Reposted by Fred Baguelin
New details on the ByBit/Safe{Wallet} breach, and uhhh wow, some really silly blunders on the DPRK side. They still succeeded which is the most upsetting part of all of this. Let's bully some threat actor tradecraft! A🧵
x.com/safe/status/...
x.com/safe/status/...
Safe.eth on X: "Investigation Updates and Community Call to Action" / X
Investigation Updates and Community Call to Action
x.com
March 6, 2025 at 5:21 PM
New details on the ByBit/Safe{Wallet} breach, and uhhh wow, some really silly blunders on the DPRK side. They still succeeded which is the most upsetting part of all of this. Let's bully some threat actor tradecraft! A🧵
x.com/safe/status/...
x.com/safe/status/...
Reposted by Fred Baguelin
🚨 A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular #Solana web3.js library. The injected code captures private keys and transmits them to a hardcoded address. This is a developing story. socket.dev/blog/supply-... #crypto #cybersecurity
Supply Chain Attack Detected in @solana/web3.js Library - So...
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
socket.dev
December 3, 2024 at 10:10 PM
🚨 A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular #Solana web3.js library. The injected code captures private keys and transmits them to a hardcoded address. This is a developing story. socket.dev/blog/supply-... #crypto #cybersecurity
Reposted by Fred Baguelin
Datadog Security Labs is now officially on Bluesky!
We're now officially on Bluesky!
Expect:
➔ New articles on Security Labs about cloud, container and application security
➔ OSS projects for cloud security practioners
➔ Conference talks at community conferences
See also our starter pack bsky.app/starter-pack... with our authors and researchers!
Expect:
➔ New articles on Security Labs about cloud, container and application security
➔ OSS projects for cloud security practioners
➔ Conference talks at community conferences
See also our starter pack bsky.app/starter-pack... with our authors and researchers!
December 3, 2024 at 2:36 PM
Datadog Security Labs is now officially on Bluesky!
Reposted by Fred Baguelin
My Blackhat MEA arsenal presentation: "Detect Malicious Packages with Guarddog"
drive.google.com/file/d/11SAN...
drive.google.com/file/d/11SAN...
December 3, 2024 at 1:48 PM
My Blackhat MEA arsenal presentation: "Detect Malicious Packages with Guarddog"
drive.google.com/file/d/11SAN...
drive.google.com/file/d/11SAN...
Reposted by Fred Baguelin
#PIVOTcon25 registration is now OPEN 🤟📥📥📥
pivotcon.org
#CTI #ThreatResearch #ThreatIntel
Please read carefully the whole 🧵 for the rules about invite -> registration (1/5)
pivotcon.org
#CTI #ThreatResearch #ThreatIntel
Please read carefully the whole 🧵 for the rules about invite -> registration (1/5)
two men are standing next to each other with the words " we open it up " on the screen
ALT: two men are standing next to each other with the words " we open it up " on the screen
media.tenor.com
November 19, 2024 at 2:00 PM
#PIVOTcon25 registration is now OPEN 🤟📥📥📥
pivotcon.org
#CTI #ThreatResearch #ThreatIntel
Please read carefully the whole 🧵 for the rules about invite -> registration (1/5)
pivotcon.org
#CTI #ThreatResearch #ThreatIntel
Please read carefully the whole 🧵 for the rules about invite -> registration (1/5)
Reposted by Fred Baguelin
We released Censeye today, an open source CLI tool that makes it dramatically easier to pivot and find related assets when threat hunting on Censys instead of manually checking for potential identifying characteristics like an SSH host key. github.com/Censys-Resea...
November 27, 2024 at 5:05 PM
We released Censeye today, an open source CLI tool that makes it dramatically easier to pivot and find related assets when threat hunting on Censys instead of manually checking for potential identifying characteristics like an SSH host key. github.com/Censys-Resea...