Ray Canzanese
@canzanese.com
Director of Netskope Threat Labs
Resident of Philadelphia
Graduate of Drexel University
#cybersecurity #infosec
Post mostly about cybersecurity stuff.
Resident of Philadelphia
Graduate of Drexel University
#cybersecurity #infosec
Post mostly about cybersecurity stuff.
Netskope Threat Labs' newest member is Vini Egerland! I look forward to sharing some of the awesome projects Vini is cooking up in the near future!
November 12, 2025 at 5:11 PM
Netskope Threat Labs' newest member is Vini Egerland! I look forward to sharing some of the awesome projects Vini is cooking up in the near future!
TRUMP NATIONAL COMMITTEE JFC is spaming texts urging recipients to fill out the census. This is not the census, it is a pretext to trick victims into recurring donations. Initial link is to us-25[.]net, which redirects to winred[.]com, complete with dark patterns, emotion, and urgency.
October 9, 2025 at 7:04 PM
TRUMP NATIONAL COMMITTEE JFC is spaming texts urging recipients to fill out the census. This is not the census, it is a pretext to trick victims into recurring donations. Initial link is to us-25[.]net, which redirects to winred[.]com, complete with dark patterns, emotion, and urgency.
The Netskope Threat Labs team is #hiring experienced researchers in Brazil, Spain, and Portugal! The team is a fully remote team focused on innovation and thought leadership, researching problems including supply chain security, AI security, and command and control.
www.netskope.com/company/care...
www.netskope.com/company/care...
September 25, 2025 at 8:31 PM
The Netskope Threat Labs team is #hiring experienced researchers in Brazil, Spain, and Portugal! The team is a fully remote team focused on innovation and thought leadership, researching problems including supply chain security, AI security, and command and control.
www.netskope.com/company/care...
www.netskope.com/company/care...
GitHub status is green, but I'm getting the uniorn. Is it just me?
September 25, 2025 at 3:59 PM
GitHub status is green, but I'm getting the uniorn. Is it just me?
$NTSK is officially trading! I've been here for 7 years, and at my previous company (acquired by Netskope) for another 3 -- 10 years spent building products, enabling the field, and ultimately building a research team that I am extremely proud of! netskope.com/threat-labs
September 18, 2025 at 5:17 PM
$NTSK is officially trading! I've been here for 7 years, and at my previous company (acquired by Netskope) for another 3 -- 10 years spent building products, enabling the field, and ultimately building a research team that I am extremely proud of! netskope.com/threat-labs
In honor of Steven Crowe, who passed away after a brutal battle with acute myeloid leukemia, we fund groundbreaking research. Thanks to your past support, two projects are making a huge impact! Please join us in continuing this life-saving work.
give.curesearch.org/fundraiser/6...
give.curesearch.org/fundraiser/6...
September 11, 2025 at 5:28 PM
In honor of Steven Crowe, who passed away after a brutal battle with acute myeloid leukemia, we fund groundbreaking research. Thanks to your past support, two projects are making a huge impact! Please join us in continuing this life-saving work.
give.curesearch.org/fundraiser/6...
give.curesearch.org/fundraiser/6...
I'm hiring a fully remote threat research position for Netskope Threat Labs and will be in Vegas for BlackHat next week. Please DM me if you are interested in the role and want to meet up in person. I have positions open in Brazil and Spain.
July 29, 2025 at 5:33 PM
I'm hiring a fully remote threat research position for Netskope Threat Labs and will be in Vegas for BlackHat next week. Please DM me if you are interested in the role and want to meet up in person. I have positions open in Brazil and Spain.
@defcon.bsky.social Red Team Village schedule hot off the presses. Netskope Threat Labs' own Hubert Lin will be running his reverse port knocking workshop Saturday morning at 11! Hope to see you there.
www.netskope.com/netskope-thr...
www.netskope.com/netskope-thr...
July 14, 2025 at 3:25 PM
@defcon.bsky.social Red Team Village schedule hot off the presses. Netskope Threat Labs' own Hubert Lin will be running his reverse port knocking workshop Saturday morning at 11! Hope to see you there.
www.netskope.com/netskope-thr...
www.netskope.com/netskope-thr...
Weird spam email this morning. No links. No images. Just some text. Is this some kind of bizarre marketing campaign?
July 10, 2025 at 4:45 PM
Weird spam email this morning. No links. No images. Just some text. Is this some kind of bizarre marketing campaign?
Fake DeepSeek installers are delivering the Sainbox RAT and Hidden rootkit. Our latest blog details how this campaign, attributed to the Silver Fox group, works. #malware #RAT #rootkit #infosec
www.netskope.com/blog/deepsee...
www.netskope.com/blog/deepsee...
June 26, 2025 at 4:26 PM
Fake DeepSeek installers are delivering the Sainbox RAT and Hidden rootkit. Our latest blog details how this campaign, attributed to the Silver Fox group, works. #malware #RAT #rootkit #infosec
www.netskope.com/blog/deepsee...
www.netskope.com/blog/deepsee...
Does your security stack protect you against the latest generation of fake CAPTCHAs that evade browser-based defenses by tricking the victim into downloading the payload using the RUN dialog in Windows to download LegionLoader, LummaStealer, and more... www.netskope.com/blog/lumma-s....
June 17, 2025 at 4:26 PM
Does your security stack protect you against the latest generation of fake CAPTCHAs that evade browser-based defenses by tricking the victim into downloading the payload using the RUN dialog in Windows to download LegionLoader, LummaStealer, and more... www.netskope.com/blog/lumma-s....
I received what I was certain was an iCloud phishing email this morning, but after 6 total redirects, it turns out it was actually just really scammy marketing for Total Drive. I assume that the name is short-hand for "I totally shouldn't trust this company with any of my data."
June 12, 2025 at 3:51 PM
I received what I was certain was an iCloud phishing email this morning, but after 6 total redirects, it turns out it was actually just really scammy marketing for Total Drive. I assume that the name is short-hand for "I totally shouldn't trust this company with any of my data."
29% of Netskope customers have completely blocked Elon Musks's Grok AI and 61% have controls to limit its use. What is your strategy? #genai #infosec www.netskope.com/blog/to-grok...
June 10, 2025 at 1:31 PM
29% of Netskope customers have completely blocked Elon Musks's Grok AI and 61% have controls to limit its use. What is your strategy? #genai #infosec www.netskope.com/blog/to-grok...
These E-ZPass #phishing emails are never-ending. This one wasn't as well-targeted (wrong state and one that I rarely drive through). Site required a key (included in phishing link I was sent) and a mobile browser user-agent string. hjyu[.]husndbuhdfytoef[.]cfd
May 13, 2025 at 9:09 PM
These E-ZPass #phishing emails are never-ending. This one wasn't as well-targeted (wrong state and one that I rarely drive through). Site required a key (included in phishing link I was sent) and a mobile browser user-agent string. hjyu[.]husndbuhdfytoef[.]cfd
Mimecast flagged this photo of me during the AI panel at Secure World Philadelphia as "Possible Pornographic Image (90% probability)". I guess my takes were too hot. I'll tone it down next time.
April 25, 2025 at 6:29 PM
Mimecast flagged this photo of me during the AI panel at Secure World Philadelphia as "Possible Pornographic Image (90% probability)". I guess my takes were too hot. I'll tone it down next time.
Missed opportunity for "Make cryptocurrency fraud great again" as a subject line.
www.justice.gov/dag/media/13...
www.justice.gov/dag/media/13...
April 9, 2025 at 8:53 PM
Missed opportunity for "Make cryptocurrency fraud great again" as a subject line.
www.justice.gov/dag/media/13...
www.justice.gov/dag/media/13...
Leandro breaks down a new sample of the Elysium ransomware used by Ghost/Cring/Crypt3r d1c5e7b8e937625891707f8b4b594314
March 20, 2025 at 2:36 AM
Leandro breaks down a new sample of the Elysium ransomware used by Ghost/Cring/Crypt3r d1c5e7b8e937625891707f8b4b594314
Financial services report released by Netskope Threat Labs. Explore the latest data on genAI, personal app risks, and social engineering threats in the financial services sector. #Cybersecurity #Finance #infosec #Netskope
www.netskope.com/netskope-thr...
www.netskope.com/netskope-thr...
March 10, 2025 at 3:52 PM
Financial services report released by Netskope Threat Labs. Explore the latest data on genAI, personal app risks, and social engineering threats in the financial services sector. #Cybersecurity #Finance #infosec #Netskope
www.netskope.com/netskope-thr...
www.netskope.com/netskope-thr...
Analysis of a new Golang backdoor that abuses Telegram for C2.
#malware #backdoor
f84ca2a61f648542f970e7120de116d2
www.netskope.com/blog/telegra...
#malware #backdoor
f84ca2a61f648542f970e7120de116d2
www.netskope.com/blog/telegra...
February 18, 2025 at 4:47 PM
Analysis of a new Golang backdoor that abuses Telegram for C2.
#malware #backdoor
f84ca2a61f648542f970e7120de116d2
www.netskope.com/blog/telegra...
#malware #backdoor
f84ca2a61f648542f970e7120de116d2
www.netskope.com/blog/telegra...