Jeremy Kirk
@jkirk.bsky.social
Threat intel @ Intel 471 (@intel471.bsky.social). Personal account. Interests: Cybercrime, cyber threat intelligence, OSINT, data breaches, photography. Also produce Intel 471's "Cybercrime Exposed" podcast. #Australia
Anthropic's AI cyberespionage report feels as odd as the last one. Just 13 pages, it has none of the traditional components of a usual threat intel report (IoCs, payload hashes, etc.) and it seems to bury the lead re: technical sophistication. I wonder if a target will come forward. #infosec
November 14, 2025 at 7:40 AM
Anthropic's AI cyberespionage report feels as odd as the last one. Just 13 pages, it has none of the traditional components of a usual threat intel report (IoCs, payload hashes, etc.) and it seems to bury the lead re: technical sophistication. I wonder if a target will come forward. #infosec
Famed Russian spy hunter Christo Grozev claimed on this podcast four months ago that North Korea hacked the Democratic National Committee in 2016 and passed the info to Russia, which in exchange divulged access to Bangladesh Bank. 🤔 #infosec Passage at 13m 31s:
www.youtube.com/watch?v=dimh...
www.youtube.com/watch?v=dimh...
November 6, 2025 at 9:11 PM
Famed Russian spy hunter Christo Grozev claimed on this podcast four months ago that North Korea hacked the Democratic National Committee in 2016 and passed the info to Russia, which in exchange divulged access to Bangladesh Bank. 🤔 #infosec Passage at 13m 31s:
www.youtube.com/watch?v=dimh...
www.youtube.com/watch?v=dimh...
Accused ALPHV/BlackCat ransomware affiliate Ryan Goldberg made US$214,000 a year working in incident response for Sygnia but told the FBI he was in debt as the reason for getting involved in ransomware, according to court documents. He initially denied involvement in the attacks. #infosec
November 5, 2025 at 11:09 PM
Accused ALPHV/BlackCat ransomware affiliate Ryan Goldberg made US$214,000 a year working in incident response for Sygnia but told the FBI he was in debt as the reason for getting involved in ransomware, according to court documents. He initially denied involvement in the attacks. #infosec
Winnie wanted to lay on the keyboard so I guess this is the second-best position. 😀
November 3, 2025 at 11:30 PM
Winnie wanted to lay on the keyboard so I guess this is the second-best position. 😀
A new episode of @intel471.bsky.social's Cybercrime Exposed podcast is out! DukeEugene is a Russian Android malware dev who has a big problem, and he puts everything on the line to solve it. Link to pod here: www.intel471.com/resources/po...
August 20, 2025 at 3:10 AM
A new episode of @intel471.bsky.social's Cybercrime Exposed podcast is out! DukeEugene is a Russian Android malware dev who has a big problem, and he puts everything on the line to solve it. Link to pod here: www.intel471.com/resources/po...
@campuscodi.risky.biz Coming off the SharePoint flaw mess, I found this line in the Risky Bulletin hilarious 🤣.
July 25, 2025 at 5:32 AM
@campuscodi.risky.biz Coming off the SharePoint flaw mess, I found this line in the Risky Bulletin hilarious 🤣.
Aldi is selling 50-gram packets of "hand picked" dried mixed forest mushrooms this week if anyone is interested, mmmmm? #Australia
July 17, 2025 at 8:26 AM
Aldi is selling 50-gram packets of "hand picked" dried mixed forest mushrooms this week if anyone is interested, mmmmm? #Australia
I seem to have escaped the worst from the Qantas breach -- no phone number, email or physical address was leaked, just name, frequent flyer number and tier. #infosec #australia
July 9, 2025 at 3:17 AM
I seem to have escaped the worst from the Qantas breach -- no phone number, email or physical address was leaked, just name, frequent flyer number and tier. #infosec #australia
Kai Logan West (aka Kyle Northern) has been ID'd as IntelBroker, one of the owners of BreachForum and a prolific actor who breached dozens of organizations. Undercover officers bought data from him and tied supplied a BTC address to Ramp and Coinbase accouts in his real name. #infosec
June 25, 2025 at 10:46 PM
Kai Logan West (aka Kyle Northern) has been ID'd as IntelBroker, one of the owners of BreachForum and a prolific actor who breached dozens of organizations. Undercover officers bought data from him and tied supplied a BTC address to Ramp and Coinbase accouts in his real name. #infosec
This is the first time I've seen privacy used as a marketing argument for eyeglasses. Is Zenni's claim is accurate? Does deflecting infrared light foil facial recognition/AI-based tracking? #infosec
June 21, 2025 at 9:20 AM
This is the first time I've seen privacy used as a marketing argument for eyeglasses. Is Zenni's claim is accurate? Does deflecting infrared light foil facial recognition/AI-based tracking? #infosec
Winnie Pickle is one years old today! 🎂
May 14, 2025 at 1:44 AM
Winnie Pickle is one years old today! 🎂
The marketing around TeleMessage Signal Archiver (TM SGNL) is misleading as to its security risks, particularly for people who don't understand this area. The screenshotted quote occurs in this video from Smarsh around 1.38s. #infosec www.youtube.com/watch?v=roY2...
May 5, 2025 at 12:07 AM
The marketing around TeleMessage Signal Archiver (TM SGNL) is misleading as to its security risks, particularly for people who don't understand this area. The screenshotted quote occurs in this video from Smarsh around 1.38s. #infosec www.youtube.com/watch?v=roY2...
The end of the story contains questionable testimonials, one of which includes this screenshot purportedly from an ANZ bank account. Other people claim to get checks, which is bizarre for an Aussie audience. (5/6)
March 12, 2025 at 3:58 AM
The end of the story contains questionable testimonials, one of which includes this screenshot purportedly from an ANZ bank account. Other people claim to get checks, which is bizarre for an Aussie audience. (5/6)
The next step is registering on a web-based form upon which an operator will call the person back. (4/6)
March 12, 2025 at 3:58 AM
The next step is registering on a web-based form upon which an operator will call the person back. (4/6)
Some of you can probably guess where this is going. Yes, it's a cryptocurrency scheme! Give Wong AU$375, and she can turn it into a million in less than six months using Bitcoin Code, an AI-powered crypto trading program. What could go wrong?🤣 (3/6)
March 12, 2025 at 3:58 AM
Some of you can probably guess where this is going. Yes, it's a cryptocurrency scheme! Give Wong AU$375, and she can turn it into a million in less than six months using Bitcoin Code, an AI-powered crypto trading program. What could go wrong?🤣 (3/6)
The ad pretends to link to 9News, but instead goes to a fake news story on hosted on cssat[.]xyz. The story, which mimics news.com.au and absurdly says is Wong being sued by the Bank of Australia for revealing her wealth secrets on "The Cheap Seats" TV show. Another badly doctored photo. (2/6)
March 12, 2025 at 3:58 AM
The ad pretends to link to 9News, but instead goes to a fake news story on hosted on cssat[.]xyz. The story, which mimics news.com.au and absurdly says is Wong being sued by the Bank of Australia for revealing her wealth secrets on "The Cheap Seats" TV show. Another badly doctored photo. (2/6)
A Facebook ad recently caught my eye: a photo of Australian Minister of Foreign Affairs Penny Wong that had been doctored to look like she had a black eye. It's accompanied by a headline about "tragic news." A short thread. #Australia #infosec (1/6)
March 12, 2025 at 3:58 AM
A Facebook ad recently caught my eye: a photo of Australian Minister of Foreign Affairs Penny Wong that had been doctored to look like she had a black eye. It's accompanied by a headline about "tragic news." A short thread. #Australia #infosec (1/6)
Nice chart of paid OSINT tools here plus an accompanying report on them from the UK OSINT Community group. #infosec
www.osint.uk/state-of-the...
www.osint.uk/state-of-the...
March 11, 2025 at 10:38 PM
Nice chart of paid OSINT tools here plus an accompanying report on them from the UK OSINT Community group. #infosec
www.osint.uk/state-of-the...
www.osint.uk/state-of-the...
잡채! Korean sweet potato "glass" noodles plus chicken mince and capciscum.
March 10, 2025 at 9:21 AM
잡채! Korean sweet potato "glass" noodles plus chicken mince and capciscum.
Went out for a mountain bush walk this morning and child spots this delight -- a blue mushroom! We looked for smurfs but unfortunately didn't find any. #Australia
March 9, 2025 at 3:17 AM
Went out for a mountain bush walk this morning and child spots this delight -- a blue mushroom! We looked for smurfs but unfortunately didn't find any. #Australia
Someone sent extortion letters through the U.S. mail pretending to be the BianLian ransomware group. The letters included real compromised passwords as proof and accurate Tor sites. Bizarre! By @lawrenceabrams.bsky.social www.bleepingcomputer.com/news/securit... #infosec
March 5, 2025 at 7:12 AM
Someone sent extortion letters through the U.S. mail pretending to be the BianLian ransomware group. The letters included real compromised passwords as proof and accurate Tor sites. Bizarre! By @lawrenceabrams.bsky.social www.bleepingcomputer.com/news/securit... #infosec
DeepSeek is just the start. China has approved more than 117 LLMs since August 2023 that are all rapidly maturing in capability. Intel 471's Analysis and Cyber Geopolitical Intelligence teams explain here what this means for enterprise risk. #infosec
intel471.com/blog/does-de...
intel471.com/blog/does-de...
February 10, 2025 at 9:42 PM
DeepSeek is just the start. China has approved more than 117 LLMs since August 2023 that are all rapidly maturing in capability. Intel 471's Analysis and Cyber Geopolitical Intelligence teams explain here what this means for enterprise risk. #infosec
intel471.com/blog/does-de...
intel471.com/blog/does-de...
I'm seeing on the other site it could be a BGP stuff up.
February 10, 2025 at 10:15 AM
I'm seeing on the other site it could be a BGP stuff up.