab directors, are expected to lose their jobs at the standards agency as part of the ongoing DOGE purge, sources tell @WIRED." www.wired.com/story/the-na...
Reposted by Crystal Diaz
There are moments in these deportation fights when I can just FEEL how pissed off they are that I’m Puerto Rican 😂 they want to threaten me with it so bad 😂
February 20, 2025 at 5:32 PM
There are moments in these deportation fights when I can just FEEL how pissed off they are that I’m Puerto Rican 😂 they want to threaten me with it so bad 😂