@pdub5.bsky.social
Reposted
CYBERWARCON is ONE WEEK AWAY! 💣💥💻 ✉️
Check out our website to view the agenda and plan your day, read more about our speakers, or buy a last minute ticket!
We can't wait to see everyone in Arlington, VA on November 19th!
www.cyberwarcon.com
Check out our website to view the agenda and plan your day, read more about our speakers, or buy a last minute ticket!
We can't wait to see everyone in Arlington, VA on November 19th!
www.cyberwarcon.com
November 12, 2025 at 7:21 PM
CYBERWARCON is ONE WEEK AWAY! 💣💥💻 ✉️
Check out our website to view the agenda and plan your day, read more about our speakers, or buy a last minute ticket!
We can't wait to see everyone in Arlington, VA on November 19th!
www.cyberwarcon.com
Check out our website to view the agenda and plan your day, read more about our speakers, or buy a last minute ticket!
We can't wait to see everyone in Arlington, VA on November 19th!
www.cyberwarcon.com
I couldn't have asked for a better venue than #RooCon25
🇦🇺 for my first Cyber Threat Intel talk! It was an amazing and surreal experience. A huge thanks to the organizers for having me and another thanks to everyone that attended!
🇦🇺 for my first Cyber Threat Intel talk! It was an amazing and surreal experience. A huge thanks to the organizers for having me and another thanks to everyone that attended!
November 10, 2025 at 5:55 PM
I couldn't have asked for a better venue than #RooCon25
🇦🇺 for my first Cyber Threat Intel talk! It was an amazing and surreal experience. A huge thanks to the organizers for having me and another thanks to everyone that attended!
🇦🇺 for my first Cyber Threat Intel talk! It was an amazing and surreal experience. A huge thanks to the organizers for having me and another thanks to everyone that attended!
Reposted
Meet our speaker Patrick Whitsell!
Patrick has expertise in monitoring and defending against cyber espionage threat actors.
His talk, "Cyber(trade)war: Paradigm Shift in Economic Espionage", will cover the shift in PRC state-sponsored cyber espionage.
Learn more! www.cyberwarcon.com
Patrick has expertise in monitoring and defending against cyber espionage threat actors.
His talk, "Cyber(trade)war: Paradigm Shift in Economic Espionage", will cover the shift in PRC state-sponsored cyber espionage.
Learn more! www.cyberwarcon.com
November 5, 2025 at 7:47 PM
Meet our speaker Patrick Whitsell!
Patrick has expertise in monitoring and defending against cyber espionage threat actors.
His talk, "Cyber(trade)war: Paradigm Shift in Economic Espionage", will cover the shift in PRC state-sponsored cyber espionage.
Learn more! www.cyberwarcon.com
Patrick has expertise in monitoring and defending against cyber espionage threat actors.
His talk, "Cyber(trade)war: Paradigm Shift in Economic Espionage", will cover the shift in PRC state-sponsored cyber espionage.
Learn more! www.cyberwarcon.com
Yes, no, maybe robot?? Which is it @wxs.bsky.social!? 🤖
cloud.google.com/blog/topics/...
I wrote some more on COLDRIVER - specifically about their recent malware they have been using since at least May. If you’re on the COLDRIVER target list keep an eye out for this stuff. They have been more active with it than previous malware.
I wrote some more on COLDRIVER - specifically about their recent malware they have been using since at least May. If you’re on the COLDRIVER target list keep an eye out for this stuff. They have been more active with it than previous malware.
To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER | Google Cloud Blog
Russia state-sponsored COLDRIVER started using new malware immediately following a May public disclosure of their activity.
cloud.google.com
October 21, 2025 at 12:12 AM
Yes, no, maybe robot?? Which is it @wxs.bsky.social!? 🤖
I'm super excited to be speaking at @cyberwarcon.bsky.social
this year! The lineup looks amazing, as always. including a keynote with Dimitri Alperovitch. 🤯
Check out the full agenda here!
cyberwarcon.com/agenda-25
this year! The lineup looks amazing, as always. including a keynote with Dimitri Alperovitch. 🤯
Check out the full agenda here!
cyberwarcon.com/agenda-25
October 9, 2025 at 2:31 PM
I'm super excited to be speaking at @cyberwarcon.bsky.social
this year! The lineup looks amazing, as always. including a keynote with Dimitri Alperovitch. 🤯
Check out the full agenda here!
cyberwarcon.com/agenda-25
this year! The lineup looks amazing, as always. including a keynote with Dimitri Alperovitch. 🤯
Check out the full agenda here!
cyberwarcon.com/agenda-25
Join @austinlarsen.me and me next Tuesday for a deep-dive into PRC-nexus threat actor capabilities! Learn about advanced social engineering tactics, novel malware delivery, and strategies to defend your organization.
www.brighttalk.com/webcast/7451...
www.brighttalk.com/webcast/7451...
September 9, 2025 at 10:49 PM
Join @austinlarsen.me and me next Tuesday for a deep-dive into PRC-nexus threat actor capabilities! Learn about advanced social engineering tactics, novel malware delivery, and strategies to defend your organization.
www.brighttalk.com/webcast/7451...
www.brighttalk.com/webcast/7451...
New GTIG blog just dropped! 🥸🇨🇳🌐💼 ”Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats"! We're analyzing an operation that has it all; AitM, social engineering, signed malware, and more! Get the full breakdown here:
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats | Google Cloud Blog
A social engineering campaign leveraging signed malware, evasive tactics, and captive portal hijacking.
cloud.google.com
August 25, 2025 at 4:13 PM
New GTIG blog just dropped! 🥸🇨🇳🌐💼 ”Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats"! We're analyzing an operation that has it all; AitM, social engineering, signed malware, and more! Get the full breakdown here:
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
Reposted
So @gabagool.ing (who will henceforth be referred to as "gabbot") and I wrote some stuff on some ASP phishing campaigns: cloud.google.com/blog/topics/...
Citizen Lab worked closely with one of the targets and shared their work on it also: citizenlab.ca/2025/06/russ...
Citizen Lab worked closely with one of the targets and shared their work on it also: citizenlab.ca/2025/06/russ...
What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia | Google Cloud Blog
A Russia-sponsored threat actor is impersonating the U.S. Department of State, and using phishing to gain access to email accounts.
cloud.google.com
June 18, 2025 at 5:05 PM
So @gabagool.ing (who will henceforth be referred to as "gabbot") and I wrote some stuff on some ASP phishing campaigns: cloud.google.com/blog/topics/...
Citizen Lab worked closely with one of the targets and shared their work on it also: citizenlab.ca/2025/06/russ...
Citizen Lab worked closely with one of the targets and shared their work on it also: citizenlab.ca/2025/06/russ...
Reposted
I wrote some details on LOSTKEYS: malware which we directly attribute to COLDRIVER. They don't deploy it often, but we have seen it a few times and want to make people aware of it.
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs | Google Cloud Blog
Russian government-backed group COLDRIVER is using LOSTKEYS malware to steal files and system information from NGOs and western targets.
cloud.google.com
May 7, 2025 at 2:14 PM
I wrote some details on LOSTKEYS: malware which we directly attribute to COLDRIVER. They don't deploy it often, but we have seen it a few times and want to make people aware of it.
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
🚨 Heads up! 🚨 APT41 is using Google Calendar 🗓️ as their latest C2 trick. GTIG just pulled back the curtain 🎭 on the TOUGHPROGRESS malware campaign and how we shut it down 💪. Dive into the details here: 🚀https://cloud.google.com/blog/topics/threat-intelligence/apt41-innovative-tactics
May 28, 2025 at 2:11 PM
🚨 Heads up! 🚨 APT41 is using Google Calendar 🗓️ as their latest C2 trick. GTIG just pulled back the curtain 🎭 on the TOUGHPROGRESS malware campaign and how we shut it down 💪. Dive into the details here: 🚀https://cloud.google.com/blog/topics/threat-intelligence/apt41-innovative-tactics