Cybercrustacean
@cybercrustacean.bsky.social
USAF Retired, Cybersecurity/Technologist--retired. On sabbatical for now.
Reposted by Cybercrustacean
The two groups that took credit for the cyberattack say it was the result of a yearlong operation that penetrated Aeroflot's network, destroyed 7,000 servers, and gained control over the personal computers of the company's employees.
Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel
State-owned Aeroflot cancels dozens of flights, stranding travelers throughout Russia.
arstechnica.com
July 28, 2025 at 8:31 PM
The two groups that took credit for the cyberattack say it was the result of a yearlong operation that penetrated Aeroflot's network, destroyed 7,000 servers, and gained control over the personal computers of the company's employees.
Reposted by Cybercrustacean
Reposted by Cybercrustacean
The U.S. Pond Hockey Championships on Lake Nokomis started today! With 2,700 players from around the world participating, it should be an incredible week of epic outdoor hockey.
www.cbsnews.com/minnesota/ne...
www.cbsnews.com/minnesota/ne...
Organizers for U.S. Pond Hockey Championships say ice conditions ideal after event cut short last year
After unusually warm winter weather cut the event short last year, organizers for the U.S. Pond Hockey Championships say ice conditions are some of the best they've seen in years.
www.cbsnews.com
January 23, 2025 at 12:39 AM
The U.S. Pond Hockey Championships on Lake Nokomis started today! With 2,700 players from around the world participating, it should be an incredible week of epic outdoor hockey.
www.cbsnews.com/minnesota/ne...
www.cbsnews.com/minnesota/ne...
Reposted by Cybercrustacean
As recently as last year, social engineering for initial access was primarily confined to western based ransomware groups (LAPSUS & Scattered Spider). That is no longer the case.
via @alexmartin.bsky.social & @therecordmedia.bsky.social
via @alexmartin.bsky.social & @therecordmedia.bsky.social
Russian ransomware hackers increasingly posing as tech support on Microsoft Teams
Researchers at Sophos say they have seen more than 15 incidents in which two separate groups used Microsoft Office 365’s default service settings to socially engineer their way onto a victim’s system.
therecord.media
January 21, 2025 at 1:25 PM
As recently as last year, social engineering for initial access was primarily confined to western based ransomware groups (LAPSUS & Scattered Spider). That is no longer the case.
via @alexmartin.bsky.social & @therecordmedia.bsky.social
via @alexmartin.bsky.social & @therecordmedia.bsky.social
-23 Fahrenheit on the lakes today. Sun dogs and ice fisherman on Detroit Lakes, MN.
January 20, 2025 at 4:41 PM
-23 Fahrenheit on the lakes today. Sun dogs and ice fisherman on Detroit Lakes, MN.
Reposted by Cybercrustacean
Reposted by Cybercrustacean
A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical information to other cybercriminals.
Hackers leak configs and VPN credentials for 15,000 FortiGate devices
A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical information to other cybercriminals.
www.bleepingcomputer.com
January 16, 2025 at 2:57 AM
A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical information to other cybercriminals.
Reposted by Cybercrustacean
Some data breaches include novel information about us, are the result of particularly noteworthy security flaws, or are just so massive they’re impossible to ignore. Here’s EFF’s list of some of the most egregious data breaches of 2024.
The Breachies 2024: The Worst, Weirdest, Most Impactful Data Breaches of the Year
Privacy isn’t dead. While some information about you is almost certainly out there, that’s no reason for despair. In fact, it’s a good reason to take action.
www.eff.org
January 12, 2025 at 5:04 PM
Some data breaches include novel information about us, are the result of particularly noteworthy security flaws, or are just so massive they’re impossible to ignore. Here’s EFF’s list of some of the most egregious data breaches of 2024.
Reposted by Cybercrustacean
Want to see what permissions a GCP service account has? This guide walks through using the `testIamPermissions` method to enumerate access. All you need is a service account key or token. Check out the Python script that simplifies the process.
Enumerate Service Account Permissions - Hacking The Cloud
Brute force the permissions of a service account to see what you have access to.
buff.ly
January 9, 2025 at 3:00 PM
Want to see what permissions a GCP service account has? This guide walks through using the `testIamPermissions` method to enumerate access. All you need is a service account key or token. Check out the Python script that simplifies the process.
Reposted by Cybercrustacean
I've been reading up on NAT traversal and how STUN and similar protocols work.
Very useful if you are interested in C2 or data exfiltration.
tailscale.com/blog/how-nat...
community.cisco.com/t5/collabora...
Very useful if you are interested in C2 or data exfiltration.
tailscale.com/blog/how-nat...
community.cisco.com/t5/collabora...
January 9, 2025 at 10:51 AM
I've been reading up on NAT traversal and how STUN and similar protocols work.
Very useful if you are interested in C2 or data exfiltration.
tailscale.com/blog/how-nat...
community.cisco.com/t5/collabora...
Very useful if you are interested in C2 or data exfiltration.
tailscale.com/blog/how-nat...
community.cisco.com/t5/collabora...
Truth
Chesterson's Fence is something far too few people (especially those in security) are familiar with.
Second order thinking is important, something, something...
January 2, 2025 at 9:56 PM
Truth
Reposted by Cybercrustacean
Reposted by Cybercrustacean
“A Complete Unknown” is now out and I really liked it. A must-see for anyone who (a) loves Bob Dylan’s music and his story, (b) is from MN (as Dylan grew up in Hibbing), and (c) wants to see some fantastic performances by Timothée Chalamet actor and cast…
December 27, 2024 at 8:34 PM
“A Complete Unknown” is now out and I really liked it. A must-see for anyone who (a) loves Bob Dylan’s music and his story, (b) is from MN (as Dylan grew up in Hibbing), and (c) wants to see some fantastic performances by Timothée Chalamet actor and cast…
Reposted by Cybercrustacean
Former NSA cyberspy's not-so-secret hobby – Xmas light hacks
Rob Joyce explains how it's done
www.theregister.com
December 25, 2024 at 9:26 PM
Reposted by Cybercrustacean
Merry Christmas and Happy Hanukkah, the first public release of #ghostty is here! ghostty.org
Ghostty
Ghostty is a fast, feature-rich, and cross-platform terminal emulator that uses platform-native UI and GPU acceleration.
ghostty.org
December 26, 2024 at 8:27 PM
Merry Christmas and Happy Hanukkah, the first public release of #ghostty is here! ghostty.org
Reposted by Cybercrustacean
This channel is so great. Watch for a history of #ethernet #networking and why most of us are using twisted-pair cables with RJ-45 connectors.
TWISTED: The dramatic history of twisted-pair Ethernet
YouTube video by The Serial Port
youtu.be
December 26, 2024 at 7:52 PM
This channel is so great. Watch for a history of #ethernet #networking and why most of us are using twisted-pair cables with RJ-45 connectors.
Reposted by Cybercrustacean
162 years ago, 38 Dakota men were hung in the largest mass execution in our nation’s history.
The sacrifice of these riders reminds us to recommit to accountability and healing for the Dakota people.
www.mprnews.org/story/2024/1...
The sacrifice of these riders reminds us to recommit to accountability and healing for the Dakota people.
www.mprnews.org/story/2024/1...
Pain, hope, history share the ride as Dakota Exiles commemorate Mankato hangings
A nearly 300-mile journey ends in Mankato this week to mark the 161st anniversary of one of the grimmest chapters in Dakota history, the hanging of 38 men after the U.S.- Dakota War. Riders hope their...
www.mprnews.org
December 26, 2024 at 4:07 PM
162 years ago, 38 Dakota men were hung in the largest mass execution in our nation’s history.
The sacrifice of these riders reminds us to recommit to accountability and healing for the Dakota people.
www.mprnews.org/story/2024/1...
The sacrifice of these riders reminds us to recommit to accountability and healing for the Dakota people.
www.mprnews.org/story/2024/1...
Reposted by Cybercrustacean
Security firm Spur has released a list of 2,400 IP addresses linked to Astrill, a VPN service often used by North Korean IT workers to hide their location
spur.us/astrill-vpn-...
spur.us/astrill-vpn-...
Astrill VPN and Remote Worker Fraud - Spur
In our ongoing efforts to help organizations protect against fraud and abuse, we're excited to announce the free release of a comprehensive list of IP
spur.us
December 26, 2024 at 4:09 PM
Security firm Spur has released a list of 2,400 IP addresses linked to Astrill, a VPN service often used by North Korean IT workers to hide their location
spur.us/astrill-vpn-...
spur.us/astrill-vpn-...
Reposted by Cybercrustacean
This may be useful as a starting point for a word list, but remember that the methodology does not and can not remove intentionally vulnerable targets. The best use of this list is likely as a starting point for your own honeypot
nordpass.com/most-co...
nordpass.com/most-co...
Top 200 Most Common Passwords
NordPass presents the 6th annual list of the 200 most common passwords. Discover the most common passwords used worldwide in both personal and corporate settings.
nordpass.com
December 26, 2024 at 3:00 PM
This may be useful as a starting point for a word list, but remember that the methodology does not and can not remove intentionally vulnerable targets. The best use of this list is likely as a starting point for your own honeypot
nordpass.com/most-co...
nordpass.com/most-co...
Reposted by Cybercrustacean
I’m shocked, shocked I tell you, that North Korea is behind the largest cryptocurrency theft of 2024.
via @therecordmedia.bsky.social & @jgreig.bsky.social
via @therecordmedia.bsky.social & @jgreig.bsky.social
FBI attributes largest crypto hack of 2024 to North Korea’s TraderTraitor
The biggest crypto heist of 2024 was conducted by seasoned cybercriminals working on behalf of North Korea’s government, according to the FBI.
therecord.media
December 26, 2024 at 2:26 PM
I’m shocked, shocked I tell you, that North Korea is behind the largest cryptocurrency theft of 2024.
via @therecordmedia.bsky.social & @jgreig.bsky.social
via @therecordmedia.bsky.social & @jgreig.bsky.social
Reposted by Cybercrustacean
The US state of Ohio has warned state employees that they might be held personally liable if they fall to online email scams
athensindependent.com/auditor-issu...
athensindependent.com/auditor-issu...
December 26, 2024 at 12:36 PM
The US state of Ohio has warned state employees that they might be held personally liable if they fall to online email scams
athensindependent.com/auditor-issu...
athensindependent.com/auditor-issu...
Reposted by Cybercrustacean
Based on interviews with NCA investigators, this is the story of how pulling at the thread of a ransomware group’s extortion funds ended up unravelling a Russian money-laundering network used by drug traffickers, cybercriminals, elites evading sanctions and even the Kremlin’s espionage operations.
Inside Operation Destabilise: How a ransomware investigation linked Russian money laundering and street-level drug dealing
U.K. investigators tell the story of how examining a cybercrime group's extortion funds helped to unravel a money-laundering network reaching from the illegal drug trade to Moscow's elite.
therecord.media
December 23, 2024 at 8:31 AM
Based on interviews with NCA investigators, this is the story of how pulling at the thread of a ransomware group’s extortion funds ended up unravelling a Russian money-laundering network used by drug traffickers, cybercriminals, elites evading sanctions and even the Kremlin’s espionage operations.
Reposted by Cybercrustacean
Reposted by Cybercrustacean
NIST Quantum Standards: Security Experts Talk Hurdles (I'm in article)
cybermagazine.com/articles/rac...
cybermagazine.com/articles/rac...
NIST Quantum Standards: Security Experts Talk Hurdles
As NIST's post-quantum standards roll out, tech firms are scrambling to future-proof their encryption, yet issues, both internally and externally persist
cybermagazine.com
December 20, 2024 at 1:06 PM
NIST Quantum Standards: Security Experts Talk Hurdles (I'm in article)
cybermagazine.com/articles/rac...
cybermagazine.com/articles/rac...
Reposted by Cybercrustacean
For the next installment in his malware blog series, Principal Security Consultant Scott Nusbaum walks us through using shared memory sections to inject and execute code in a remote process. Read it now! trustedsec.com/blog/malware...
Malware Series: Process Injection Mapped Sections
trustedsec.com
December 20, 2024 at 6:12 PM
For the next installment in his malware blog series, Principal Security Consultant Scott Nusbaum walks us through using shared memory sections to inject and execute code in a remote process. Read it now! trustedsec.com/blog/malware...