x0rz
@x0rz.bsky.social
Cybersecurity & Threat Intelligence. Knowledge is power, France is bacon 🥓
Reposted by x0rz
AI assistants make widespread errors about the news, new research shows reut.rs/4qkIfvx
AI assistants make widespread errors about the news, new research shows
Leading AI assistants misrepresent news content in nearly half their responses, according to new research published on Wednesday by the European Broadcasting Union (EBU) and the BBC.
reut.rs
October 21, 2025 at 10:10 PM
AI assistants make widespread errors about the news, new research shows reut.rs/4qkIfvx
Reposted by x0rz
Taiwan having to defend itself against both China AND Russia would be a tall order. www.washingtonpost.com/world/2025/0...
Russia is helping prepare China to attack Taiwan, documents suggest
Russia is using its battlefield experience to give Chinese airborne units the training and technical knowhow to carry out lightning-fast operations.
www.washingtonpost.com
September 26, 2025 at 6:59 PM
Taiwan having to defend itself against both China AND Russia would be a tall order. www.washingtonpost.com/world/2025/0...
Reposted by x0rz
Dubai chocolate is a psyop
September 25, 2025 at 4:21 PM
Dubai chocolate is a psyop
Reposted by x0rz
1/ China’s cyber capabilities didn’t start top-down, they started with raw hacking talent. The new CSS/ETH report "Before Vegas" traces how informal talent shaped China’s cyber ecosystem, moving from online forums to industry leaders (link in thread).
July 21, 2025 at 8:12 AM
1/ China’s cyber capabilities didn’t start top-down, they started with raw hacking talent. The new CSS/ETH report "Before Vegas" traces how informal talent shaped China’s cyber ecosystem, moving from online forums to industry leaders (link in thread).
Reposted by x0rz
2/2 Russia at will. Although he claims to be apolitical, he denies responsibility for the crimes that are enabled by his platform. He loves to dish out advice to Western politicians, but hates paying taxes and prefers to live in a dictatorship. In short, he embodies the stereotypical Russian.
Telegram, the FSB, and the Man in the Middle
The technical infrastructure that underpins Telegram is controlled by a man whose companies have collaborated with Russian intelligence services. An investigation by IStories
istories.media
June 20, 2025 at 4:52 AM
2/2 Russia at will. Although he claims to be apolitical, he denies responsibility for the crimes that are enabled by his platform. He loves to dish out advice to Western politicians, but hates paying taxes and prefers to live in a dictatorship. In short, he embodies the stereotypical Russian.
Reposted by x0rz
Following long practice of US gov indicting Chinese/Russian state hackers for breaching US systems, China has named and issued warrants for 3 NSA workers it says were behind hacks of China systems during Asian Winter Games. Also says University of California and Virginia Tech participated in attacks
China accuses US of launching 'advanced' cyberattacks, names alleged NSA agents
Chinese police in the northeastern city of Harbin have accused the United States National Security Agency (NSA) of launching "advanced" cyberattacks during the Asian Winter Games in February, targeting essential industries.
www.reuters.com
April 15, 2025 at 12:54 PM
Following long practice of US gov indicting Chinese/Russian state hackers for breaching US systems, China has named and issued warrants for 3 NSA workers it says were behind hacks of China systems during Asian Winter Games. Also says University of California and Virginia Tech participated in attacks
Reposted by x0rz
ESET disputes Microsoft's classification of the FamousSparrow APT as part of the Salt Typhoon group.
ESET believes the two APTs may be using a shared digital quartermaster (malware and tools developer).
www.welivesecurity.com/en/eset-rese...
ESET believes the two APTs may be using a shared digital quartermaster (malware and tools developer).
www.welivesecurity.com/en/eset-rese...
You will always remember this as the day you finally caught FamousSparrow
ESET researchers uncover the toolset used by the FamousSparrow APT group, including two undocumented versions of the group’s signature backdoor, SparrowDoor.
www.welivesecurity.com
March 27, 2025 at 11:46 AM
ESET disputes Microsoft's classification of the FamousSparrow APT as part of the Salt Typhoon group.
ESET believes the two APTs may be using a shared digital quartermaster (malware and tools developer).
www.welivesecurity.com/en/eset-rese...
ESET believes the two APTs may be using a shared digital quartermaster (malware and tools developer).
www.welivesecurity.com/en/eset-rese...
Reposted by x0rz
When the answer to "are you cheating on me?" is "who told you that?" and not "no"
March 21, 2025 at 5:04 PM
When the answer to "are you cheating on me?" is "who told you that?" and not "no"
March 12, 2025 at 8:59 PM
Reposted by x0rz
Extraordinary comment from Tory MP Graham Stuart:
“We have to consider the possibility that President Trump is a Russian asset.
If so, Trump's acquisition is the crowning achievement of Putin's FSB career.”
(Narrator: It’s extraordinary because our own gd government didn’t say it first.)
“We have to consider the possibility that President Trump is a Russian asset.
If so, Trump's acquisition is the crowning achievement of Putin's FSB career.”
(Narrator: It’s extraordinary because our own gd government didn’t say it first.)
March 4, 2025 at 2:53 PM
Extraordinary comment from Tory MP Graham Stuart:
“We have to consider the possibility that President Trump is a Russian asset.
If so, Trump's acquisition is the crowning achievement of Putin's FSB career.”
(Narrator: It’s extraordinary because our own gd government didn’t say it first.)
“We have to consider the possibility that President Trump is a Russian asset.
If so, Trump's acquisition is the crowning achievement of Putin's FSB career.”
(Narrator: It’s extraordinary because our own gd government didn’t say it first.)
Reposted by x0rz
It shouldn’t take a panic over Chinese AI to remind people that most companies in the business set the terms for how they use your private data.
And when you use their AI apps, you’re doing work for them, not the other way round.
And when you use their AI apps, you’re doing work for them, not the other way round.
January 28, 2025 at 4:25 AM
It shouldn’t take a panic over Chinese AI to remind people that most companies in the business set the terms for how they use your private data.
And when you use their AI apps, you’re doing work for them, not the other way round.
And when you use their AI apps, you’re doing work for them, not the other way round.
Reposted by x0rz
being able to walk away from the internet, even via laptops was nice
IDK if it was WORSE just DIFFERENT
Also internet on our phones was a mistake.
Also internet on our phones was a mistake.
January 28, 2025 at 4:19 AM
being able to walk away from the internet, even via laptops was nice
Reposted by x0rz
Ah yes. We're at the 'pUt It On ThE bLoCkChAiN' stage.
January 25, 2025 at 8:13 PM
Ah yes. We're at the 'pUt It On ThE bLoCkChAiN' stage.
Reposted by x0rz
It's like Ivanti. Every month is zero-day awareness month.
January 14, 2025 at 9:35 PM
It's like Ivanti. Every month is zero-day awareness month.
I can never fully know if I already read this "Fortinet 0day in the wild" article 3 weeks ago or if it’s new. Ha, never mind! It’s new 🥲
Earlier: Miscreants 'mass exploited' Fortinet firewalls, 'highly probable' zero-day used
Now: Fortinet issues advisory and updates for 9.6/10 critical severity vulnerability, acknowledges active exploitation
See update: www.theregister.com/2025/01/14/m...
Now: Fortinet issues advisory and updates for 9.6/10 critical severity vulnerability, acknowledges active exploitation
See update: www.theregister.com/2025/01/14/m...
Snoops exploited Fortinet firewalls with 'probable' 0-day
Ransomware 'not off the table,' Arctic Wolf threat hunter tells El Reg
www.theregister.com
January 14, 2025 at 9:14 PM
I can never fully know if I already read this "Fortinet 0day in the wild" article 3 weeks ago or if it’s new. Ha, never mind! It’s new 🥲
Reposted by x0rz
LeMonde investigation finds that members of a French nuclear-armed submarine crew inadvertently shared sensitive information about the patrol schedule of the ship via the Strava workout app: www.lemonde.fr/videos/artic...
StravaLeaks : des dates de patrouilles des sous-marins nucléaires français dévoilées par l’imprudence de membres d’équipage
Des membres d’équipage des sous-marins français dotés de l’arme atomique partagent publiquement leurs activités sportives par le biais de l’application Strava, divulguant ainsi, par inadvertance, des ...
www.lemonde.fr
January 13, 2025 at 6:01 PM
LeMonde investigation finds that members of a French nuclear-armed submarine crew inadvertently shared sensitive information about the patrol schedule of the ship via the Strava workout app: www.lemonde.fr/videos/artic...
Reposted by x0rz
We're witnessing the evolution of ransomware.
Yesterday someone informed us of the existence of the new TTP of AWS S3 extortion. More specifically, Threat Actors abusing the Amazon Key Management Service (KMS) to encrypt company AWS buckets (or any cloud provider).
Yesterday someone informed us of the existence of the new TTP of AWS S3 extortion. More specifically, Threat Actors abusing the Amazon Key Management Service (KMS) to encrypt company AWS buckets (or any cloud provider).
January 8, 2025 at 2:07 AM
We're witnessing the evolution of ransomware.
Yesterday someone informed us of the existence of the new TTP of AWS S3 extortion. More specifically, Threat Actors abusing the Amazon Key Management Service (KMS) to encrypt company AWS buckets (or any cloud provider).
Yesterday someone informed us of the existence of the new TTP of AWS S3 extortion. More specifically, Threat Actors abusing the Amazon Key Management Service (KMS) to encrypt company AWS buckets (or any cloud provider).
Reposted by x0rz
incredibly detailed piece on Salt and Volt Typhoon (apparently named as if they're brothers)
"a cybersecurity vendor notices the activity and flags it to the port's cybersecurity chief, who examines it and decides it's a false alarm. He heads to lunch at Whataburger."
www.wsj.com/tech/cyberse...
"a cybersecurity vendor notices the activity and flags it to the port's cybersecurity chief, who examines it and decides it's a false alarm. He heads to lunch at Whataburger."
www.wsj.com/tech/cyberse...
How Chinese Hackers Graduated From Clumsy Corporate Thieves to Military Weapons
Massive “Typhoon” cyberattacks on U.S. infrastructure and telecoms sought to lay the groundwork for potential conflict with Beijing, as intruders gathered data and got in position to impede response a...
www.wsj.com
January 5, 2025 at 8:16 PM
incredibly detailed piece on Salt and Volt Typhoon (apparently named as if they're brothers)
"a cybersecurity vendor notices the activity and flags it to the port's cybersecurity chief, who examines it and decides it's a false alarm. He heads to lunch at Whataburger."
www.wsj.com/tech/cyberse...
"a cybersecurity vendor notices the activity and flags it to the port's cybersecurity chief, who examines it and decides it's a false alarm. He heads to lunch at Whataburger."
www.wsj.com/tech/cyberse...
Reposted by x0rz
This aspect of restructuring authority between NSA and USCYBERCOM in light of a dual-hat split is one I hadn’t considered before:
December 19, 2024 at 6:49 AM
This aspect of restructuring authority between NSA and USCYBERCOM in light of a dual-hat split is one I hadn’t considered before:
Reposted by x0rz
I don’t normally get worked up about the naming threat actors thing.
But the Volt & Salt Typhoon is a disaster as it’s so hard for non-specialists to tell them apart:
- Salt is Snowden style espionage by China against US
- Volt is a direct 🇨🇳 military threat to degrade western infrastructure 1/2
But the Volt & Salt Typhoon is a disaster as it’s so hard for non-specialists to tell them apart:
- Salt is Snowden style espionage by China against US
- Volt is a direct 🇨🇳 military threat to degrade western infrastructure 1/2
December 12, 2024 at 8:47 PM
I don’t normally get worked up about the naming threat actors thing.
But the Volt & Salt Typhoon is a disaster as it’s so hard for non-specialists to tell them apart:
- Salt is Snowden style espionage by China against US
- Volt is a direct 🇨🇳 military threat to degrade western infrastructure 1/2
But the Volt & Salt Typhoon is a disaster as it’s so hard for non-specialists to tell them apart:
- Salt is Snowden style espionage by China against US
- Volt is a direct 🇨🇳 military threat to degrade western infrastructure 1/2
Reposted by x0rz
The US Treasury has sanctioned Sichuan Silence, the Chinese company that developed exploits against Sophos firewalls
home.treasury.gov/news/press-r...
home.treasury.gov/news/press-r...
December 10, 2024 at 4:45 PM
The US Treasury has sanctioned Sichuan Silence, the Chinese company that developed exploits against Sophos firewalls
home.treasury.gov/news/press-r...
home.treasury.gov/news/press-r...
Reposted by x0rz
A simple experiment you can do is buy a server, set up a website with nothing on it, then look at the access logs. All day, every day, there are random systems just blasting vulnerabilities at every device on the internet. Analysts call it "background noise", executives call it "cyber attacks".
December 6, 2024 at 2:15 AM
A simple experiment you can do is buy a server, set up a website with nothing on it, then look at the access logs. All day, every day, there are random systems just blasting vulnerabilities at every device on the internet. Analysts call it "background noise", executives call it "cyber attacks".
Why the f*ck does my Windows trying to reach browser.events.data.msn[.]cn
November 30, 2024 at 9:45 AM
Why the f*ck does my Windows trying to reach browser.events.data.msn[.]cn