Drum Cult
LightNews LightNews
banner
drumcult.bsky.social
Drum Cult
@drumcult.bsky.social
210 followers 360 following 10 posts
Everyone starts from point one

Shahanshah of DFIR
Posts Replies Media Videos
Reposted by Drum Cult
michaeldweiss.bsky.social
Our latest investigation…
theins.press The Insider @theins.press · May 31
‼️ Hidden Bear: The GRU hackers of Russia's most notorious kill squad

As The Insider discovered, Unit 29155, the Kremlin’s most notorious black ops squad, also fielded a team of hackers that tried to destabilize Ukraine before Russia’s full-scale invasion.
Hidden Bear: The GRU hackers of Russia’s most notorious kill squad
Russian GRU Unit 29155 is best known for its long list of murder and sabotage ops, which include the Salisbury poisonings in England, arms depot explosions in Czechia, and an attempted coup d’etat in ...
theins.press
May 31, 2025 at 9:13 PM
drumcult.bsky.social
We published some cool adversary tradecraft in a blog here: cybercx.com.au/blog/keys-to... (there's also a TLP CLEAR advisory floating around).

MX hijacking is brutal - and bypasses all your enterprise controls.
Keys to the (SaaS) kingdom
During an investigation CyberCX became aware of a campaign consisting of multiple incidents associated with the same threat actor utilising domain registration hijacking to target financial technology...
cybercx.com.au
May 29, 2025 at 8:13 AM
Reposted by Drum Cult
moore.bsky.social
The most interesting bit here is that the best Western gov cyber outfits overhauled their operational approach after the mid-10s to focus more on avoiding detection.

The era of the "factory ops" was too risky with the rise of threat intel.

Harder to reliably spot 2025's Regin, Careto, Flame, etc
lorenzofb.bsky.social Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · May 23
NEW: More than a decade ago, Kaspersky discovered a mysterious "elite" hacking group it called Careto (aka “The Mask”), which then vanished and only resurfaced last year.

We can now reveal that the researchers who investigated it were confident that the Spanish government was behind it.
Mysterious hacking group Careto was run by the Spanish government, sources say | TechCrunch
The elusive hacking group Careto was never publicly linked to a specific government, but TechCrunch has learned researchers concluded privately that the Spanish government was behind the group.
techcrunch.com
May 26, 2025 at 7:55 AM
Reposted by Drum Cult
quux.bsky.social
Still wondering… Why does Zoom have offices? 🤔😇😎
May 25, 2025 at 5:23 PM
Reposted by Drum Cult
alexmartin.bsky.social
Sensitive information about women and girls who have survived domestic abuse is now expected to be exposed through a data extortion incident impacting the British government’s Legal Aid Agency, potentially revealing their locations to abusers and in some cases requiring them to move homes.
‘Deep concern’ for domestic abuse survivors as cybercriminals expected to publish confidential refuge addresses
A data extortion incident impacting the British government’s Legal Aid Agency could have serious implications for vulnerable people.
therecord.media
May 21, 2025 at 3:10 PM
Reposted by Drum Cult
rachelcoldicutt.bsky.social
In a rare bit of good news for everyone, the number of new podcasts being created is going down. on.ft.com/4ihZp86 Presumably because everyone already has one
Chart showing the number of new podcasts produced returning to 2018 levels after a 2020 high
April 12, 2025 at 7:26 AM
Reposted by Drum Cult
patrickstokes.com
So the reason Norfolk Island copped a dramatically higher tariff than the rest of Australia is two shipments of Timbaland boots from the Bahamas and some aquarium supplies from the UK that had their point of origin mislabeled or misrecorded.

www.theguardian.com/australia-ne...
April 4, 2025 at 3:53 AM
Reposted by Drum Cult
chrishipkins.bsky.social
Real men don’t barricade women and children. Real men don’t threaten and intimidate. Real men don’t preach hate. Real men DO show respect, compassion & love. Real men are comfortable enough in who they are to celebrate the diversity of others. Brian Tamaki you are just a boy.
February 15, 2025 at 8:38 AM
drumcult.bsky.social
Great to see our little report covered by @patrick.risky.biz and @metlstorm.risky.biz 💪
patrick.risky.biz Patrick Gray @patrick.risky.biz · Feb 12
This week's show is up!

We talk about a DOGE staffer's links to The Com, Paragon firing Italy as a spyware customer and Thailand cutting power to scam compounds.

Then we do a deep dive on a terrific threat/DFIR report from CyberCX.

Video: www.youtube.com/watch?v=4bzL...

Audio: risky.biz/RB779/
Risky Business Weekly (779): DOGE staffer linked to The Com
YouTube video by Risky Business Media
www.youtube.com
February 14, 2025 at 9:47 PM
Reposted by Drum Cult
martinmatishak.bsky.social
EXCLUSIVE: A potentially catastrophic ransomware attack on Costa Rica’s largest oil refinery last year was the first real-world test of the U.S. State Department’s new rapid response tool for cybersecurity incidents.

Only on @therecordmedia.bsky.social

therecord.media/state-depart...
Costa Rica refinery cyberattack was first deployment for new US response program, ambassador says
A recent ransomware attack on RECOPE, Costa Rica's state-run energy company, was the first real-world test for FALCON, a new State Department program for foreign incident response, a top diplomat tell...
therecord.media
January 17, 2025 at 6:40 PM
Reposted by Drum Cult
nicholasgrossman.bsky.social
I sincerely hope that any Americans pining for Chinese social media because American social media is so repressive and censorious, or pining for the experience of an average person in China because average Americans are so poor, beaten down, and despairing never have to experience why they're wrong.
January 15, 2025 at 7:13 PM
Reposted by Drum Cult
aaron.cat.gf
WHOVILLE, Libya (Reuters) - The Grinch, and his loyalist bodyguard Max, broke out of the two-month siege of Mt. Crumpit. Once his convoy was hit by SANTA aircraft, the Grinch was captured and killed by pursuing Whoville units.
A cross-sectional diagram of Mt. Crumpit showing a hidden entrance concealed by bricks and rubble, leading to a cave where the Grinch is depicted lying down in a simple line art style, reminiscent of the Saddam Hussein hiding place meme format. The image uses a purple-tinted background for the mountain exterior and includes white dotted circles highlighting key areas with labeled arrows pointing to "Entrance hidden by bricks and rubble" and "The Grinch."
December 24, 2024 at 10:55 PM
Reposted by Drum Cult
yimbyland.com
Bashar al-Assad, the London Ophthalmologist?
December 8, 2024 at 6:42 AM
Reposted by Drum Cult
tanya.bsky.social
for whom the doom scrolls
December 3, 2024 at 5:08 AM
Reposted by Drum Cult
winnona.bsky.social
CTI is the cause of my brainrot but I really cooked on this #salttyphoon #telecomhack
November 26, 2024 at 10:18 PM
Reposted by Drum Cult
cwarzel.bsky.social
A quick update to say that i’ll be posting all my content to Milf Messenger which is crucially not an echo chamber and is *actually* the place where free speech, spirited debate, and the marketplace of ideas thrives
esqueer.net Alejandra Caraballo @esqueer.net · Nov 17
Bluesky is number 1.
This image lists the top free social networking apps in a digital store. The rankings are: 1. Bluesky 2. MILF Messenger 3. Threads 4. Instagram 5. Facebook 6. X The list reflects the current standings based on downloads or user activity.
November 17, 2024 at 12:01 PM
Reposted by Drum Cult
vonaether.bsky.social
If Batman was a Santa, would he wear his hat like this, or like this
Batman wearing a Santa hat. The hat has holes for the ears of his cowl to poke through. Batman wearing two tiny Santa hats, each on the tip of one of the ears of his cowl.
November 25, 2023 at 12:32 AM