Liam
@liammalcolm.com
Senior Cyber Threat Intel Analyst.
Interest and experience in policing, intelligence, geopolitics and security. Former Special Constable.
www.liammalcolm.com
Interest and experience in policing, intelligence, geopolitics and security. Former Special Constable.
www.liammalcolm.com
Listening to callers on LBC who start their call with "I asked ChatGPT...". A worrying trend.
November 10, 2025 at 4:55 PM
Listening to callers on LBC who start their call with "I asked ChatGPT...". A worrying trend.
Always love some time in Brussels!
November 2, 2025 at 10:15 AM
Always love some time in Brussels!
Stolen from Twitter. True.
October 20, 2025 at 11:42 AM
Stolen from Twitter. True.
It doesn’t matter if Cash *allegedly* only passed Westminster gossip to China. Passing information builds a relationship with the source and handler/runner, and passing of gossip can be used to put pressure on the source if they try and pull out before passing on classified intelligence.
October 16, 2025 at 9:51 AM
It doesn’t matter if Cash *allegedly* only passed Westminster gossip to China. Passing information builds a relationship with the source and handler/runner, and passing of gossip can be used to put pressure on the source if they try and pull out before passing on classified intelligence.
Excited to say I've resigned from my job! An exciting new future awaits outwith the UK!
October 6, 2025 at 3:25 PM
Excited to say I've resigned from my job! An exciting new future awaits outwith the UK!
The MI5 exhibition at the National Archives is excellent. Highly informative and free! Well worth a visit.
September 27, 2025 at 3:06 PM
The MI5 exhibition at the National Archives is excellent. Highly informative and free! Well worth a visit.
"According to a police source, the team was apparently well informed since the alarm and video surveillance had been out of service for several weeks. A situation linked to the cyberattack of which the museum was the victim in July."
600,000 euro worth of gold stolen!
tinyurl.com/56ycyccf
600,000 euro worth of gold stolen!
tinyurl.com/56ycyccf
Paris : plusieurs pépites d’or dérobées au Muséum d’histoire naturelle, 600 000 euros de préjudice
Les malfaiteurs se seraient introduits dans le musée à l’aide d’une disqueuse avant de forcer une vitrine au chalumeau. Le cambriolage a été
www.leparisien.fr
September 22, 2025 at 2:07 PM
"According to a police source, the team was apparently well informed since the alarm and video surveillance had been out of service for several weeks. A situation linked to the cyberattack of which the museum was the victim in July."
600,000 euro worth of gold stolen!
tinyurl.com/56ycyccf
600,000 euro worth of gold stolen!
tinyurl.com/56ycyccf
www.catonetworks.com/blog/cato-ct...
A fascinating read, some of the opsec errors are particularly eye opening.
A fascinating read, some of the opsec errors are particularly eye opening.
Cato CTRL™ Threat Actor Profile: IntelBroker
In June 2025, IntelBroker was charged by the U.S. for stealing and selling stolen data. Cato CTRL summarizes the digital forensics techniques used to track and arrest IntelBroker.
www.catonetworks.com
August 5, 2025 at 8:58 AM
www.catonetworks.com/blog/cato-ct...
A fascinating read, some of the opsec errors are particularly eye opening.
A fascinating read, some of the opsec errors are particularly eye opening.
I’ll never tire of watching the hope fade from people’s eyes when they start trying to use Eurostar Wi-Fi.
July 16, 2025 at 6:05 PM
I’ll never tire of watching the hope fade from people’s eyes when they start trying to use Eurostar Wi-Fi.
Check out Vivaldi, the browser I'm using: vivaldi.com/invite
Your friend is sharing Vivaldi with you!
Explore a powerful browser designed to give you control of the Internet. Personalize Vivaldi to fit your browsing style and needs.
vivaldi.com
July 3, 2025 at 7:06 PM
Check out Vivaldi, the browser I'm using: vivaldi.com/invite
What are people using for SIEM/EDR/XDR/etc on home lab devices installed on separate networks?
June 9, 2025 at 6:00 PM
What are people using for SIEM/EDR/XDR/etc on home lab devices installed on separate networks?
Bucharest is exquisite in the sun.
May 18, 2025 at 1:52 PM
Bucharest is exquisite in the sun.
Zendesk now has a dark mode and I am a bit too excited about it!
May 14, 2025 at 2:21 PM
Zendesk now has a dark mode and I am a bit too excited about it!
Watching an argument between a customer service worker and two travellers. Raised voices etc. The employee has said she won’t assist if the travellers continue to raise their voice and walked away. A stark contrast to policing!
May 11, 2025 at 2:56 PM
Watching an argument between a customer service worker and two travellers. Raised voices etc. The employee has said she won’t assist if the travellers continue to raise their voice and walked away. A stark contrast to policing!
www.bbc.co.uk/news/article...
No ransomware group have uploaded data to leak sites, that in itself is telling. What threat actors don't routinely ransomware / post to leak sites?
Compare and contrast with the Ahold Delhaize breach which occurred last week.
No ransomware group have uploaded data to leak sites, that in itself is telling. What threat actors don't routinely ransomware / post to leak sites?
Compare and contrast with the Ahold Delhaize breach which occurred last week.
M&S stops online orders and issues refunds after cyber attack
The firm has stopped taking orders on its website and apps, including for food and clothes.
www.bbc.co.uk
April 26, 2025 at 9:33 AM
www.bbc.co.uk/news/article...
No ransomware group have uploaded data to leak sites, that in itself is telling. What threat actors don't routinely ransomware / post to leak sites?
Compare and contrast with the Ahold Delhaize breach which occurred last week.
No ransomware group have uploaded data to leak sites, that in itself is telling. What threat actors don't routinely ransomware / post to leak sites?
Compare and contrast with the Ahold Delhaize breach which occurred last week.
Thanks @proton.me, loving your offerings! And your support has been excellent when I've had stupid questions.
April 21, 2025 at 6:05 PM
Thanks @proton.me, loving your offerings! And your support has been excellent when I've had stupid questions.
You’ve been wonderful, Bristol
April 6, 2025 at 9:58 AM
You’ve been wonderful, Bristol
My gut says that a TA did breach a *part* of Oracle, now we wait and see if they do indeed have millions of credentials.
www.cloudsek.com/blog/the-big....
www.cloudsek.com/blog/the-big....
The Biggest Supply Chain Hack Of 2025: 6M Records Exfiltrated from Oracle Cloud affecting over 140k Tenants | CloudSEK
CloudSEK uncovers a major breach targeting Oracle Cloud, with 6 million records exfiltrated via a suspected undisclosed vulnerability. Over 140,000 tenants are impacted, as the attacker demands ransom...
www.cloudsek.com
March 24, 2025 at 1:54 PM
My gut says that a TA did breach a *part* of Oracle, now we wait and see if they do indeed have millions of credentials.
www.cloudsek.com/blog/the-big....
www.cloudsek.com/blog/the-big....
Reposted by Liam
It's only an "ORB" if it is from the Cheltenham region of UK, otherwise it is just a sparkling botnet
November 18, 2024 at 6:48 PM
It's only an "ORB" if it is from the Cheltenham region of UK, otherwise it is just a sparkling botnet
