hakan
@hatr.bsky.social
reporter covering cyber (both crime and state-sponsored) for Der Spiegel and ZDF, short overview at https://linktr.ee/hakantanriverdi, Signal: hakan.25
Pinned
hakan
@hatr.bsky.social
· Mar 1
If you've been following #BlackBasta (and the recent leak), this thread might be of interest.
Last December, out of the blue, a source reached out to me (and, as I was to find out, to @valerymarchive.bsky.social as well) offering to doxx the leader of that ransomware-operation, known as "tramp".
Last December, out of the blue, a source reached out to me (and, as I was to find out, to @valerymarchive.bsky.social as well) offering to doxx the leader of that ransomware-operation, known as "tramp".
Reposted by hakan
In partnership with MegaLag, new findings show Honey not only violated affiliate "stand-down" rules, but hid from testers -- using its privileged browser plugin status to read other sites’ cookies and infer who was testing. www.benedelman.org/honey-detect... (1/4)
Honey’s Dieselgate: Detecting and Tricking Testers – Ben Edelman
www.benedelman.org
January 2, 2026 at 6:45 AM
In partnership with MegaLag, new findings show Honey not only violated affiliate "stand-down" rules, but hid from testers -- using its privileged browser plugin status to read other sites’ cookies and infer who was testing. www.benedelman.org/honey-detect... (1/4)
"By now [Nov' 25], the Ukrainians were accustomed to the contradictions."
www.nytimes.com/interactive/...
www.nytimes.com/interactive/...
The Separation: Inside the Unraveling U.S.-Ukraine Partnership
As President Trump sought a peace deal and Vladimir V. Putin sought victory, factions in the White House and Pentagon bled the Ukrainian war effort.
www.nytimes.com
January 2, 2026 at 9:29 AM
"By now [Nov' 25], the Ukrainians were accustomed to the contradictions."
www.nytimes.com/interactive/...
www.nytimes.com/interactive/...
"The president has difficulty sleeping well at night, and by his own account is often texting and calling aides at 2 a.m. or later."
www.wsj.com/us-news/as-s...
www.wsj.com/us-news/as-s...
Exclusive | As Signs of Aging Emerge, Trump Responds With Defiance
In an interview, President Trump—the oldest man to assume the office—said he has eschewed some advice from his doctors and regrets getting advanced imaging.
www.wsj.com
January 1, 2026 at 7:57 PM
"The president has difficulty sleeping well at night, and by his own account is often texting and calling aides at 2 a.m. or later."
www.wsj.com/us-news/as-s...
www.wsj.com/us-news/as-s...
Reposted by hakan
I can’t even keep up with this talk, they just showed two different(?) PoCs that spoof perfectly credible signatures from Satoshi and Angela Merkel.
The talk started with them booting a spoofed Fedora ISO after checking the signature.
14 vulns, 9 unpatched.
The talk started with them booting a spoofed Fedora ISO after checking the signature.
14 vulns, 9 unpatched.
December 27, 2025 at 5:00 PM
I can’t even keep up with this talk, they just showed two different(?) PoCs that spoof perfectly credible signatures from Satoshi and Angela Merkel.
The talk started with them booting a spoofed Fedora ISO after checking the signature.
14 vulns, 9 unpatched.
The talk started with them booting a spoofed Fedora ISO after checking the signature.
14 vulns, 9 unpatched.
megalag with a follow up to the honey/paypal investigation, this time analyzing the source code, among other things. walks you through console/network.
50+ mins, so take your time.
www.youtube.com/watch?v=wwB3...
50+ mins, so take your time.
www.youtube.com/watch?v=wwB3...
www.youtube.com
December 27, 2025 at 9:19 AM
megalag with a follow up to the honey/paypal investigation, this time analyzing the source code, among other things. walks you through console/network.
50+ mins, so take your time.
www.youtube.com/watch?v=wwB3...
50+ mins, so take your time.
www.youtube.com/watch?v=wwB3...
big fan of these writeups, especially coming from these two reporters who amaze me all the time
New, by @lorenzofb.bsky.social and me: We just published TechCrunch's annual jealousy list of cybersecurity stories that we *didn’t* publish but wish we had. This is the very best cybersecuirty reporting from our friends at competing publications.
techcrunch.com/2025/12/26/t...
techcrunch.com/2025/12/26/t...
These are the cybersecurity stories we were jealous of in 2025 | TechCrunch
The very best reporting and investigative journalism from our friends at other publications.
techcrunch.com
December 26, 2025 at 5:24 PM
big fan of these writeups, especially coming from these two reporters who amaze me all the time
Curious to learn what good blogposts/threads you read on pivoting and APT operations this year that you found enlightening.
Trying to do the pivoting a bit more and while this is pretty easily doable for DPRK-related actors these days, imho, I am sure there's has been much I've missed.
Trying to do the pivoting a bit more and while this is pretty easily doable for DPRK-related actors these days, imho, I am sure there's has been much I've missed.
December 26, 2025 at 5:23 PM
Curious to learn what good blogposts/threads you read on pivoting and APT operations this year that you found enlightening.
Trying to do the pivoting a bit more and while this is pretty easily doable for DPRK-related actors these days, imho, I am sure there's has been much I've missed.
Trying to do the pivoting a bit more and while this is pretty easily doable for DPRK-related actors these days, imho, I am sure there's has been much I've missed.
Reposted by hakan
ColdFusion++ Christmas Campaign: Catching a Coordinated Callback Calamity
https://www.labs.greynoise.io/grimoire/2025-12-26-coldfusion/
https://www.labs.greynoise.io/grimoire/2025-12-26-coldfusion/
December 26, 2025 at 3:51 PM
ColdFusion++ Christmas Campaign: Catching a Coordinated Callback Calamity
https://www.labs.greynoise.io/grimoire/2025-12-26-coldfusion/
https://www.labs.greynoise.io/grimoire/2025-12-26-coldfusion/
“Taken together,” Zakharov said, “it has never been easier to find private Russian data on the market.”
www.theguardian.com/world/2025/d...
www.theguardian.com/world/2025/d...
‘All brakes are off’: Russia’s attempt to rein in illicit market for leaked data backfires
Russian state has tolerated parallel probiv market for its convenience but now Ukrainian spies are exploiting it
www.theguardian.com
December 26, 2025 at 10:55 AM
“Taken together,” Zakharov said, “it has never been easier to find private Russian data on the market.”
www.theguardian.com/world/2025/d...
www.theguardian.com/world/2025/d...
Reposted by hakan
If you're going to be at #39C3, let me know! Happy to meet. Always a thrill to be a this conference, pre-covid was the last time I went, so pretty excited tbh.
December 25, 2025 at 10:41 AM
If you're going to be at #39C3, let me know! Happy to meet. Always a thrill to be a this conference, pre-covid was the last time I went, so pretty excited tbh.
Reposted by hakan
Für die, die beim Kongress sind, Hakan aus unserem Team ist ebenfalls dort und freut sich sehr, wenn ihr Hallo sagt.
If you're going to be at #39C3, let me know! Happy to meet. Always a thrill to be a this conference, pre-covid was the last time I went, so pretty excited tbh.
December 25, 2025 at 10:45 AM
Für die, die beim Kongress sind, Hakan aus unserem Team ist ebenfalls dort und freut sich sehr, wenn ihr Hallo sagt.
If you're going to be at #39C3, let me know! Happy to meet. Always a thrill to be a this conference, pre-covid was the last time I went, so pretty excited tbh.
December 25, 2025 at 10:41 AM
If you're going to be at #39C3, let me know! Happy to meet. Always a thrill to be a this conference, pre-covid was the last time I went, so pretty excited tbh.
"The announcement on Wednesday comes after a week of intermittent releases as required by a new transparency law that Congress passed last month."
edition.cnn.com/2025/12/24/p...
edition.cnn.com/2025/12/24/p...
DOJ says it has found over a million additional documents potentially related to Epstein | CNN Politics
The Justice Department on Wednesday said it has uncovered over a million more documents potentially related to the Jeffrey Epstein case and may need “a few more weeks” to process and release them to t...
edition.cnn.com
December 24, 2025 at 7:36 PM
"The announcement on Wednesday comes after a week of intermittent releases as required by a new transparency law that Congress passed last month."
edition.cnn.com/2025/12/24/p...
edition.cnn.com/2025/12/24/p...
Reposted by hakan
I wanted to figure out what changed between the DOJ's initial Epstein Files Vol. 8 document dump (which they quickly pulled) and the version they replaced it with.
I had a few hours of free time for PDF forensics hacking today. Here's my initial analysis of what changed: github.com/chad-loder/e...
I had a few hours of free time for PDF forensics hacking today. Here's my initial analysis of what changed: github.com/chad-loder/e...
December 24, 2025 at 7:39 AM
I wanted to figure out what changed between the DOJ's initial Epstein Files Vol. 8 document dump (which they quickly pulled) and the version they replaced it with.
I had a few hours of free time for PDF forensics hacking today. Here's my initial analysis of what changed: github.com/chad-loder/e...
I had a few hours of free time for PDF forensics hacking today. Here's my initial analysis of what changed: github.com/chad-loder/e...
„The exchange was among dozens of transcribed phone conversations, text messages and group chats shared … by a group of Syrian activists who say they hacked the phones of top Assad commanders before the regime’s collapse and have been monitoring them ever since“
www.nytimes.com/2025/12/24/w...
www.nytimes.com/2025/12/24/w...
Ousted and in Exile, Generals Secretly Plot Insurgency in Syria
www.nytimes.com
December 24, 2025 at 1:17 PM
„The exchange was among dozens of transcribed phone conversations, text messages and group chats shared … by a group of Syrian activists who say they hacked the phones of top Assad commanders before the regime’s collapse and have been monitoring them ever since“
www.nytimes.com/2025/12/24/w...
www.nytimes.com/2025/12/24/w...
Reposted by hakan
Die US-Behörden haben nun die lange erwarteten Epstein-Unterlagen veröffentlicht. Wir hatten aber schon vorab Zugang zu einem Leak, das etwa 20.000 E-Mails und Anhänge aus Jeffrey Epsteins privatem Postfach enthält - und haben Spuren nach Deutschland gefunden. (1/3) www.spiegel.de/ausland/jeff...
(S+) Jeffrey Epstein: Wie zwei deutsche Schwestern seiner Missbrauchsfalle entkamen
Sie mussten vor ihm laufen, dann machte er große Versprechungen: Der US-Sexualstraftäter Jeffrey Epstein wollte wohl einst auch zwei Schwestern aus Deutschland rekrutieren. Hier erzählen die beiden, w...
www.spiegel.de
December 20, 2025 at 10:49 AM
Die US-Behörden haben nun die lange erwarteten Epstein-Unterlagen veröffentlicht. Wir hatten aber schon vorab Zugang zu einem Leak, das etwa 20.000 E-Mails und Anhänge aus Jeffrey Epsteins privatem Postfach enthält - und haben Spuren nach Deutschland gefunden. (1/3) www.spiegel.de/ausland/jeff...
„Guan posted videos that were viewed by many human-rights watchers as confirming earlier reports, including findings by BuzzFeed News, about the camps.
“If he is deported, he will certainly face a very severe prison sentence due to the social impact of this incident,”
www.wsj.com/world/china/...
“If he is deported, he will certainly face a very severe prison sentence due to the social impact of this incident,”
www.wsj.com/world/china/...
ICE Holding Chinese Man Who Documented Uyghur Camps
Heng Guan is awaiting an immigration hearing on Monday that could lead to his removal from the U.S. and ultimately land him back in China, according to his lawyer and a New York-based activist group.
www.wsj.com
December 13, 2025 at 4:02 PM
„Guan posted videos that were viewed by many human-rights watchers as confirming earlier reports, including findings by BuzzFeed News, about the camps.
“If he is deported, he will certainly face a very severe prison sentence due to the social impact of this incident,”
www.wsj.com/world/china/...
“If he is deported, he will certainly face a very severe prison sentence due to the social impact of this incident,”
www.wsj.com/world/china/...
Reposted by hakan
This week's newsletter is about analyzing ChatGPT-share conversations with pandas and what kinds of things ChatGPT is or was looking for once you open(ed) up that conversation in your browser.
That screenshot is ChatGPT telling me that they're basically oversharing
buttondown.com/readwrite/ar...
That screenshot is ChatGPT telling me that they're basically oversharing
buttondown.com/readwrite/ar...
December 12, 2025 at 8:35 AM
This week's newsletter is about analyzing ChatGPT-share conversations with pandas and what kinds of things ChatGPT is or was looking for once you open(ed) up that conversation in your browser.
That screenshot is ChatGPT telling me that they're basically oversharing
buttondown.com/readwrite/ar...
That screenshot is ChatGPT telling me that they're basically oversharing
buttondown.com/readwrite/ar...
This week's newsletter is about analyzing ChatGPT-share conversations with pandas and what kinds of things ChatGPT is or was looking for once you open(ed) up that conversation in your browser.
That screenshot is ChatGPT telling me that they're basically oversharing
buttondown.com/readwrite/ar...
That screenshot is ChatGPT telling me that they're basically oversharing
buttondown.com/readwrite/ar...
December 12, 2025 at 8:35 AM
This week's newsletter is about analyzing ChatGPT-share conversations with pandas and what kinds of things ChatGPT is or was looking for once you open(ed) up that conversation in your browser.
That screenshot is ChatGPT telling me that they're basically oversharing
buttondown.com/readwrite/ar...
That screenshot is ChatGPT telling me that they're basically oversharing
buttondown.com/readwrite/ar...
Reposted by hakan
“Asian wife sharing,” Pentagon press policy, and me: Journalism in the second Trump administration gets personal. www.motherjones.com/politics/202...
I asked the Pentagon about Pete Hegseth's mentor. Then the threats started.
Journalism in the second Trump administration gets personal.
www.motherjones.com
December 11, 2025 at 2:17 PM
“Asian wife sharing,” Pentagon press policy, and me: Journalism in the second Trump administration gets personal. www.motherjones.com/politics/202...
“The only free cheese is in the mousetrap.”
Google promised publishers crumbs instead of a cake and even those never materialized somehow
talkingpointsmemo.com/tpm-25/we-tr...
Google promised publishers crumbs instead of a cake and even those never materialized somehow
talkingpointsmemo.com/tpm-25/we-tr...
We Tried to Get Big Tech to Pay for Wrecking Journalism. It Didn’t Work Out.
The debate over Who Destroyed Journalism borders on theology among journalists and...
talkingpointsmemo.com
December 7, 2025 at 11:49 AM
“The only free cheese is in the mousetrap.”
Google promised publishers crumbs instead of a cake and even those never materialized somehow
talkingpointsmemo.com/tpm-25/we-tr...
Google promised publishers crumbs instead of a cake and even those never materialized somehow
talkingpointsmemo.com/tpm-25/we-tr...
Reposted by hakan
The EU Commission did not blink, it seems.
It announced today a fine of $120M on X for several violations including deceptive design of the blue checkmark
It announced today a fine of $120M on X for several violations including deceptive design of the blue checkmark
Commission fines X €120 million under the Digital Services Act
Today, the Commission has issued a fine of €120 million to X for breaching its transparency obligations under the Digital Services Act (DSA).
ec.europa.eu
December 5, 2025 at 11:39 AM
The EU Commission did not blink, it seems.
It announced today a fine of $120M on X for several violations including deceptive design of the blue checkmark
It announced today a fine of $120M on X for several violations including deceptive design of the blue checkmark
Reposted by hakan
WASHINGTON (AP) — Pentagon knew September boat attack left survivors but still launched a follow-on strike to sink vessel, AP sources say.
December 3, 2025 at 10:26 PM
WASHINGTON (AP) — Pentagon knew September boat attack left survivors but still launched a follow-on strike to sink vessel, AP sources say.
@justinseitz.bsky.social regarding the "ghosts in the graph" newsletter, I (mis)read you "spending tens of thousands of dollars" and had to put my cake down for a bit of contemplating
December 3, 2025 at 10:15 PM
@justinseitz.bsky.social regarding the "ghosts in the graph" newsletter, I (mis)read you "spending tens of thousands of dollars" and had to put my cake down for a bit of contemplating