LightNews
julianferdinand.bsky.social
Julian-Ferdinand Vögele
@julianferdinand.bsky.social
1.2K followers 190 following 170 posts
Threat Research @ Recorded Future. Previously @ Security Research Labs. He/Him. 🏳️‍🌈
Posts Media Videos Starter Packs
Reposted by Julian-Ferdinand Vögele
lorenzofb.bsky.social
Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 2d
SCOOP: Spyware maker NSO Group confirmed to us that the company has been acquired by a U.S. investment group.

NSO's spokesperson said the group "has invested tens of millions of dollars in the company and has acquired controlling ownership," but declined to say who is behind the investment.
Spyware maker NSO Group confirms acquisition by US investors | TechCrunch
NSO Group confirmed to TechCrunch that an unnamed group of American investors has taken “controlling ownership” of the surveillance tech maker.
techcrunch.com
5 140 170
Reposted by Julian-Ferdinand Vögele
lhn.bsky.social
Lily Hay Newman @lhn.bsky.social · 2d
As Apple expands its bug bounty, I spoke with VP Ivan Krstić about the significance + recent big swings like Memory Integrity Enforcement. These steps protect all users, but particularly those targeted by spyware: “We feel a great moral obligation to defend those users” www.wired.com/story/apple-...
Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits
With the mercenary spyware industry booming, Apple VP Ivan Krstić tells WIRED that the company is also offering bonuses that could bring the max total reward for iPhone exploits to $5 million.
www.wired.com
8 21
Reposted by Julian-Ferdinand Vögele
jsrailton.bsky.social
John Scott-Railton @jsrailton.bsky.social · 2d
NEW: Pegasus spyware coming to America?

An ex-Adam Sandler producer with ties to China is trying to acquire NSO Group.

Again.

Simonds fronted this before in 2023 & failed. But the backers haven't given up. Why?

Where is the money coming from? 1/

www.globes.co.il/news/article...
6 42 69
Reposted by Julian-Ferdinand Vögele
campuscodi.risky.biz
Catalin Cimpanu @campuscodi.risky.biz · 2d
-EU scraps Chat Control vote
-Ukraine establishes a Cyber Force
-CISA workers reassigned to immigration enforcement
-Teenagers arrested for Kido hack
-Salesforce will not pay the ransom
-US Court halts FCC data breach rules

Newsletter: news.risky.biz/risky-bullet...
Podcast: risky.biz/RBNEWS489/
1 8 19
Reposted by Julian-Ferdinand Vögele
theins.press
The Insider @theins.press · 2d
Germany’s AfD expels Hamburg lawmaker Robert Risch over participation in far-right congress in St. Petersburg

The Sept. 12 congress at the Mariinsky Palace brought together radical nationalists and neo-Nazis from 14 countries, from Hungary to Argentina.
Germany’s AfD expels Hamburg lawmaker Robert Risch over participation in far-right congress in St. Petersburg
Germany’s far-right Alternative for Germany (AfD) party has expelled Hamburg state lawmaker Robert Risch from its parliamentary group after he attended an international gathering of radical nationalis...
theins.press
2 6 26
Reposted by Julian-Ferdinand Vögele
campuscodi.risky.biz
Catalin Cimpanu @campuscodi.risky.biz · 3d
The hack against software giant Red Hat is part of a larger campaign that is targeting AWS cloud accounts.

A group named the Crimson Collective is using compromised IAM accounts to access and pilfer corporate AWS environments.

www.rapid7.com/blog/post/tr...
2 10 24
Reposted by Julian-Ferdinand Vögele
hatr.bsky.social
hakan @hatr.bsky.social · 3d
Hungary uses spies within the EU to close an information gap due to their public positioning in political matters that often is at odds with what the bloc is doing/saying

www.spiegel.de/ausland/eu-w...
(S+) EU: Wie Ungarns Agenten in Brüssel Informanten anzuwerben versuchten
Ungarische Spione trieben wohl jahrelang ihr Unwesen in Brüssel. Recherchen zeigen erstmals, dass sie sogar EU-Beamte rekrutieren wollten.
www.spiegel.de
1 3
Reposted by Julian-Ferdinand Vögele
vaspanagiotopoulos.com
Vas Panagiotopoulos @vaspanagiotopoulos.com · 3d
According to reconstructions, in Dec 2024 the ☎️number used by Caltagirone was added to a WhatsApp chat with contacts known to him, within which a PDF file had been shared. Shortly afterwards, the chat & the PDF disappeared.

✍️ @faffa42.bsky.social & Gianluca Paolucci.
www.lastampa.it/economia/202...
Il caso Paragon si allarga agli imprenditori: anche Caltagirone spiato
Il telefono del finanziere romano tra i protagonisti del riassetto del sistema bancario sarebbe stato attaccato con lo spyware che ha colpito anche giornalisti…
www.lastampa.it
1 1 3
Reposted by Julian-Ferdinand Vögele
vaspanagiotopoulos.com
Vas Panagiotopoulos @vaspanagiotopoulos.com · 3d
🚨 According to @irpimedia.eu & @lastampa.bsky.social, prominent 🇮🇹 Italian businessman Francesco Gaetano Caltagirone has been added to the list of people who last January received a message from WhatsApp informing them that they had been targeted with Paragon's Graphite #spyware.
1 5 5
Reposted by Julian-Ferdinand Vögele
malware-traffic-analysis.net
Brad @malware-traffic-analysis.net · 3d
2025-10-08 (Wednesday): #Kongtuke campaign fake CAPTCHA page with #ClickFix instructions. Got a full infection chain, this time. A 205MB zip download makes the #pcap take a while to load in Wireshark. Some IOCs and associated malware/artifacts at www.malware-traffic-analysis.net/2025/10/08/i...
Traffic from the infection filtered in Wireshark. Page from a compromised site with injected Kongtuke script. Fake CAPTCHA page, courtesy of the Kongtuke campaign. Following instructions from the Kongtuke campaign's fake CAPTCHA page.
1 3
Reposted by Julian-Ferdinand Vögele
snlyngaas.bsky.social
Sean Lyngaas @snlyngaas.bsky.social · 3d
Prominent American law firms continue to be breached by suspected Chinese intelligence operatives: www.cnn.com/2025/10/08/p...
US law firm with major political clients hacked in spying spree linked to China | CNN Politics
Suspected Chinese government-backed hackers have breached computer systems of US law firm Williams & Connolly, which has represented some of America’s most powerful politicians, as part of a larger sp...
www.cnn.com
2 2
Reposted by Julian-Ferdinand Vögele
alexmartin.bsky.social
Alexander Martin @alexmartin.bsky.social · 4d
Russia is behind a campaign of cyberattacks, sabotage and provocation across Europe, according to the president of the European Commission, who warned on Wednesday morning: “It is time to call it by its name. This is hybrid warfare, and we have to take it very seriously.”
Russia is at ‘hybrid war’ with Europe, warns EU chief, calling for members ‘to take it very seriously’
European Commission President Ursula Von der Leyen urged the EU to “urgently equip itself with a strategic capacity to respond” to Russian hybrid warfare.
therecord.media
4 15 25
Reposted by Julian-Ferdinand Vögele
briankrebs.infosec.exchange.ap.brid.gy
BrianKrebs @briankrebs.infosec.exchange.ap.brid.gy · 4d
New, by me: A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they refuse […]

[Original post on infosec.exchange]
A screenshot of a scan of the trojan at virustotal.com shows 11 of the 72 security tools detected it as malicious. The malicious indicators are marked in red.
1 18 41
Reposted by Julian-Ferdinand Vögele
campuscodi.risky.biz
Catalin Cimpanu @campuscodi.risky.biz · 4d
-Redis vulnerability impacts all versions released in the last 13 years
-Oracle zero-day used in recent extortion campaign
-New MSS front company discovered
-North Korean hackers have stolen $2 billion this year

Podcast: risky.biz/RBNEWS488/
Newsletter: news.risky.biz/risky-bullet...
1 5 15
Reposted by Julian-Ferdinand Vögele
agreenberg.bsky.social
Andy Greenberg @agreenberg.bsky.social · 11d
A source shares some screenshots of the Lapsus ransomware gang celebrating the government shutdown as a disruption to the FBI investigations tracking them.

They also refer to Trump as "my king."
2 21 31
julianferdinand.bsky.social
Julian-Ferdinand Vögele @julianferdinand.bsky.social · 4d
Recorded Future just published a report diving into the Beijing Institute of Electronics Technology and Application (BIETA), which is almost certainly a front for China’s MSS, developing technologies to support intelligence and military missions. Full report: www.recordedfuture.com/research/bie...
BIETA: A Technology Enablement Front for China's MSS
Discover how China's Ministry of State Security (MSS) almost certainly operates BIETA and its subsidiary CIII as public fronts for cyber-espionage, covert communications, and technology acquisition. C...
www.recordedfuture.com
14 17
Reposted by Julian-Ferdinand Vögele
lgbtqnation.com
LGBTQ Nation @lgbtqnation.com · 4d
Gavin Newsom vetoes gender education bill, declines to sign other trans protections - buff.ly/MTUAV85
350 470 1.2K
Reposted by Julian-Ferdinand Vögele
k3yp0d.bsky.social
Simon Kenin @k3yp0d.bsky.social · 7d
1/4
PDQ which downloads ScreenConnect, the "one weird" RMM trick combo move threat actors don't want you to find out...
1 1 1
Reposted by Julian-Ferdinand Vögele
campuscodi.risky.biz
Catalin Cimpanu @campuscodi.risky.biz · 7d
A network of at least 50 Twitter accounts engaged in an influence operation designed to incite a revolt against the Iranian regime.

CitizenLab believes an Israeli intelligence agency or one of its contractors is behind the operation.

citizenlab.ca/2025/10/ai-e...
4 22
Reposted by Julian-Ferdinand Vögele
hexacorn.bsky.social
Hexacorn @hexacorn.bsky.social · 7d
Using .LNK files as lolbins

www.hexacorn.com/blog/2025/10...
1 3 7
Reposted by Julian-Ferdinand Vögele
mkyo.bsky.social
Mark Kelly @mkyo.bsky.social · 8d
Good piece covering a big burst of TA416 activity targeting European governments last week!
strikereadylabs.com
StrikeReady Labs @strikereadylabs.com · 9d
Quite a bit of CN APT activity in europe in the past week

strikeready.com/blog/cn-apt-...

As always, if you're interested in tuning your skills, download the samples here github.com/StrikeReady-...
CN APT targets Serbian Government
Mustang Panda continues targeting European governments
strikeready.com
2 3
Reposted by Julian-Ferdinand Vögele
ollieatnowhere.bsky.social
Ollie Whitehouse @ollieatnowhere.bsky.social · 8d
Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...
CTO at NCSC Summary: week ending October 5th
Welcome to the weekly highlights and analysis of the blueteamsec Lemmy (and my wider reading).
ctoatncsc.substack.com
2 4
Reposted by Julian-Ferdinand Vögele
signal.org
Signal @signal.org · 9d
We are alarmed by reports that Germany is on the verge of a catastrophic about-face, reversing its longstanding and principled opposition to the EU’s Chat Control proposal which, if passed, could spell the end of the right to privacy in Europe. signal.org/blog/pdfs/ge...
signal.org
42 2.4K 4K
Reposted by Julian-Ferdinand Vögele
ryanaraine.bsky.social
Ryan Naraine @ryanaraine.bsky.social · 9d
We're streaming live to YouTube in ~20 mins. Come hang out with us www.youtube.com/watch?v=zjdh...
Three Buddy Problem (Episode 66)
YouTube video by Three Buddy Problem
www.youtube.com
5 5
Reposted by Julian-Ferdinand Vögele
shashj.bsky.social
Shashank Joshi @shashj.bsky.social · 9d
Our cover this week.
6 32 220