Software Defined Tubers ➡️ Saintcon
@spudsec.bsky.social
Train enjoyer | Red Bull enthusiast | car gay | queer | occasionally stop hackers from hacking things | sometimes hack things | cat dad | he/them
That’s true. Misunderstood my bad. Either way I think there’s still intelligence to gather because we’re still missing key details.
September 25, 2025 at 6:42 PM
That’s true. Misunderstood my bad. Either way I think there’s still intelligence to gather because we’re still missing key details.
I highly recommend you read Spy in Moscow Station.
September 25, 2025 at 5:39 PM
I highly recommend you read Spy in Moscow Station.
So instead of hearing me out and giving my two sense of the situation I get dismissed and threatened with « do you want to be the one that blows out the case » because of alleged « bombastic claims »
September 25, 2025 at 5:38 PM
So instead of hearing me out and giving my two sense of the situation I get dismissed and threatened with « do you want to be the one that blows out the case » because of alleged « bombastic claims »
Bookmarking this tweet specifically to remember this for a tattoo idea. That goes so fucking hard.
September 25, 2025 at 5:27 AM
Bookmarking this tweet specifically to remember this for a tattoo idea. That goes so fucking hard.
My ex gave me Covid on our vacation to Vegas because he wouldn’t mask or test himself.
September 25, 2025 at 5:26 AM
My ex gave me Covid on our vacation to Vegas because he wouldn’t mask or test himself.
My team, our partners, and others hear hoof steps and we believe this time it’s a zebra and not the horse.
September 25, 2025 at 4:53 AM
My team, our partners, and others hear hoof steps and we believe this time it’s a zebra and not the horse.
I wanna make something clear: I have strong opinions on ANY LE agency, local, state, or federal. I’m never one to generally side with them and I get the skepticism. Additionally, i would normally would never assume the hoovesteps are zebras but it’s the only way the math works in this.
September 25, 2025 at 4:53 AM
I wanna make something clear: I have strong opinions on ANY LE agency, local, state, or federal. I’m never one to generally side with them and I get the skepticism. Additionally, i would normally would never assume the hoovesteps are zebras but it’s the only way the math works in this.
Scenario 2 continued - the scale allows them to cast a much wider net guaranteeing that they’ll be able to execute what ever attack they plan while also providing noise to make it harder to detect.
September 25, 2025 at 4:53 AM
Scenario 2 continued - the scale allows them to cast a much wider net guaranteeing that they’ll be able to execute what ever attack they plan while also providing noise to make it harder to detect.
Scenario 2 « the zebra » - there are targets within the UN that these threat actors are aware of their travels and lodging for the duration of this event and are using these arrays to perform some sort of attack on these targets.
September 25, 2025 at 4:53 AM
Scenario 2 « the zebra » - there are targets within the UN that these threat actors are aware of their travels and lodging for the duration of this event and are using these arrays to perform some sort of attack on these targets.
There’s two possible scenarios that we’re aware of as we speak: scenario 1 « the horse » - this is an income stream for a threat actor and that information was coincidental to a related investigation.
September 25, 2025 at 4:53 AM
There’s two possible scenarios that we’re aware of as we speak: scenario 1 « the horse » - this is an income stream for a threat actor and that information was coincidental to a related investigation.
We know that even 10,000 or 100,000 cell phones hitting a handful of towers in the most populated metro in the US would probably cause a minor inconvenience at worse and nothing at best.
If these are nation-state actors then they’re operating with some intel in hand.
If these are nation-state actors then they’re operating with some intel in hand.
September 25, 2025 at 4:53 AM
We know that even 10,000 or 100,000 cell phones hitting a handful of towers in the most populated metro in the US would probably cause a minor inconvenience at worse and nothing at best.
If these are nation-state actors then they’re operating with some intel in hand.
If these are nation-state actors then they’re operating with some intel in hand.
Lets oversimplify this for a second and think about the information we know that’s objective:
- thousands of SIM cards attached to hundreds of pieces of telco equipment were seized.
- located in the NYC metro within a 35 mile radius of lower manhattan.
- relation to nation state actors
- thousands of SIM cards attached to hundreds of pieces of telco equipment were seized.
- located in the NYC metro within a 35 mile radius of lower manhattan.
- relation to nation state actors
September 25, 2025 at 4:53 AM
Lets oversimplify this for a second and think about the information we know that’s objective:
- thousands of SIM cards attached to hundreds of pieces of telco equipment were seized.
- located in the NYC metro within a 35 mile radius of lower manhattan.
- relation to nation state actors
- thousands of SIM cards attached to hundreds of pieces of telco equipment were seized.
- located in the NYC metro within a 35 mile radius of lower manhattan.
- relation to nation state actors
In fact on multiple occasions over the past two decades congress has raised alarms over the risk of attacks especially around SS7 attacks because we still to this day do not have any mitigations for this. While we have shut down our 2G and 3G networks they’re still used for roaming.
September 25, 2025 at 4:53 AM
In fact on multiple occasions over the past two decades congress has raised alarms over the risk of attacks especially around SS7 attacks because we still to this day do not have any mitigations for this. While we have shut down our 2G and 3G networks they’re still used for roaming.
For someone with the alleged experience you have you seem to be going around in circles a lot. There’s quite a lot that can be done with a setup like this beyond botting and scam/spam. UK government banned these on two separate occasions because of the heightened risk.
September 25, 2025 at 4:53 AM
For someone with the alleged experience you have you seem to be going around in circles a lot. There’s quite a lot that can be done with a setup like this beyond botting and scam/spam. UK government banned these on two separate occasions because of the heightened risk.
Do you have a TS/SCI and a SCIF nearby?
September 25, 2025 at 2:01 AM
Do you have a TS/SCI and a SCIF nearby?
Writing for the 80s equivalent of hacker substack does not automatically make you right when you’re arguing with a guy who actually had a background in this case.
September 25, 2025 at 12:37 AM
Writing for the 80s equivalent of hacker substack does not automatically make you right when you’re arguing with a guy who actually had a background in this case.
I get the skepticism of the current admin and all the government offices related to it, I really do, but it’s frustrating having to say « they’re actually right » only to be dunked on by the vapid cynicism of the community when this is literally my job
September 24, 2025 at 9:49 PM
I get the skepticism of the current admin and all the government offices related to it, I really do, but it’s frustrating having to say « they’re actually right » only to be dunked on by the vapid cynicism of the community when this is literally my job
My team has been monitoring this along with partner teams both in and out of the US Government. The consensus is that the press release is credible and that there was a high threat risk but that’s where our info ends. It’s frustrating to us because this is our job and even we’re stumped.
September 24, 2025 at 9:49 PM
My team has been monitoring this along with partner teams both in and out of the US Government. The consensus is that the press release is credible and that there was a high threat risk but that’s where our info ends. It’s frustrating to us because this is our job and even we’re stumped.
*sighs* no that’s not what I’m stating. Background: hi I’m Spud, I have nearly a decade in cyber with extensive experience doing cyber threat intelligence and incident response including on behalf of USSS, CISA and DoJ. While I’ve never worked in a LEO capacity my work has been very adjacent.
September 24, 2025 at 9:49 PM
*sighs* no that’s not what I’m stating. Background: hi I’m Spud, I have nearly a decade in cyber with extensive experience doing cyber threat intelligence and incident response including on behalf of USSS, CISA and DoJ. While I’ve never worked in a LEO capacity my work has been very adjacent.
Im following this as part of my job and have worked with this agency in the past. While the presser comes off as bombastic and hyperbolic the partners have worked with have corroborated most of their claims. We don’t have a ton of information either but their claims aren’t far off the mark.
September 24, 2025 at 8:29 PM
Im following this as part of my job and have worked with this agency in the past. While the presser comes off as bombastic and hyperbolic the partners have worked with have corroborated most of their claims. We don’t have a ton of information either but their claims aren’t far off the mark.