Tom
@tom.wicked.design
CEO & founder of wicked.design ✌️,
lecturer at Swiss 🇨🇭 & Ukraine 🇺🇦 universities.
Cyber guy turned social scientist & system theorist 📚
🏳️🌈 (he/him) - vegan, cuz friends not food 🌱
lecturer at Swiss 🇨🇭 & Ukraine 🇺🇦 universities.
Cyber guy turned social scientist & system theorist 📚
🏳️🌈 (he/him) - vegan, cuz friends not food 🌱
#Scattered #LAPSUS$ #Hunters #SLH website shinyhunte[.]rs disapeared and is displaying a personal warning message. #ScatteredLAPSUS$Hunters #Cybercrime
October 20, 2025 at 9:08 PM
#Scattered #LAPSUS$ #Hunters #SLH website shinyhunte[.]rs disapeared and is displaying a personal warning message. #ScatteredLAPSUS$Hunters #Cybercrime
#Cyber ist so lange ein IT Thema bis im Betrieb nichts mehr geht.
IMHO einer der wichtigsten Punkte im neuen Bericht des @ncsc.gov.uk - und etwas was in den meisten Organisationen noch immer nicht angekommen ist.
#Cybersecurity ist #Business!
IMHO einer der wichtigsten Punkte im neuen Bericht des @ncsc.gov.uk - und etwas was in den meisten Organisationen noch immer nicht angekommen ist.
#Cybersecurity ist #Business!
October 15, 2025 at 10:47 AM
#Cyber ist so lange ein IT Thema bis im Betrieb nichts mehr geht.
IMHO einer der wichtigsten Punkte im neuen Bericht des @ncsc.gov.uk - und etwas was in den meisten Organisationen noch immer nicht angekommen ist.
#Cybersecurity ist #Business!
IMHO einer der wichtigsten Punkte im neuen Bericht des @ncsc.gov.uk - und etwas was in den meisten Organisationen noch immer nicht angekommen ist.
#Cybersecurity ist #Business!
#StreetParade, #MobileDeviceManagement und #Risiken - warum ein #MDM alleine nicht reicht 📲
>800k Leute feierten an der weltgrössten Techno Parade in Züri.
Darunter auch einige Diebe mit Fokus Mobiltelefone.
Den Geräten wurde direkt die SIM-Karte entfernt und sie in Alufolie gewickelt.
>800k Leute feierten an der weltgrössten Techno Parade in Züri.
Darunter auch einige Diebe mit Fokus Mobiltelefone.
Den Geräten wurde direkt die SIM-Karte entfernt und sie in Alufolie gewickelt.
August 13, 2025 at 11:49 AM
#StreetParade, #MobileDeviceManagement und #Risiken - warum ein #MDM alleine nicht reicht 📲
>800k Leute feierten an der weltgrössten Techno Parade in Züri.
Darunter auch einige Diebe mit Fokus Mobiltelefone.
Den Geräten wurde direkt die SIM-Karte entfernt und sie in Alufolie gewickelt.
>800k Leute feierten an der weltgrössten Techno Parade in Züri.
Darunter auch einige Diebe mit Fokus Mobiltelefone.
Den Geräten wurde direkt die SIM-Karte entfernt und sie in Alufolie gewickelt.
#Aeroflot airline got hacked by two pro-ukranian groups, #SilentCrow and #Cyberpartisans. 🛫🚫
🚩 7`000 servers — physical & virtual — destroyed.
🚩 Compromise of 122 hypervisors, 43 installations of ZVIRT virtualization, ~100 iLO interfaces, & 4 Proxmox clusters.
#Ukraine 🇺🇦
🚩 7`000 servers — physical & virtual — destroyed.
🚩 Compromise of 122 hypervisors, 43 installations of ZVIRT virtualization, ~100 iLO interfaces, & 4 Proxmox clusters.
#Ukraine 🇺🇦
July 28, 2025 at 1:48 PM
#Aeroflot airline got hacked by two pro-ukranian groups, #SilentCrow and #Cyberpartisans. 🛫🚫
🚩 7`000 servers — physical & virtual — destroyed.
🚩 Compromise of 122 hypervisors, 43 installations of ZVIRT virtualization, ~100 iLO interfaces, & 4 Proxmox clusters.
#Ukraine 🇺🇦
🚩 7`000 servers — physical & virtual — destroyed.
🚩 Compromise of 122 hypervisors, 43 installations of ZVIRT virtualization, ~100 iLO interfaces, & 4 Proxmox clusters.
#Ukraine 🇺🇦
#LockBit #ransomware got breached and leaked tonight. A hacker called "kho-kho" (allegedly from Prague 🇨🇿) breached their panel & leaked a 30MB SQL dump containing:
💶 ~ 60K BTC addresses
💬 Negotiation chats with their victims
🛠️ Build info (dating back to Dec 2024)
📈 Client lists, etc.
💶 ~ 60K BTC addresses
💬 Negotiation chats with their victims
🛠️ Build info (dating back to Dec 2024)
📈 Client lists, etc.
May 8, 2025 at 3:26 PM
#LockBit #ransomware got breached and leaked tonight. A hacker called "kho-kho" (allegedly from Prague 🇨🇿) breached their panel & leaked a 30MB SQL dump containing:
💶 ~ 60K BTC addresses
💬 Negotiation chats with their victims
🛠️ Build info (dating back to Dec 2024)
📈 Client lists, etc.
💶 ~ 60K BTC addresses
💬 Negotiation chats with their victims
🛠️ Build info (dating back to Dec 2024)
📈 Client lists, etc.
After some analysis the campaign appears to use Tycoon2FA Phishing Kit.
The website is loading O365 assets from oktacdn[.]com
This domain has been attributed to Tycoon before.
Any.Run: any.run/cybersecurit...
Others like JoeSandbox or Hybrid Analysis currently label it as clean
The website is loading O365 assets from oktacdn[.]com
This domain has been attributed to Tycoon before.
Any.Run: any.run/cybersecurit...
Others like JoeSandbox or Hybrid Analysis currently label it as clean
February 26, 2025 at 11:02 AM
After some analysis the campaign appears to use Tycoon2FA Phishing Kit.
The website is loading O365 assets from oktacdn[.]com
This domain has been attributed to Tycoon before.
Any.Run: any.run/cybersecurit...
Others like JoeSandbox or Hybrid Analysis currently label it as clean
The website is loading O365 assets from oktacdn[.]com
This domain has been attributed to Tycoon before.
Any.Run: any.run/cybersecurit...
Others like JoeSandbox or Hybrid Analysis currently label it as clean
We currently see an uprising in Adobe QR code based phishing for MS O365 creds 🎣
Recipiens are named, TA apparently did some intel:
▶️ Company name
▶️ Employee names (First and Last)
#Phishing #Adobe #O365 #Microsoft #Cybersecurity #Awareness
Recipiens are named, TA apparently did some intel:
▶️ Company name
▶️ Employee names (First and Last)
#Phishing #Adobe #O365 #Microsoft #Cybersecurity #Awareness
February 26, 2025 at 10:24 AM
We currently see an uprising in Adobe QR code based phishing for MS O365 creds 🎣
Recipiens are named, TA apparently did some intel:
▶️ Company name
▶️ Employee names (First and Last)
#Phishing #Adobe #O365 #Microsoft #Cybersecurity #Awareness
Recipiens are named, TA apparently did some intel:
▶️ Company name
▶️ Employee names (First and Last)
#Phishing #Adobe #O365 #Microsoft #Cybersecurity #Awareness
Reposted by Tom
Mit Überwachungs-Programmen wie mSpy können Privatpersonen einander ausspionieren. Wir erklären, wie man solche Angriffe aufdecken und abwehren kann.
netzpolitik.org/2025/mspy-le...
Alle Beiträge zum #mSpyLeak: netzpolitik.org/mspy-leak/
netzpolitik.org/2025/mspy-le...
Alle Beiträge zum #mSpyLeak: netzpolitik.org/mspy-leak/
mSpy-Leak: So stoppt man Spionage-Apps
Mit Überwachungs-Programmen wie mSpy können Privatpersonen einander ausspionieren. Wir erklären, wie man solche Angriffe aufdecken und abwehren kann.
netzpolitik.org
January 27, 2025 at 6:48 AM
Mit Überwachungs-Programmen wie mSpy können Privatpersonen einander ausspionieren. Wir erklären, wie man solche Angriffe aufdecken und abwehren kann.
netzpolitik.org/2025/mspy-le...
Alle Beiträge zum #mSpyLeak: netzpolitik.org/mspy-leak/
netzpolitik.org/2025/mspy-le...
Alle Beiträge zum #mSpyLeak: netzpolitik.org/mspy-leak/
Reposted by Tom
DHS has terminated the memberships of everyone on its advisory committees.
This includes several cyber committees, like CISA's advisory panel and the Cyber Safety Review Board, which was investigating Salt Typhoon.
That review is "dead," person familiar says.
www.documentcloud.org/documents/25...
This includes several cyber committees, like CISA's advisory panel and the Cyber Safety Review Board, which was investigating Salt Typhoon.
That review is "dead," person familiar says.
www.documentcloud.org/documents/25...
January 21, 2025 at 8:43 PM
DHS has terminated the memberships of everyone on its advisory committees.
This includes several cyber committees, like CISA's advisory panel and the Cyber Safety Review Board, which was investigating Salt Typhoon.
That review is "dead," person familiar says.
www.documentcloud.org/documents/25...
This includes several cyber committees, like CISA's advisory panel and the Cyber Safety Review Board, which was investigating Salt Typhoon.
That review is "dead," person familiar says.
www.documentcloud.org/documents/25...
US president pardons drug market founder and operator to “ honor of her [mother] and the Libertarian Movement, which supported me so strongly”.
What a singal to law enforcement, law abiding citizens and everyone who works to make our society a safer and healthier place. #SilkRoad
What a singal to law enforcement, law abiding citizens and everyone who works to make our society a safer and healthier place. #SilkRoad
Trump pardons Ross Ulbricht, founder of Silk Road drug marketplace www.theguardian.com/us-news/2025...
Trump pardons Ross Ulbricht, founder of Silk Road drug marketplace
Ulbricht, sentenced to life in prison in 2015, given ‘full and unconditional’ pardon by president
www.theguardian.com
January 22, 2025 at 7:40 AM
US president pardons drug market founder and operator to “ honor of her [mother] and the Libertarian Movement, which supported me so strongly”.
What a singal to law enforcement, law abiding citizens and everyone who works to make our society a safer and healthier place. #SilkRoad
What a singal to law enforcement, law abiding citizens and everyone who works to make our society a safer and healthier place. #SilkRoad
Ich war in Bucha🇺🇦, habe mit den Menschen dort gesprochen, gesehen was die Russen verbrochen haben. Menschen haben mir von den Verbrechen erzählt. Und in der sicheren 🇨🇭sitzen Handlanger der Kriegsverbrecher wie Köppel.
#SlavaUkraini #Ukraine
#SlavaUkraini #Ukraine
January 19, 2025 at 12:18 PM
Ich war in Bucha🇺🇦, habe mit den Menschen dort gesprochen, gesehen was die Russen verbrochen haben. Menschen haben mir von den Verbrechen erzählt. Und in der sicheren 🇨🇭sitzen Handlanger der Kriegsverbrecher wie Köppel.
#SlavaUkraini #Ukraine
#SlavaUkraini #Ukraine
Apparent threat actor: agricamex[.]com 🎣
We observed this domain cloning #MS #Azure #Entra ID websites of our clients.
Domain fronted by #Cloudflare, registered by #GoDaddy.
Cert transparency logs shows activiy since around 2025-01-12. Inc. #Okta, #ADFS, #SCP, #outlook and #O365
We observed this domain cloning #MS #Azure #Entra ID websites of our clients.
Domain fronted by #Cloudflare, registered by #GoDaddy.
Cert transparency logs shows activiy since around 2025-01-12. Inc. #Okta, #ADFS, #SCP, #outlook and #O365
January 18, 2025 at 6:14 PM
Reposted by Tom
We had to evacuate Los Angeles. Most people I know there have also had to leave. We are safe in San Diego and our apartment is unlikely to burn down. We are very lucky. But alongside the visceral horror of the wildfires there is also the mundanity of dystopia
www.404media.co/were-fine-lo...
www.404media.co/were-fine-lo...
‘We’re Fine’: Lying to Ourselves About a Climate Disaster
The dystopia of Los Angeles' fires are horrifying, mundane, and everything in between.
www.404media.co
January 9, 2025 at 4:55 PM
We had to evacuate Los Angeles. Most people I know there have also had to leave. We are safe in San Diego and our apartment is unlikely to burn down. We are very lucky. But alongside the visceral horror of the wildfires there is also the mundanity of dystopia
www.404media.co/were-fine-lo...
www.404media.co/were-fine-lo...
Liebe:r VW Mitarbeiter:in oder Zuliefer:in!
Ich verstehe Deinen Frust! 💜
Deine (anonyme) Nummer gegen Kummer: E7A8EUDW (Threema ID)
(Der Screenshot ist aus einer VW Firmware, please retweet!)
Ich verstehe Deinen Frust! 💜
Deine (anonyme) Nummer gegen Kummer: E7A8EUDW (Threema ID)
(Der Screenshot ist aus einer VW Firmware, please retweet!)
January 5, 2025 at 12:41 PM
Reposted by Tom
Wir wissen wo dein Auto steht - Volksdaten von Volkswagen has been released on media.ccc.de https://media.ccc.de/v/38c3-wir-wissen-wo-dein-auto-steht-volksdaten-von-volkswagen https://events.ccc.de/congress/2024/hub/event/wir-wissen-wo-dein-auto-steht-volksdaten-von-volkswagen/
December 29, 2024 at 7:46 PM
Wir wissen wo dein Auto steht - Volksdaten von Volkswagen has been released on media.ccc.de https://media.ccc.de/v/38c3-wir-wissen-wo-dein-auto-steht-volksdaten-von-volkswagen https://events.ccc.de/congress/2024/hub/event/wir-wissen-wo-dein-auto-steht-volksdaten-von-volkswagen/
Reposted by Tom
I love that Apple is trying to do privacy-related services, but this just appeared at the bottom of my Settings screen over the holiday break when I wasn’t paying attention. It sends data about my private photos to Apple.
December 29, 2024 at 2:46 AM
I love that Apple is trying to do privacy-related services, but this just appeared at the bottom of my Settings screen over the holiday break when I wasn’t paying attention. It sends data about my private photos to Apple.
cat.exe stopped working.
Resource exhaustion.
Chilling after Christmas 🎄 🐈 #cat #catsofbsky #christmas #AdoptDontShop #AnimalRescue #tierschutz
Resource exhaustion.
Chilling after Christmas 🎄 🐈 #cat #catsofbsky #christmas #AdoptDontShop #AnimalRescue #tierschutz
December 29, 2024 at 7:12 PM
cat.exe stopped working.
Resource exhaustion.
Chilling after Christmas 🎄 🐈 #cat #catsofbsky #christmas #AdoptDontShop #AnimalRescue #tierschutz
Resource exhaustion.
Chilling after Christmas 🎄 🐈 #cat #catsofbsky #christmas #AdoptDontShop #AnimalRescue #tierschutz
Die elektronische Patientenakte - ein jahrelanges Trauerspiel.
Wie so oft "Es kann nicht sein was nicht sein darf!" 🙊🙈🙉
Politische Entscheidungen & ihre Auswirkungen auf unser aller (Cyber)Sicherheit.
What about 🇨🇭 Elektronisches Patientendossier (EPDG) 🤔
ogy.de/rpag
#38C3 #CCC #Gematik #ePA
Wie so oft "Es kann nicht sein was nicht sein darf!" 🙊🙈🙉
Politische Entscheidungen & ihre Auswirkungen auf unser aller (Cyber)Sicherheit.
What about 🇨🇭 Elektronisches Patientendossier (EPDG) 🤔
ogy.de/rpag
#38C3 #CCC #Gematik #ePA
events.ccc.de
December 27, 2024 at 2:45 PM
Die elektronische Patientenakte - ein jahrelanges Trauerspiel.
Wie so oft "Es kann nicht sein was nicht sein darf!" 🙊🙈🙉
Politische Entscheidungen & ihre Auswirkungen auf unser aller (Cyber)Sicherheit.
What about 🇨🇭 Elektronisches Patientendossier (EPDG) 🤔
ogy.de/rpag
#38C3 #CCC #Gematik #ePA
Wie so oft "Es kann nicht sein was nicht sein darf!" 🙊🙈🙉
Politische Entscheidungen & ihre Auswirkungen auf unser aller (Cyber)Sicherheit.
What about 🇨🇭 Elektronisches Patientendossier (EPDG) 🤔
ogy.de/rpag
#38C3 #CCC #Gematik #ePA
Reposted by Tom
BREAKING - A tragic vehicle-ramming attack occurred this evening at a Christmas market in Magdeburg, Germany, resulting in the deaths of two people and injuries to at least 60 others.
ukdefencejournal.org.uk/lethal-car-r...
ukdefencejournal.org.uk/lethal-car-r...
Lethal car ramming attack at German Christmas market
BREAKING - A tragic vehicle-ramming attack occurred this evening at a Christmas market in Magdeburg, Germany, resulting in the deaths of two people and injuries to at least 60 others.
ukdefencejournal.org.uk
December 20, 2024 at 9:36 PM
BREAKING - A tragic vehicle-ramming attack occurred this evening at a Christmas market in Magdeburg, Germany, resulting in the deaths of two people and injuries to at least 60 others.
ukdefencejournal.org.uk/lethal-car-r...
ukdefencejournal.org.uk/lethal-car-r...
It is this time of the year again - happy holidays 🎄, merry Christmas 🎅🏻 and a lovely festive season to all our friends, partners and clients!
We don’t print physical cards or send out fancy gifts, we make a donation to an amazing organisation 👉🏻 www.limon-vergessene-seelen.de
We don’t print physical cards or send out fancy gifts, we make a donation to an amazing organisation 👉🏻 www.limon-vergessene-seelen.de
December 20, 2024 at 10:15 AM
It is this time of the year again - happy holidays 🎄, merry Christmas 🎅🏻 and a lovely festive season to all our friends, partners and clients!
We don’t print physical cards or send out fancy gifts, we make a donation to an amazing organisation 👉🏻 www.limon-vergessene-seelen.de
We don’t print physical cards or send out fancy gifts, we make a donation to an amazing organisation 👉🏻 www.limon-vergessene-seelen.de
Reposted by Tom
NEW: Women experiencing pregnancy loss in states with abortion bans told us they wished they had known what to expect and how to advocate for themselves.
We created this guide for anyone who finds themselves in the same position. ⤵️
We created this guide for anyone who finds themselves in the same position. ⤵️
If You’re Pregnant, Here’s What You Should Know About the Medical Procedures That Could Save Your Life
Women experiencing pregnancy loss in states with abortion bans told us they wished they had known what to expect and how to advocate for themselves. We created this guide for anyone who finds…
propub.li
December 19, 2024 at 12:00 PM
NEW: Women experiencing pregnancy loss in states with abortion bans told us they wished they had known what to expect and how to advocate for themselves.
We created this guide for anyone who finds themselves in the same position. ⤵️
We created this guide for anyone who finds themselves in the same position. ⤵️
Reposted by Tom
Schwindel bei FDP-Institut: CORRECTIV enthüllt, dass die Denkfabrik Prometheus mehrfach Gelder von einem Netzwerk aus den USA annahm. Das Netzwerk unterstützt weltweit Klimaskeptiker. Bisher hatte Prometheus solche Förderungen abgestritten. Hier geht’s zur Recherche:
Prometheus: Die verheimlichten Spender des FDP-Lobbyvereins
CORRECTIV zeigt, dass das FDP-Prometheus Institut die Öffentlichkeit täuschte. Es verheimlichte Spenden von einem Netzwerk aus den USA.
correctiv.org
December 19, 2024 at 3:45 PM
Schwindel bei FDP-Institut: CORRECTIV enthüllt, dass die Denkfabrik Prometheus mehrfach Gelder von einem Netzwerk aus den USA annahm. Das Netzwerk unterstützt weltweit Klimaskeptiker. Bisher hatte Prometheus solche Förderungen abgestritten. Hier geht’s zur Recherche:
Reposted by Tom
You should be able to message your family and friends without fear that law enforcement is reading everything you send.
“Can the Government Read My Text Messages?”
You should be able to message your family and friends without fear that law enforcement is reading everything you send. Privacy is a human right, and that’s why we break down the ways you can protect ...
www.eff.org
December 18, 2024 at 5:16 PM
You should be able to message your family and friends without fear that law enforcement is reading everything you send.
#Cellebrite allegedly used to break into phones of journalists and activists in #Serbia for deploying #spyware.
Neue Amnesty-Untersuchung deckt geheime Überwachung in #Serbien auf. Die Regierung setzt massenhaft Spyware ein, um Journalist*innen und Umweltaktivist*innen zu überwachen.
⬇️
www.amnesty.org/en/latest/ne...
⬇️
www.amnesty.org/en/latest/ne...
Serbia: Authorities using spyware and Cellebrite forensic extraction tools to hack journalists and activists
Serbian authorities are using spyware and Cellebrite forensic extraction tools to hack journalists and activists in a surveillance campaign.
www.amnesty.org
December 16, 2024 at 10:19 AM
#Cellebrite allegedly used to break into phones of journalists and activists in #Serbia for deploying #spyware.
