Allan “Ransomware Sommelier” Liska
@ransomwaresommelier.com
Recorded Future - Ransomware Researcher
Owner @greenarcher.io - Yours Truly, Johnny Dollar | The Press Guardian | The Clock | The Green Archer
Weird mix of security, comics, photography and wine!
www.greenarcher.io
Owner @greenarcher.io - Yours Truly, Johnny Dollar | The Press Guardian | The Clock | The Green Archer
Weird mix of security, comics, photography and wine!
www.greenarcher.io
Rather ironic that these stories broke at around the same time.
February 10, 2026 at 1:38 PM
Rather ironic that these stories broke at around the same time.
Would never ask you to verify your age
February 10, 2026 at 4:40 AM
Would never ask you to verify your age
This looks great! I broke my “no new books” moratorium to pre-order it. Hopefully, I’ll be caught up more by the time it arrives.
I don't have a publicist, therefore I am the publicist. New website for my forthcoming book. Please especially check out the Author Q&A at the end of the page (Why did i write the book? Who's it for?. Journos, pod-casters, museums can find my contact info & how to obtain a bound review copy. 1/
Book - Migration and the Origins of American Citizenship — Anna O. Law
www.annaolaw.com
February 9, 2026 at 4:29 PM
This looks great! I broke my “no new books” moratorium to pre-order it. Hopefully, I’ll be caught up more by the time it arrives.
Suspected sabotage disrupts trains in northern Italy as Winter Games begin
via @darynant.bsky.social & @therecordmedia.bsky.social
via @darynant.bsky.social & @therecordmedia.bsky.social
Suspected sabotage disrupts trains in northern Italy as Winter Games begin
Italian authorities are investigating a series of suspected sabotage attacks on railway infrastructure in northern Italy that disrupted travel services during the opening days of the Winter Olympics.
therecord.media
February 9, 2026 at 1:21 PM
Suspected sabotage disrupts trains in northern Italy as Winter Games begin
via @darynant.bsky.social & @therecordmedia.bsky.social
via @darynant.bsky.social & @therecordmedia.bsky.social
Congratulations 🎊!
But, how does one of the best news organizations on here not mention M.A.SH.’s Radar O’Reilly, Ottumwa Iowa’s most famous resident, in their ad?
You would have gotten so many new subscriptions!
But, how does one of the best news organizations on here not mention M.A.SH.’s Radar O’Reilly, Ottumwa Iowa’s most famous resident, in their ad?
You would have gotten so many new subscriptions!
February 9, 2026 at 2:42 AM
Congratulations 🎊!
But, how does one of the best news organizations on here not mention M.A.SH.’s Radar O’Reilly, Ottumwa Iowa’s most famous resident, in their ad?
You would have gotten so many new subscriptions!
But, how does one of the best news organizations on here not mention M.A.SH.’s Radar O’Reilly, Ottumwa Iowa’s most famous resident, in their ad?
You would have gotten so many new subscriptions!
Reposted by Allan “Ransomware Sommelier” Liska
The Green Blood group is holding Senegal's government for ransom.
It claims to have stolen 139TB of data from the country's Department for the Automation of Records (DAF), which holds extremely sensitive information on all the country's population.
gambiaj.com/senegals-fil...
It claims to have stolen 139TB of data from the country's Department for the Automation of Records (DAF), which holds extremely sensitive information on all the country's population.
gambiaj.com/senegals-fil...
February 8, 2026 at 3:40 PM
The Green Blood group is holding Senegal's government for ransom.
It claims to have stolen 139TB of data from the country's Department for the Automation of Records (DAF), which holds extremely sensitive information on all the country's population.
gambiaj.com/senegals-fil...
It claims to have stolen 139TB of data from the country's Department for the Automation of Records (DAF), which holds extremely sensitive information on all the country's population.
gambiaj.com/senegals-fil...
After getting through @ellereeve.bsky.social’s amazing but discouraging Black Pill I needed a palate cleanser.
What you are Looking for in the Library by Michiko Aoyama is sweet, touching and treats librarians like the superheroes they are.
What you are Looking for in the Library by Michiko Aoyama is sweet, touching and treats librarians like the superheroes they are.
February 8, 2026 at 3:20 PM
After getting through @ellereeve.bsky.social’s amazing but discouraging Black Pill I needed a palate cleanser.
What you are Looking for in the Library by Michiko Aoyama is sweet, touching and treats librarians like the superheroes they are.
What you are Looking for in the Library by Michiko Aoyama is sweet, touching and treats librarians like the superheroes they are.
I’ve said this before, but it bears repeating:
@zackwhittaker.com’s newsletter is a must read! I spend my days knee-deep in the ransomware muck, but there are a bunch of other crimes happening.
This Week in Security provides an overview of everything & helps me cover my blind spots.
Plus 🐈 🐈⬛s!
@zackwhittaker.com’s newsletter is a must read! I spend my days knee-deep in the ransomware muck, but there are a bunch of other crimes happening.
This Week in Security provides an overview of everything & helps me cover my blind spots.
Plus 🐈 🐈⬛s!
My newsletter this.weekinsecurity.com features all of the most important cybersecurity news, analysis, and reporting that you need to know so you can stay ahead. Plus, good news and a reader-submitted cyber-cat. No email link/open tracking!
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
Sign up (or RSS!) for your weekly dispatch. Out Sundays.
~this week in security~
a weekly cybersecurity newsletter by Zack Whittaker, plus articles and more.
this.weekinsecurity.com
February 7, 2026 at 2:30 PM
I’ve said this before, but it bears repeating:
@zackwhittaker.com’s newsletter is a must read! I spend my days knee-deep in the ransomware muck, but there are a bunch of other crimes happening.
This Week in Security provides an overview of everything & helps me cover my blind spots.
Plus 🐈 🐈⬛s!
@zackwhittaker.com’s newsletter is a must read! I spend my days knee-deep in the ransomware muck, but there are a bunch of other crimes happening.
This Week in Security provides an overview of everything & helps me cover my blind spots.
Plus 🐈 🐈⬛s!
I have a plan to help the NFL increase Pro Bowl viewership:
World’s Tallest Dunk Tank!
Build a dunk tank between the goal posts, put a quarterback in it and the kicker from the rival team has 3 kicks to dunk him!
@amandagodsey.bsky.social & @minakimes.bsky.social can you talk to the NFL for me?
World’s Tallest Dunk Tank!
Build a dunk tank between the goal posts, put a quarterback in it and the kicker from the rival team has 3 kicks to dunk him!
@amandagodsey.bsky.social & @minakimes.bsky.social can you talk to the NFL for me?
a man throws a ball in front of a konas 2002 banner
ALT: a man throws a ball in front of a konas 2002 banner
media.tenor.com
February 7, 2026 at 2:18 PM
I have a plan to help the NFL increase Pro Bowl viewership:
World’s Tallest Dunk Tank!
Build a dunk tank between the goal posts, put a quarterback in it and the kicker from the rival team has 3 kicks to dunk him!
@amandagodsey.bsky.social & @minakimes.bsky.social can you talk to the NFL for me?
World’s Tallest Dunk Tank!
Build a dunk tank between the goal posts, put a quarterback in it and the kicker from the rival team has 3 kicks to dunk him!
@amandagodsey.bsky.social & @minakimes.bsky.social can you talk to the NFL for me?
Substack warns customers of data breach following hacker’s dark web claims
via @jgreig.bsky.social & @therecordmedia.bsky.social
via @jgreig.bsky.social & @therecordmedia.bsky.social
Substack warns customers of data breach following hacker’s dark web claims
Customers of the newsletter platform Substack were notified on Wednesday of a breach, following a hacker's claims on the dark web of a trove of stolen data.
therecord.media
February 6, 2026 at 2:39 PM
Substack warns customers of data breach following hacker’s dark web claims
via @jgreig.bsky.social & @therecordmedia.bsky.social
via @jgreig.bsky.social & @therecordmedia.bsky.social
Reposted by Allan “Ransomware Sommelier” Liska
New: Norway’s domestic security agency's has disclosed that the Chinese state-sponsored espionage campaign tracked as Salt Typhoon compromised network devices in Norwegian organizations.
Norwegian intelligence discloses country hit by Salt Typhoon campaign
The assessment said Chinese security and intelligence services have strengthened their ability to operate in Norway, including through cyber operations and human intelligence collection.
therecord.media
February 6, 2026 at 2:12 PM
New: Norway’s domestic security agency's has disclosed that the Chinese state-sponsored espionage campaign tracked as Salt Typhoon compromised network devices in Norwegian organizations.
Russian hackers attacking European maritime and transport orgs using Microsoft Office exploit
via @darynant.bsky.social & @therecordmedia.bsky.social
via @darynant.bsky.social & @therecordmedia.bsky.social
Russian hackers targeting European maritime and transport orgs using Microsoft Office exploit
Russian state-linked hackers are exploiting a Microsoft Office vulnerability to target maritime organizations across Europe as part of a “sophisticated espionage campaign," researchers said.
therecord.media
February 6, 2026 at 2:21 AM
Russian hackers attacking European maritime and transport orgs using Microsoft Office exploit
via @darynant.bsky.social & @therecordmedia.bsky.social
via @darynant.bsky.social & @therecordmedia.bsky.social
Reposted by Allan “Ransomware Sommelier” Liska
The conditions are absolutely ripe for cyberattacks on the Winter Games. In addition to historic precedent like Sandworm’s attempted disruption of the Pyeongchang opening ceremonies, Russian sabotage and cyberattack in Europe right now is reaching fever pitch. 1/x
February 5, 2026 at 1:01 PM
The conditions are absolutely ripe for cyberattacks on the Winter Games. In addition to historic precedent like Sandworm’s attempted disruption of the Pyeongchang opening ceremonies, Russian sabotage and cyberattack in Europe right now is reaching fever pitch. 1/x
Russian state hackers exploit new Microsoft Office flaw in attacks on Ukraine, EU
via @darynant.bsky.social & @therecordmedia.bsky.social
via @darynant.bsky.social & @therecordmedia.bsky.social
Russian state hackers exploit new Microsoft Office flaw in attacks on Ukraine, EU
Ukraine’s computer emergency response team, CERT-UA, said attackers began abusing the flaw — tracked as CVE-2026-21509 — shortly after Microsoft disclosed it in early January.
therecord.media
February 5, 2026 at 12:33 PM
Russian state hackers exploit new Microsoft Office flaw in attacks on Ukraine, EU
via @darynant.bsky.social & @therecordmedia.bsky.social
via @darynant.bsky.social & @therecordmedia.bsky.social
Anyone who carries out a ransomware attack is a piece of shit. But the absolute worst are ones that are sanctimonious pieces of shit.
Quick Reminder: YOU ARE THE FUCKING BAD GUYS. Don’t get all pissy when people don’t want to pay you, you whining simps.
Quick Reminder: YOU ARE THE FUCKING BAD GUYS. Don’t get all pissy when people don’t want to pay you, you whining simps.
February 4, 2026 at 8:54 PM
Anyone who carries out a ransomware attack is a piece of shit. But the absolute worst are ones that are sanctimonious pieces of shit.
Quick Reminder: YOU ARE THE FUCKING BAD GUYS. Don’t get all pissy when people don’t want to pay you, you whining simps.
Quick Reminder: YOU ARE THE FUCKING BAD GUYS. Don’t get all pissy when people don’t want to pay you, you whining simps.
Reposted by Allan “Ransomware Sommelier” Liska
Coveware released an article detailing why zero-day downstream mass data extortion campaigns are losing their bite.
Read more below:
www.coveware.com/blog/2026/2/...
#cybersecurity
@andyjabbour.bsky.social
Read more below:
www.coveware.com/blog/2026/2/...
#cybersecurity
@andyjabbour.bsky.social
Mass Data Exfiltration Campaigns Lose Their Edge in Q4 2025
Are we seeing the extinction of mass data exfiltration campaigns? The stats demonstrate these attacks are losing their efficacy.
www.coveware.com
February 4, 2026 at 4:37 PM
Coveware released an article detailing why zero-day downstream mass data extortion campaigns are losing their bite.
Read more below:
www.coveware.com/blog/2026/2/...
#cybersecurity
@andyjabbour.bsky.social
Read more below:
www.coveware.com/blog/2026/2/...
#cybersecurity
@andyjabbour.bsky.social
I have to say, comic con badge ribbons are WAAAAYYY more fun than Security Con badge ribbons.
Though, if @hultquist.bsky.social doesn’t object, I may try to come up with some fun ones to hand out at @sleuthcon.bsky.social.
Though, if @hultquist.bsky.social doesn’t object, I may try to come up with some fun ones to hand out at @sleuthcon.bsky.social.
Good news! Found a new vendor and got the Nazi fighting ribbon approved.
So, if you are going to be at @awesomecon.bsky.social please stop by and pick up one of our very limited number of ribbons!
So, if you are going to be at @awesomecon.bsky.social please stop by and pick up one of our very limited number of ribbons!
February 4, 2026 at 4:55 PM
I have to say, comic con badge ribbons are WAAAAYYY more fun than Security Con badge ribbons.
Though, if @hultquist.bsky.social doesn’t object, I may try to come up with some fun ones to hand out at @sleuthcon.bsky.social.
Though, if @hultquist.bsky.social doesn’t object, I may try to come up with some fun ones to hand out at @sleuthcon.bsky.social.
If you are using Notepad++ their update infrastructure appears to have been compromised for months.
The Notepad++ supply chain attack – unnoticed execution chains and new IoCs
Kaspersky GReAT experts discovered previously undocumented infection chains used in the Notepad++ supply chain attacks. The article provides new IoCs related to those incidents which employ DLL sidelo...
securelist.com
February 3, 2026 at 2:25 PM
If you are using Notepad++ their update infrastructure appears to have been compromised for months.
Ahhh yes, ransomware groups being complete pieces of shit. And the beat goes on…
Via @alexmartin.bsky.social & @therecordmedia.bsky.social
Via @alexmartin.bsky.social & @therecordmedia.bsky.social
Hackers attempt to extort parents after school refuses to pay ransom fee
The attackers are believed to have gained access to the internal networks of OLV Pulhof, a secondary school in the Berchem district of Antwerp, shortly after the Christmas break.
therecord.media
February 3, 2026 at 2:07 PM
Ahhh yes, ransomware groups being complete pieces of shit. And the beat goes on…
Via @alexmartin.bsky.social & @therecordmedia.bsky.social
Via @alexmartin.bsky.social & @therecordmedia.bsky.social
This is absolutely true! My wife and I LOVED going to events at the Kennedy Center. Other than the lack of Metro access, it really is beautiful.
I guess this might not be obvious to folks who aren’t in DC/regular attendees, but: The KC is a gorgeous venue. It is not run down, and certainly is not remotely in need of the kind of complete renovation that would require shutting it down for two years.
February 3, 2026 at 4:59 AM
This is absolutely true! My wife and I LOVED going to events at the Kennedy Center. Other than the lack of Metro access, it really is beautiful.
With our kitchen remodel taking up all of November and December and our house being a wreck, I couldn’t enjoy my favorite winter break downtime fun:
Doing a puzzle…
Fortunately, a quiet weekend meant I couldn’t enjoy relax and focus.
Doing a puzzle…
Fortunately, a quiet weekend meant I couldn’t enjoy relax and focus.
February 2, 2026 at 11:22 PM
With our kitchen remodel taking up all of November and December and our house being a wreck, I couldn’t enjoy my favorite winter break downtime fun:
Doing a puzzle…
Fortunately, a quiet weekend meant I couldn’t enjoy relax and focus.
Doing a puzzle…
Fortunately, a quiet weekend meant I couldn’t enjoy relax and focus.
Love this week’s episode of @smashingsecurity.com!
@joetidy.bsky.social’s book is amazing, definitely pick it up now that it’s available in the US.
And, @grahamcluley.com, you know I love you, but if you need an arch-nemesis I’m your huckleberry!
@joetidy.bsky.social’s book is amazing, definitely pick it up now that it’s available in the US.
And, @grahamcluley.com, you know I love you, but if you need an arch-nemesis I’m your huckleberry!
The dark web's worst assassins, and Pegasus in the dock
Podcast Episode · Smashing Security · 01/29/2026 · 41m
podcasts.apple.com
January 31, 2026 at 9:24 PM
Love this week’s episode of @smashingsecurity.com!
@joetidy.bsky.social’s book is amazing, definitely pick it up now that it’s available in the US.
And, @grahamcluley.com, you know I love you, but if you need an arch-nemesis I’m your huckleberry!
@joetidy.bsky.social’s book is amazing, definitely pick it up now that it’s available in the US.
And, @grahamcluley.com, you know I love you, but if you need an arch-nemesis I’m your huckleberry!