Alex Lanstein
@lanstein.bsky.social
threaty threats -- helping build research workflows into a soc product, but I don't speak for them on this acct. pretty good at bash scripts and strings. disclosures on my linkedin below
https://www.linkedin.com/in/alexlanstein/
https://www.linkedin.com/in/alexlanstein/
@michaelsantoli.bsky.social has anyone guessed who it is in your mentions? i'm bizarrely excited about this, after following his calls for what seems like more than a decade on fintwit
December 29, 2025 at 9:00 PM
@michaelsantoli.bsky.social has anyone guessed who it is in your mentions? i'm bizarrely excited about this, after following his calls for what seems like more than a decade on fintwit
Between the pats being unavailable in Boston today, and having to pay 17 dollars for peacock, even tho I pay for fios, I'm finally done with cable tv. Cutting the cord tomorrow, and I doubt I'll save any money.
December 28, 2025 at 5:54 PM
Between the pats being unavailable in Boston today, and having to pay 17 dollars for peacock, even tho I pay for fios, I'm finally done with cable tv. Cutting the cord tomorrow, and I doubt I'll save any money.
Hadn't considered this angle tbh
will also add - yes, this is my personal crusade - that turning podcasts into videos implicitly asks women to once again make more effort than men, as the bar for "camera-ready" for one gender is obviously higher than for the other
‘Painful to hear!’ How podcasts’ rush to video is turning them into dreadful listens
December 27, 2025 at 12:24 PM
Hadn't considered this angle tbh
@tracyalloway.bsky.social and @weisenthal.bsky.social did an awesome pod about this open.spotify.com/episode/3tDz...
I'm shocked how many people purchase this stuff post New England Compounding
I'm shocked how many people purchase this stuff post New England Compounding
December 25, 2025 at 6:48 PM
@tracyalloway.bsky.social and @weisenthal.bsky.social did an awesome pod about this open.spotify.com/episode/3tDz...
I'm shocked how many people purchase this stuff post New England Compounding
I'm shocked how many people purchase this stuff post New England Compounding
All this because tom cotton got fooled by an online troll with a bad Photoshop
Trump: "We need Greenland for national protection. They have a very small population. They say Denmark, but Denmark has spent no money. They have no military protection. They say Denmark was there 300 years ago or something with a boat. Well, we were there with boats too I'm sure."
December 23, 2025 at 12:54 AM
All this because tom cotton got fooled by an online troll with a bad Photoshop
new one from our labs folks on #unc1151 targeting Poland and Ukraine #apt strikeready.com/blog/captch-...
Captch-ya if you can
UNC1151 has operated with a higher operational tempo in 2025, and in this blog, Labs shows how to track this actor, by surfacing two clusters of activity, and tying it to previously attributed samples...
strikeready.com
December 11, 2025 at 8:18 PM
new one from our labs folks on #unc1151 targeting Poland and Ukraine #apt strikeready.com/blog/captch-...
RIP to the great Steve Cropper, lead guitar in Murph and the MagicTones, and a few other songs you might know open.spotify.com/album/4cO51K...
December 5, 2025 at 8:17 PM
RIP to the great Steve Cropper, lead guitar in Murph and the MagicTones, and a few other songs you might know open.spotify.com/album/4cO51K...
i cannot believe these schmucks are going to be talking about portion markings again. and that secdef doesn't know when to use / vs //
December 4, 2025 at 5:12 PM
i cannot believe these schmucks are going to be talking about portion markings again. and that secdef doesn't know when to use / vs //
would have been interested to see this KVM setup and how they could close the door
December 4, 2025 at 5:08 PM
would have been interested to see this KVM setup and how they could close the door
Reposted by Alex Lanstein
*BESSENT: NEXT YEAR IS GOING TO BE THE YEAR FOR MAIN STREET
December 2, 2025 at 5:55 PM
*BESSENT: NEXT YEAR IS GOING TO BE THE YEAR FOR MAIN STREET
A surprising amount of detail from the agents responsible for investigating this one. Great listen if you want the inside baseball
New @secretsandspies.bsky.social is out! I spoke with former FBI Special Agent Jim Gaylord about his book Chasing Chi, the Chi Mak spy ring, and what the case reveals about China’s espionage threat now.
🎧 pod.fo/e/35c7dc
🎥 youtu.be/OxzTwaS5W5M
🎧 pod.fo/e/35c7dc
🎥 youtu.be/OxzTwaS5W5M
November 30, 2025 at 4:22 AM
A surprising amount of detail from the agents responsible for investigating this one. Great listen if you want the inside baseball
really cool story -- great blog pfpt. 7-day perma link www.bloomberg.com/news/article...
November 20, 2025 at 9:39 PM
really cool story -- great blog pfpt. 7-day perma link www.bloomberg.com/news/article...
"Kindness is costless, as well as priceless" - from buffett's new Thanksgiving letter www.businesswire.com/news/home/20...
www.businesswire.com
November 10, 2025 at 5:36 PM
"Kindness is costless, as well as priceless" - from buffett's new Thanksgiving letter www.businesswire.com/news/home/20...
One of the most disturbing things I've ever seen big tech be responsible for -- and I worked at Facebook.
How incredibly fucked.
November 7, 2025 at 2:31 AM
One of the most disturbing things I've ever seen big tech be responsible for -- and I worked at Facebook.
Reposted by Alex Lanstein
New Iran drop from me tracking an attribution nightmare - UNK_SmudgedSerpent! A little Charming, a little Muddy, and a lot C5. Targeting policy experts with benign conversation starters, health-themed infra, OnlyOffice spoofs, and RMMs. Check out the full story www.proofpoint.com/us/blog/thre...
Crossed wires: a case study of Iranian espionage and attribution | Proofpoint US
Proofpoint would like to thank Josh Miller for his initial research on UNK_SmudgedSerpent and contribution to this report. Key findings Between June and August 2025,
www.proofpoint.com
November 5, 2025 at 1:37 PM
New Iran drop from me tracking an attribution nightmare - UNK_SmudgedSerpent! A little Charming, a little Muddy, and a lot C5. Targeting policy experts with benign conversation starters, health-themed infra, OnlyOffice spoofs, and RMMs. Check out the full story www.proofpoint.com/us/blog/thre...
Ok I think this is the top
NVIDIA AND KAZAKHSTAN SIGN MOU WORTH UP TO $2 BILLION FOR ADVANCED AI CHIPS
November 6, 2025 at 8:42 PM
Ok I think this is the top
says the guys who threatened to invade Greenland and Panama. What schmucks we have
Bessent: "I've read that Ontario is spending up to $75 million on these advertisements and it's propaganda coming across our border to decry the tariffs. The premiere of Ontario seems to have come off the rails a little ... this is interference in US sovereign matters."
October 26, 2025 at 4:31 PM
says the guys who threatened to invade Greenland and Panama. What schmucks we have
i heard my kids singing about "APT"s and i was sorely disappointed www.youtube.com/watch?v=ekr2...
ROSÉ & Bruno Mars - APT. (Official Music Video)
YouTube video by ROSÉ
www.youtube.com
October 24, 2025 at 2:46 PM
i heard my kids singing about "APT"s and i was sorely disappointed www.youtube.com/watch?v=ekr2...
If my house ever gets raided I hope they give this treatment to my box of old cables. those things will be valuable some day
October 23, 2025 at 5:48 PM
If my house ever gets raided I hope they give this treatment to my box of old cables. those things will be valuable some day
Learn to hunt part 4: follow along to learn some of our recent VT pivots that have yielded interesting results strikeready.com/blog/finding...
Finding the Unknown Unknowns, Part 4 (NilePhish, SneakyChef, Muddy Water, and a bonus unc)
Follow along as StrikeReady Labs highlights four techniques that were useful to surface four different clusters of targeted threat activity in 2025
strikeready.com
October 21, 2025 at 4:41 PM
Learn to hunt part 4: follow along to learn some of our recent VT pivots that have yielded interesting results strikeready.com/blog/finding...
Between the Ontario anti tariff ad and the tweezer bumper music, good off field entertainment
October 21, 2025 at 1:49 AM
Between the Ontario anti tariff ad and the tweezer bumper music, good off field entertainment
Reposted by Alex Lanstein
Quite a bit of CN APT activity in europe in the past week
strikeready.com/blog/cn-apt-...
As always, if you're interested in tuning your skills, download the samples here github.com/StrikeReady-...
strikeready.com/blog/cn-apt-...
As always, if you're interested in tuning your skills, download the samples here github.com/StrikeReady-...
CN APT targets Serbian Government
Mustang Panda continues targeting European governments
strikeready.com
October 3, 2025 at 2:30 PM
Quite a bit of CN APT activity in europe in the past week
strikeready.com/blog/cn-apt-...
As always, if you're interested in tuning your skills, download the samples here github.com/StrikeReady-...
strikeready.com/blog/cn-apt-...
As always, if you're interested in tuning your skills, download the samples here github.com/StrikeReady-...
Reposted by Alex Lanstein
Spearphishing the news: sidewinder using the Nepal protests as APT lures strikeready.com/blog/sidewin...
Sidewinder APT leverages Nepal protests to push mobile malware
Sidewinder APT is leveraging the ongoing turmoil in Nepal to distribute mobile malware.
strikeready.com
September 12, 2025 at 4:24 PM
Spearphishing the news: sidewinder using the Nepal protests as APT lures strikeready.com/blog/sidewin...
8 digit ICQ number
Age verification? The first time I saw The Simpsons was on The Tracey Ullman Show.
Age verification? I audiotaped network TV shows with a cassette recorder.
September 10, 2025 at 2:38 AM
8 digit ICQ number
These folks continue to put out awesome research. Note that this appears separate than the other large streaming takedown this week of streameast
NEW THREAT REPORT 🚨 Massive IPTV network uncovered by Silent Push.
Read full investigation: www.silentpush.com/blog/iptv-pi...
Enterprise Users can access our Bulk Data Exports of IPTV piracy indicators to support their investigations.
#CTI #Netflix #PrimeVideo #NBA #AppleTV #piracy
Read full investigation: www.silentpush.com/blog/iptv-pi...
Enterprise Users can access our Bulk Data Exports of IPTV piracy indicators to support their investigations.
#CTI #Netflix #PrimeVideo #NBA #AppleTV #piracy
Massive IPTV Piracy Network Uncovered by Silent Push
Silent Push uncovered a massive IPTV-based piracy network, hosted across 1,000+ domains and 10,000+ IPs, affecting more than 20 major brands.
hubs.ly
September 4, 2025 at 8:57 AM
These folks continue to put out awesome research. Note that this appears separate than the other large streaming takedown this week of streameast