Reposted by Cyber-Chicken
Congrats to Casimiro! Friday's winner of three free months in my Analyst Skills Vault! networkdefense.co/skillsvault
Each day of the sale, one person who uses this discount code will be randomly selected to win!
Each day of the sale, one person who uses this discount code will be randomly selected to win!
November 29, 2025 at 2:25 PM
Congrats to Casimiro! Friday's winner of three free months in my Analyst Skills Vault! networkdefense.co/skillsvault
Each day of the sale, one person who uses this discount code will be randomly selected to win!
Each day of the sale, one person who uses this discount code will be randomly selected to win!
Reposted by Cyber-Chicken
Talks from the r2con 2025 security conference, which is taking place over the weekend, are available on YouTube:
www.youtube.com/@radareorg/p...
www.youtube.com/@radareorg/p...
radareorg
Your favourite conference around the tool radare2
www.youtube.com
October 25, 2025 at 5:29 PM
Talks from the r2con 2025 security conference, which is taking place over the weekend, are available on YouTube:
www.youtube.com/@radareorg/p...
www.youtube.com/@radareorg/p...
Reposted by Cyber-Chicken
An iPhone app called ICEBlock, which allows anyone to lawfully and anonymously report ICE sightings and get notified about nearby ICE agents, went viral overnight after criticism from the US Attorney General.
FYI: The app doesn't collect or store user data. (I checked by doing a traffic analysis.)
FYI: The app doesn't collect or store user data. (I checked by doing a traffic analysis.)
ICEBlock, an app for anonymously reporting ICE sightings, goes viral overnight after Bondi criticism | TechCrunch
The citizen app for anonymously reporting ICE agents and raids went viral after criticism from the U.S. Attorney General.
techcrunch.com
July 1, 2025 at 10:13 PM
An iPhone app called ICEBlock, which allows anyone to lawfully and anonymously report ICE sightings and get notified about nearby ICE agents, went viral overnight after criticism from the US Attorney General.
FYI: The app doesn't collect or store user data. (I checked by doing a traffic analysis.)
FYI: The app doesn't collect or store user data. (I checked by doing a traffic analysis.)
Reposted by Cyber-Chicken
#TMSGNL, a chat app by a US-Israeli firm used by Trump officials, has halted operations after a hacker accessed messages and backend data.
Read: hackread.com/telemessage-...
#CyberSecurity #TeleMessage #Privacy #Breach #Trump
Read: hackread.com/telemessage-...
#CyberSecurity #TeleMessage #Privacy #Breach #Trump
Chat App Used by Trump Admin Suspends Operation Amid Hack
Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread
hackread.com
May 5, 2025 at 9:34 PM
#TMSGNL, a chat app by a US-Israeli firm used by Trump officials, has halted operations after a hacker accessed messages and backend data.
Read: hackread.com/telemessage-...
#CyberSecurity #TeleMessage #Privacy #Breach #Trump
Read: hackread.com/telemessage-...
#CyberSecurity #TeleMessage #Privacy #Breach #Trump
Reposted by Cyber-Chicken
Sharing for the night crew. The MalChela YARA & Malware Analysis toolkit now has a GUI. But there’s much more than that. An updated fileanalyzer module, 15 new detections in mstrings and 3rd party tool integrations.
GitHub: github.com/dwmetz/MalCh...
Blog: bakerstreetforensics.com/2025/04/25/m...
GitHub: github.com/dwmetz/MalCh...
Blog: bakerstreetforensics.com/2025/04/25/m...
April 26, 2025 at 1:48 AM
Sharing for the night crew. The MalChela YARA & Malware Analysis toolkit now has a GUI. But there’s much more than that. An updated fileanalyzer module, 15 new detections in mstrings and 3rd party tool integrations.
GitHub: github.com/dwmetz/MalCh...
Blog: bakerstreetforensics.com/2025/04/25/m...
GitHub: github.com/dwmetz/MalCh...
Blog: bakerstreetforensics.com/2025/04/25/m...
Reposted by Cyber-Chicken
SilentPush has published a profile of Chinese cybercrime group Smishing Triad.
The group is massive, with operations across 121 countries.
The report also looks at the group's new phishing kit, named Lighthouse.
www.silentpush.com/blog/smishin...
The group is massive, with operations across 121 countries.
The report also looks at the group's new phishing kit, named Lighthouse.
www.silentpush.com/blog/smishin...
April 10, 2025 at 5:39 PM
SilentPush has published a profile of Chinese cybercrime group Smishing Triad.
The group is massive, with operations across 121 countries.
The report also looks at the group's new phishing kit, named Lighthouse.
www.silentpush.com/blog/smishin...
The group is massive, with operations across 121 countries.
The report also looks at the group's new phishing kit, named Lighthouse.
www.silentpush.com/blog/smishin...
Reposted by Cyber-Chicken
🚨 THREAT REPORT: Silent Push Threat Analysts confirm the evolving threat actor Scattered Spider is actively targeting high-profile organizations in 2025.
Read: hubs.ly/Q03gl0kx0
Targets: Chick-fil-A, Credit Karma, Forbes, Nike, T-Mobile and more... 🎯
#scatteredspider #cyberattack #phishing #CTI
Read: hubs.ly/Q03gl0kx0
Targets: Chick-fil-A, Credit Karma, Forbes, Nike, T-Mobile and more... 🎯
#scatteredspider #cyberattack #phishing #CTI
Scattered Spider: Still Hunting for Victims in 2025
Silent Push has discovered the evolving threat Scattered Spider is still hunting for victims in 2025, targeting brands and services.
hubs.ly
April 8, 2025 at 3:46 PM
🚨 THREAT REPORT: Silent Push Threat Analysts confirm the evolving threat actor Scattered Spider is actively targeting high-profile organizations in 2025.
Read: hubs.ly/Q03gl0kx0
Targets: Chick-fil-A, Credit Karma, Forbes, Nike, T-Mobile and more... 🎯
#scatteredspider #cyberattack #phishing #CTI
Read: hubs.ly/Q03gl0kx0
Targets: Chick-fil-A, Credit Karma, Forbes, Nike, T-Mobile and more... 🎯
#scatteredspider #cyberattack #phishing #CTI
Reposted by Cyber-Chicken
Oracle has a serious, customer impacting security incident playing out in Oracle Classic, a cloud SaaS service they manage. They're attempting to deny it by saying there's no problem in "Oracle Cloud", which is wordplay. doublepulsar.com/oracle-attem...
Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service
Being a provider of cloud SaaS (Software-as-a-service) solutions requires certain cybersecurity responsibilities — including being…
doublepulsar.com
March 31, 2025 at 2:31 PM
Oracle has a serious, customer impacting security incident playing out in Oracle Classic, a cloud SaaS service they manage. They're attempting to deny it by saying there's no problem in "Oracle Cloud", which is wordplay. doublepulsar.com/oracle-attem...
Reposted by Cyber-Chicken
Revamped and updated my Amazon list for Digital Forensic go-kit hardware, take a look! #DFIR amzn.to/4bUgDXj
March 16, 2025 at 3:39 PM
Revamped and updated my Amazon list for Digital Forensic go-kit hardware, take a look! #DFIR amzn.to/4bUgDXj
Reposted by Cyber-Chicken
New Akira decryption method found: tinyhack.com/2025/03/13/d...
Works only with Akira 2024 variants.
Code: github.com/yohanes/akir...
Works only with Akira 2024 variants.
Code: github.com/yohanes/akir...
Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs
I recently helped a company recover their data from the Akira ransomware without paying the ransom. I'm sharing how I did it, along with the full source code.
The code is here: https://github.com/y...
tinyhack.com
March 15, 2025 at 11:02 PM
New Akira decryption method found: tinyhack.com/2025/03/13/d...
Works only with Akira 2024 variants.
Code: github.com/yohanes/akir...
Works only with Akira 2024 variants.
Code: github.com/yohanes/akir...
Reposted by Cyber-Chicken
A new report from Forescout Research's Vedere Labs details the tactics, techniques, and procedures (TTPs) used by Mora_001, along with recommended detection and mitigation strategies. www.forescout.com/blog/new-ran...
March 14, 2025 at 10:37 AM
A new report from Forescout Research's Vedere Labs details the tactics, techniques, and procedures (TTPs) used by Mora_001, along with recommended detection and mitigation strategies. www.forescout.com/blog/new-ran...
Reposted by Cyber-Chicken
A security researcher known as Buherator has published a write-up and PoC for an Apache Tomcat remote code execution vulnerability (CVE-2025-24813) patched this week
scrapco.de/blog/analysi...
lists.apache.org/thread/j5fkj...
scrapco.de/blog/analysi...
lists.apache.org/thread/j5fkj...
March 12, 2025 at 9:24 PM
A security researcher known as Buherator has published a write-up and PoC for an Apache Tomcat remote code execution vulnerability (CVE-2025-24813) patched this week
scrapco.de/blog/analysi...
lists.apache.org/thread/j5fkj...
scrapco.de/blog/analysi...
lists.apache.org/thread/j5fkj...
Reposted by Cyber-Chicken
Google's Mandiant team has released GoStringUngarbler, a Python CLI tool to automatically decrypt strings found in garble-obfuscated Go binaries
cloud.google.com/blog/topics/...
github.com/mandiant/gos...
cloud.google.com/blog/topics/...
github.com/mandiant/gos...
March 9, 2025 at 1:14 PM
Google's Mandiant team has released GoStringUngarbler, a Python CLI tool to automatically decrypt strings found in garble-obfuscated Go binaries
cloud.google.com/blog/topics/...
github.com/mandiant/gos...
cloud.google.com/blog/topics/...
github.com/mandiant/gos...