Alex Lanstein
@lanstein.bsky.social
threaty threats -- helping build research workflows into a soc product, but I don't speak for them on this acct. pretty good at bash scripts and strings. disclosures on my linkedin below
https://www.linkedin.com/in/alexlanstein/
https://www.linkedin.com/in/alexlanstein/
"Kindness is costless, as well as priceless" - from buffett's new Thanksgiving letter www.businesswire.com/news/home/20...
www.businesswire.com
November 10, 2025 at 5:36 PM
"Kindness is costless, as well as priceless" - from buffett's new Thanksgiving letter www.businesswire.com/news/home/20...
One of the most disturbing things I've ever seen big tech be responsible for -- and I worked at Facebook.
How incredibly fucked.
November 7, 2025 at 2:31 AM
One of the most disturbing things I've ever seen big tech be responsible for -- and I worked at Facebook.
Reposted by Alex Lanstein
New Iran drop from me tracking an attribution nightmare - UNK_SmudgedSerpent! A little Charming, a little Muddy, and a lot C5. Targeting policy experts with benign conversation starters, health-themed infra, OnlyOffice spoofs, and RMMs. Check out the full story www.proofpoint.com/us/blog/thre...
Crossed wires: a case study of Iranian espionage and attribution | Proofpoint US
Proofpoint would like to thank Josh Miller for his initial research on UNK_SmudgedSerpent and contribution to this report. Key findings Between June and August 2025,
www.proofpoint.com
November 5, 2025 at 1:37 PM
New Iran drop from me tracking an attribution nightmare - UNK_SmudgedSerpent! A little Charming, a little Muddy, and a lot C5. Targeting policy experts with benign conversation starters, health-themed infra, OnlyOffice spoofs, and RMMs. Check out the full story www.proofpoint.com/us/blog/thre...
Ok I think this is the top
NVIDIA AND KAZAKHSTAN SIGN MOU WORTH UP TO $2 BILLION FOR ADVANCED AI CHIPS
November 6, 2025 at 8:42 PM
Ok I think this is the top
says the guys who threatened to invade Greenland and Panama. What schmucks we have
Bessent: "I've read that Ontario is spending up to $75 million on these advertisements and it's propaganda coming across our border to decry the tariffs. The premiere of Ontario seems to have come off the rails a little ... this is interference in US sovereign matters."
October 26, 2025 at 4:31 PM
says the guys who threatened to invade Greenland and Panama. What schmucks we have
i heard my kids singing about "APT"s and i was sorely disappointed www.youtube.com/watch?v=ekr2...
ROSÉ & Bruno Mars - APT. (Official Music Video)
YouTube video by ROSÉ
www.youtube.com
October 24, 2025 at 2:46 PM
i heard my kids singing about "APT"s and i was sorely disappointed www.youtube.com/watch?v=ekr2...
If my house ever gets raided I hope they give this treatment to my box of old cables. those things will be valuable some day
October 23, 2025 at 5:48 PM
If my house ever gets raided I hope they give this treatment to my box of old cables. those things will be valuable some day
Learn to hunt part 4: follow along to learn some of our recent VT pivots that have yielded interesting results strikeready.com/blog/finding...
Finding the Unknown Unknowns, Part 4 (NilePhish, SneakyChef, Muddy Water, and a bonus unc)
Follow along as StrikeReady Labs highlights four techniques that were useful to surface four different clusters of targeted threat activity in 2025
strikeready.com
October 21, 2025 at 4:41 PM
Learn to hunt part 4: follow along to learn some of our recent VT pivots that have yielded interesting results strikeready.com/blog/finding...
Between the Ontario anti tariff ad and the tweezer bumper music, good off field entertainment
October 21, 2025 at 1:49 AM
Between the Ontario anti tariff ad and the tweezer bumper music, good off field entertainment
Reposted by Alex Lanstein
Quite a bit of CN APT activity in europe in the past week
strikeready.com/blog/cn-apt-...
As always, if you're interested in tuning your skills, download the samples here github.com/StrikeReady-...
strikeready.com/blog/cn-apt-...
As always, if you're interested in tuning your skills, download the samples here github.com/StrikeReady-...
CN APT targets Serbian Government
Mustang Panda continues targeting European governments
strikeready.com
October 3, 2025 at 2:30 PM
Quite a bit of CN APT activity in europe in the past week
strikeready.com/blog/cn-apt-...
As always, if you're interested in tuning your skills, download the samples here github.com/StrikeReady-...
strikeready.com/blog/cn-apt-...
As always, if you're interested in tuning your skills, download the samples here github.com/StrikeReady-...
Reposted by Alex Lanstein
Spearphishing the news: sidewinder using the Nepal protests as APT lures strikeready.com/blog/sidewin...
Sidewinder APT leverages Nepal protests to push mobile malware
Sidewinder APT is leveraging the ongoing turmoil in Nepal to distribute mobile malware.
strikeready.com
September 12, 2025 at 4:24 PM
Spearphishing the news: sidewinder using the Nepal protests as APT lures strikeready.com/blog/sidewin...
8 digit ICQ number
Age verification? The first time I saw The Simpsons was on The Tracey Ullman Show.
Age verification? I audiotaped network TV shows with a cassette recorder.
September 10, 2025 at 2:38 AM
8 digit ICQ number
These folks continue to put out awesome research. Note that this appears separate than the other large streaming takedown this week of streameast
NEW THREAT REPORT 🚨 Massive IPTV network uncovered by Silent Push.
Read full investigation: www.silentpush.com/blog/iptv-pi...
Enterprise Users can access our Bulk Data Exports of IPTV piracy indicators to support their investigations.
#CTI #Netflix #PrimeVideo #NBA #AppleTV #piracy
Read full investigation: www.silentpush.com/blog/iptv-pi...
Enterprise Users can access our Bulk Data Exports of IPTV piracy indicators to support their investigations.
#CTI #Netflix #PrimeVideo #NBA #AppleTV #piracy
Massive IPTV Piracy Network Uncovered by Silent Push
Silent Push uncovered a massive IPTV-based piracy network, hosted across 1,000+ domains and 10,000+ IPs, affecting more than 20 major brands.
hubs.ly
September 4, 2025 at 8:57 AM
These folks continue to put out awesome research. Note that this appears separate than the other large streaming takedown this week of streameast
Reposted by Alex Lanstein
Fun crossover blog about TA829 (RomCom) & TransferLoader with my ecrime pals @selenalarson.bsky.social it’s got it all:
🛰️ Popped routers for sending phish
📊 ACH on attribution
👾 custom protocols
👽 cool malware
🕵️ crime
🎯 espionage
❔many unanswered questions
www.proofpoint.com/us/blog/thre...
🛰️ Popped routers for sending phish
📊 ACH on attribution
👾 custom protocols
👽 cool malware
🕵️ crime
🎯 espionage
❔many unanswered questions
www.proofpoint.com/us/blog/thre...
10 Things I Hate About Attribution: RomCom vs. TransferLoader | Proofpoint US
Threat Research would like to acknowledge and thank the Paranoids, Spur, and Pim Trouerbach for their collaboration to identify, track, and disrupt this activity. Key takeaways
www.proofpoint.com
June 30, 2025 at 10:04 AM
Fun crossover blog about TA829 (RomCom) & TransferLoader with my ecrime pals @selenalarson.bsky.social it’s got it all:
🛰️ Popped routers for sending phish
📊 ACH on attribution
👾 custom protocols
👽 cool malware
🕵️ crime
🎯 espionage
❔many unanswered questions
www.proofpoint.com/us/blog/thre...
🛰️ Popped routers for sending phish
📊 ACH on attribution
👾 custom protocols
👽 cool malware
🕵️ crime
🎯 espionage
❔many unanswered questions
www.proofpoint.com/us/blog/thre...
Shout out to Icom for this perfect advertisement
June 21, 2025 at 9:04 PM
Shout out to Icom for this perfect advertisement
There is no bottom
May 22, 2025 at 10:01 AM
There is no bottom
May 21, 2025 at 1:26 PM
Ah yes that famous phrase. This thing isn't coming for your job any time soon
May 10, 2025 at 11:12 PM
Ah yes that famous phrase. This thing isn't coming for your job any time soon
If you’re over 30, quote this with some life advice 🤌🏼
May 10, 2025 at 10:58 AM
The evergreen gif for this band of unserious schmucks.
May 6, 2025 at 9:47 AM
The evergreen gif for this band of unserious schmucks.
If you're headed out to SF for RSA, skip chipotle and head to The Bird for the best fried chicken sandwich you'll ever have
April 27, 2025 at 2:06 PM
If you're headed out to SF for RSA, skip chipotle and head to The Bird for the best fried chicken sandwich you'll ever have
Kinda wonder if hegseth himself has ever sat for a poly. doubt it based on his resume
From WSJ tonight:
“I’ll hook you up to a fucking polygraph!” Hegseth shouted at Adm. Christopher Grady, the then-acting Chairman of the Joint Chiefs of Staff.
Free link ⤵️
www.wsj.com/politics/nat...
“I’ll hook you up to a fucking polygraph!” Hegseth shouted at Adm. Christopher Grady, the then-acting Chairman of the Joint Chiefs of Staff.
Free link ⤵️
www.wsj.com/politics/nat...
Exclusive | Polygraph Threats, Leaks and Infighting: The Chaos Inside Hegseth’s Pentagon
Defense secretary has chastised top military officers and staffers as he seeks to quiet a storm he helped create
www.wsj.com
April 25, 2025 at 11:26 AM
Kinda wonder if hegseth himself has ever sat for a poly. doubt it based on his resume
Nice sentiment but he was perfectly fine giving up on Hong Kong last time around.
From the WSJ Ed Board: “As Korean War historian T.R. Fehrenbach put it, there are tigers in the world. And you can’t deal with a tiger by soliciting his perspective on his hunger. Mr. Trump can’t want his legacy to be handing Ukraine to Mr. Putin...” www.wsj.com/opinion/russ...
Opinion | A Moment of Truth in Ukraine
The missile strike on civilians is clarifying about the war’s causes.
www.wsj.com
April 25, 2025 at 10:50 AM
Nice sentiment but he was perfectly fine giving up on Hong Kong last time around.
@microsoft.com please make your AI realize that if i have multiple outlook tabs open that i dont need 5 million chimes when i get a new notification
April 24, 2025 at 2:57 PM
@microsoft.com please make your AI realize that if i have multiple outlook tabs open that i dont need 5 million chimes when i get a new notification
in case you need a new slide for your "AI risks" slide deck
April 24, 2025 at 2:14 PM
in case you need a new slide for your "AI risks" slide deck