Lasq
@lasq.pl
Advanced Practices 🦅 @Google Threat Intelligence Group
Threat Attribution, Frontline Intelligence, Malware Analysis, Threat Hunting, Incident Response
#attributionmatters
Threat Attribution, Frontline Intelligence, Malware Analysis, Threat Hunting, Incident Response
#attributionmatters
🚨 NEW VIDEO! I tested the AI-powered #PromptLock ransomware, and it failed spectacularly! 🤯
Impact: 0/10. Fun: 11/10.
Watch it here: www.youtube.com/watch?v=-qex...
#Ransomware #AI #Cybersecurity
Impact: 0/10. Fun: 11/10.
Watch it here: www.youtube.com/watch?v=-qex...
#Ransomware #AI #Cybersecurity
I Tested The World's First "AI Ransomware"... And It Was A Disaster
YouTube video by Malfind Labs
www.youtube.com
October 8, 2025 at 7:12 AM
🚨 NEW VIDEO! I tested the AI-powered #PromptLock ransomware, and it failed spectacularly! 🤯
Impact: 0/10. Fun: 11/10.
Watch it here: www.youtube.com/watch?v=-qex...
#Ransomware #AI #Cybersecurity
Impact: 0/10. Fun: 11/10.
Watch it here: www.youtube.com/watch?v=-qex...
#Ransomware #AI #Cybersecurity
Reposted by Lasq
@volexity.com is looking to grow our Threat Intelligence team. New job posting for Senior Analyst role is up here:
www.volexity.com/company/care...
If you have any questions, don't hesitate to ask.
www.volexity.com/company/care...
If you have any questions, don't hesitate to ask.
Open Position
Career Opportunity: Volexity is currently looking to hire Senior Threat Intelligence Analyst to join its rapidly growing services team.
www.volexity.com
July 21, 2025 at 8:23 AM
@volexity.com is looking to grow our Threat Intelligence team. New job posting for Senior Analyst role is up here:
www.volexity.com/company/care...
If you have any questions, don't hesitate to ask.
www.volexity.com/company/care...
If you have any questions, don't hesitate to ask.
Microsoft, what in seven hells is that? This just randomly popped up on my screen, and yes it's animated.
Also how cool is the fact that according to Microsoft I need to throw away my $5k PC just because I don't have TPM module (yes I know there are workarounds)
Also how cool is the fact that according to Microsoft I need to throw away my $5k PC just because I don't have TPM module (yes I know there are workarounds)
July 23, 2025 at 3:23 AM
Microsoft, what in seven hells is that? This just randomly popped up on my screen, and yes it's animated.
Also how cool is the fact that according to Microsoft I need to throw away my $5k PC just because I don't have TPM module (yes I know there are workarounds)
Also how cool is the fact that according to Microsoft I need to throw away my $5k PC just because I don't have TPM module (yes I know there are workarounds)
Reposted by Lasq
Wow: after 15 years, YouTube has taken down the original 'Rick Roll' video due to a "licensing issue," likely due to the acquisition of Astley's record lable.
The metadata remains, but if you click through it goes to 'video not found':
www.youtube.com/watch?v=dQw4...
The metadata remains, but if you click through it goes to 'video not found':
www.youtube.com/watch?v=dQw4...
Rick Astley - Never Gonna Give You Up (Official Music Video)
YouTube video by Rick Astley
www.youtube.com
May 19, 2025 at 6:45 PM
Wow: after 15 years, YouTube has taken down the original 'Rick Roll' video due to a "licensing issue," likely due to the acquisition of Astley's record lable.
The metadata remains, but if you click through it goes to 'video not found':
www.youtube.com/watch?v=dQw4...
The metadata remains, but if you click through it goes to 'video not found':
www.youtube.com/watch?v=dQw4...
Vibe coding is real…
https://media2.giphy.com/media/1lDEYJWZYBowUTrwIL/200.gif
media2.giphy.com
April 30, 2025 at 6:14 AM
Vibe coding is real…
I was just blown away by Gemini 2.5 Pro capabilities to write python code. It took ~5 minutes to refactor 1500 LOC python script the way I wanted. What's even better is that it also fixed a few other minor bugs, added comments, debug messages, and improved the overall readability of the code.
1/3
1/3
April 25, 2025 at 4:20 AM
I was just blown away by Gemini 2.5 Pro capabilities to write python code. It took ~5 minutes to refactor 1500 LOC python script the way I wanted. What's even better is that it also fixed a few other minor bugs, added comments, debug messages, and improved the overall readability of the code.
1/3
1/3
Reposted by Lasq
Reposted by Lasq
In July 2024, #ESETresearch discovered that the China-aligned #FamousSparrow APT group, thought at the time to have been inactive since 2022, compromised the network of a US trade group and a Mexican research institute. www.welivesecurity.com/en/eset-rese... 1/5
You will always remember this as the day you finally caught FamousSparrow
ESET researchers uncover the toolset used by the FamousSparrow APT group, including two undocumented versions of the group’s signature backdoor, SparrowDoor.
www.welivesecurity.com
March 26, 2025 at 3:03 PM
In July 2024, #ESETresearch discovered that the China-aligned #FamousSparrow APT group, thought at the time to have been inactive since 2022, compromised the network of a US trade group and a Mexican research institute. www.welivesecurity.com/en/eset-rese... 1/5
Reposted by Lasq
Confirmation that Michael Waltz was the one who added Jeffrey Goldberg to the chat
March 26, 2025 at 12:51 PM
Confirmation that Michael Waltz was the one who added Jeffrey Goldberg to the chat
Reposted by Lasq
They were in fact not "currently clean on OPSEC"
March 26, 2025 at 12:54 PM
They were in fact not "currently clean on OPSEC"
Reposted by Lasq
Following multiple denials from Trump and participants in the "Houthi PC small group" Signal group that information shared was classified, The Atlantic is now sharing information posted in the group. It's fair to say it has a big "Classified" energy around it. www.theatlantic.com/politics/arc...
Here Are the Attack Plans That Trump’s Advisers Shared on Signal
The administration has downplayed the importance of the text messages inadvertently sent to The Atlantic’s editor in chief.
www.theatlantic.com
March 26, 2025 at 12:41 PM
Following multiple denials from Trump and participants in the "Houthi PC small group" Signal group that information shared was classified, The Atlantic is now sharing information posted in the group. It's fair to say it has a big "Classified" energy around it. www.theatlantic.com/politics/arc...
Reposted by Lasq
Chinese hacking is becoming bigger, better and stealthier
@euben.bsky.social and I on the beat
economist.com/china/2025/0...
@euben.bsky.social and I on the beat
economist.com/china/2025/0...
Chinese hacking is becoming bigger, better and stealthier
Experts say it is the main shift in the cyber-threat landscape in a decade
economist.com
March 26, 2025 at 1:10 PM
Chinese hacking is becoming bigger, better and stealthier
@euben.bsky.social and I on the beat
economist.com/china/2025/0...
@euben.bsky.social and I on the beat
economist.com/china/2025/0...
Reposted by Lasq
There’s been infinite memes and commentary on the single breach, but this is worth your time, this is a much bigger issue. www.washingtonpost.com/technology/2... by @jik.federate.social.ap.brid.gy ht @zackwhittaker.com
Why government workers and military planners all love Signal now
The encrypted chat app beloved by Elon Musk and foreign dissidents has been embraced by federal government workers, DOGE and military planners.
www.washingtonpost.com
March 25, 2025 at 3:07 PM
There’s been infinite memes and commentary on the single breach, but this is worth your time, this is a much bigger issue. www.washingtonpost.com/technology/2... by @jik.federate.social.ap.brid.gy ht @zackwhittaker.com
Reposted by Lasq
Developing low visibility, low signature forms of compromise for signal accounts is a clear area of investment for Russia's services as well.
Generally speaking if you use the app for sensitive comms: audit your linked devices. Do it now.
cloud.google.com/blog/topics/...
Generally speaking if you use the app for sensitive comms: audit your linked devices. Do it now.
cloud.google.com/blog/topics/...
March 25, 2025 at 11:57 AM
Developing low visibility, low signature forms of compromise for signal accounts is a clear area of investment for Russia's services as well.
Generally speaking if you use the app for sensitive comms: audit your linked devices. Do it now.
cloud.google.com/blog/topics/...
Generally speaking if you use the app for sensitive comms: audit your linked devices. Do it now.
cloud.google.com/blog/topics/...
Reposted by Lasq
I to tyle z teorii, że Hermes to drugi Pegasus czy północnokoreański ransomware 🤡
Anna Dworak: Dzien Dobry. Anna Dworak, TVP Info. Ja mam pytanie do któregoś z panów. Jakby panowie mogli wyjaśnić proszę jaka jest różnica między oprogramowaniem Pegasus a Hermesem
#Hermes
Anna Dworak: Dzien Dobry. Anna Dworak, TVP Info. Ja mam pytanie do któregoś z panów. Jakby panowie mogli wyjaśnić proszę jaka jest różnica między oprogramowaniem Pegasus a Hermesem
#Hermes
March 19, 2025 at 10:54 AM
I to tyle z teorii, że Hermes to drugi Pegasus czy północnokoreański ransomware 🤡
Anna Dworak: Dzien Dobry. Anna Dworak, TVP Info. Ja mam pytanie do któregoś z panów. Jakby panowie mogli wyjaśnić proszę jaka jest różnica między oprogramowaniem Pegasus a Hermesem
#Hermes
Anna Dworak: Dzien Dobry. Anna Dworak, TVP Info. Ja mam pytanie do któregoś z panów. Jakby panowie mogli wyjaśnić proszę jaka jest różnica między oprogramowaniem Pegasus a Hermesem
#Hermes
Love this commentary on our recent blog, pineapples vs ananas 😂 If you don't yet listen to "Three Buddy Problem" podcast you are missing out!
www.youtube.com/watch?v=KHhr...
www.youtube.com/watch?v=KHhr...
Chinese backdoors on Juniper routers
YouTube video by Three Buddy Problem
www.youtube.com
March 19, 2025 at 11:59 PM
Love this commentary on our recent blog, pineapples vs ananas 😂 If you don't yet listen to "Three Buddy Problem" podcast you are missing out!
www.youtube.com/watch?v=KHhr...
www.youtube.com/watch?v=KHhr...
Great to see our UNC3886 Juniper malware blog mentioned in my favorite podcast 🥰
NEW POD ALERT: A half-dozen Microsoft 0days exploited in the wild, a mysterious AI credited with Microsoft Access RCE flaws, a Binarly technical paper on finding UEFI bootkits, Mandiant flagging custom backdoors on Juniper routers
Live on all platforms!
securityconversations.com/episode/a-ha...
Live on all platforms!
securityconversations.com/episode/a-ha...
A half-dozen Microsoft zero-days, Juniper router backdoors, advanced bootkit hunting - Security Conversations
Three Buddy Problem – Episode 38: On the show this week, we look at a hefty batch of Microsoft zero-days exploited in the wild, iOS […]
securityconversations.com
March 15, 2025 at 3:31 AM
Great to see our UNC3886 Juniper malware blog mentioned in my favorite podcast 🥰
Reposted by Lasq
March 14, 2025 at 10:51 PM
Reposted by Lasq
🔥 new blog covering recent UNC3886 ops. Massive S/O to all the authors for dropping such a great blog.
March 12, 2025 at 6:29 PM
🔥 new blog covering recent UNC3886 ops. Massive S/O to all the authors for dropping such a great blog.
Super happy this blog is finally released. Dive into the intricacies of backdoors targeting Juniper devices, veriexec bypass zero-day and other interesting TTPs, all with UNC3886, a China-nexus cyber espionage group as your guide!
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers | Google Cloud Blog
We discovered China-nexus threat actors deployed custom backdoors on Juniper Networks’ Junos OS routers.
cloud.google.com
March 12, 2025 at 4:26 PM
Super happy this blog is finally released. Dive into the intricacies of backdoors targeting Juniper devices, veriexec bypass zero-day and other interesting TTPs, all with UNC3886, a China-nexus cyber espionage group as your guide!
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
This is a "clip" that the POTUS publishes on his social media account, regarding a region that has been impacted by one of the greatest humanitarian crisis of our times.
I try not to comment publicly on the US politics, but... REALLY???
truthsocial.com/@realDonaldT...
I try not to comment publicly on the US politics, but... REALLY???
truthsocial.com/@realDonaldT...
February 26, 2025 at 7:37 AM
This is a "clip" that the POTUS publishes on his social media account, regarding a region that has been impacted by one of the greatest humanitarian crisis of our times.
I try not to comment publicly on the US politics, but... REALLY???
truthsocial.com/@realDonaldT...
I try not to comment publicly on the US politics, but... REALLY???
truthsocial.com/@realDonaldT...
Reposted by Lasq
Woke up to see Donald Trump sharing a video on Truth Social about turning Gaza into a holiday resort with a giant gold statue of Trump, ending with a final shot of Trump and Netanyahu enjoying the beach together. Absolutely unhinged.
truthsocial.com/@realDonaldT...
truthsocial.com/@realDonaldT...
February 26, 2025 at 6:53 AM
Woke up to see Donald Trump sharing a video on Truth Social about turning Gaza into a holiday resort with a giant gold statue of Trump, ending with a final shot of Trump and Netanyahu enjoying the beach together. Absolutely unhinged.
truthsocial.com/@realDonaldT...
truthsocial.com/@realDonaldT...
Reposted by Lasq
As an IRS agent, Tigran Gambaryan was perhaps the most effective crypto investigator in history. Then last year he was charged in Nigeria with money laundering and thrown in prison.
Throughout, he was texting with me from a secret phone. This is his full, untold story. www.wired.com/story/untold...
Throughout, he was texting with me from a secret phone. This is his full, untold story. www.wired.com/story/untold...
The Untold Story of a Crypto Crimefighter’s Descent Into Nigerian Prison
As a US federal agent, Tigran Gambaryan pioneered modern crypto investigations. Then at Binance, he got trapped between the world’s biggest crypto exchange and a government determined to make it pay.
www.wired.com
February 10, 2025 at 12:35 PM
As an IRS agent, Tigran Gambaryan was perhaps the most effective crypto investigator in history. Then last year he was charged in Nigeria with money laundering and thrown in prison.
Throughout, he was texting with me from a secret phone. This is his full, untold story. www.wired.com/story/untold...
Throughout, he was texting with me from a secret phone. This is his full, untold story. www.wired.com/story/untold...