banner
euben.bsky.social
Eugenio Benincasa
@euben.bsky.social
300 followers 190 following 56 posts
Cyber Defense Researcher @ethz.ch. Former Italian govt, Pacific Forum and NYPD. LUISS & Columbia University Alum.
Posts Media Videos Starter Packs
Pinned
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 21
1/ China’s cyber capabilities didn’t start top-down, they started with raw hacking talent. The new CSS/ETH report "Before Vegas" traces how informal talent shaped China’s cyber ecosystem, moving from online forums to industry leaders (link in thread).
1 8 14
Reposted by Eugenio Benincasa
nattothoughts.bsky.social
Natto Thoughts @nattothoughts.bsky.social · Aug 13
@euben.bsky.social Eugenio’s research explains the elite cyber talent paradox in China - “all people are soldiers” vs “extremely lean.”

#Cybersecurity #TalentPipeline #CyberOperations

nattothoughts.substack.com/p/few-and-fa...
Few and Far Between: During China’s Red Hacker Era, Patriotic Hacktivism Was Widespread—Talent Was Not
Inside the small, elite circles that powered China’s massive hacker communities in the late 1990s and 2000s.
nattothoughts.substack.com
2 2
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Aug 1
Can’t wait for this :)
bindinghook.bsky.social
Binding Hook @bindinghook.bsky.social · Aug 1
⚡Meet our Lightning Talk speakers at #BindingHookLive: @euben.bsky.social, @melissakgriffith.bsky.social, @benread.bsky.social, @disclosing.observer, Lena Riecke and Selena Larson! Request your invite: bindinghooklive.com
1
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 31
Available here: nattothoughts.substack.com/p/when-privi...
When Privileged Access Falls into the Wrong Hands: Chinese Companies in Microsoft’s MAPP Program
Chinese companies face conflicting pressures between MAPP’s non-disclosure requirements and domestic policies that incentivize or mandate vulnerability disclosure to the state.
nattothoughts.substack.com
1
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 31
Microsoft is probing whether a MAPP leak let Chinese hackers exploit a SharePoint vuln pre-patch.

In this new piece for Natto,
@dakotaindc.bsky.social, @meidanowski.bsky.social & I dig into:
🏛️ China's vuln reporting rules
📉 Which firms joined/left MAPP since 2018
⚠️ The risks today’s members pose
1 4 11
Reposted by Eugenio Benincasa
rjgallagher.co.uk
Ryan Gallagher @rjgallagher.co.uk · Jul 25
New: Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in SharePoint before they were patched, enabling a global campaign of cyberattacks, according to people familiar: www.bloomberg.com/news/article...
Microsoft Probing If Chinese Hackers Learned of Flaws Via Alert
Microsoft Corp. is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in its SharePoint service before they were patched, acc...
www.bloomberg.com
1 8 9
Reposted by Eugenio Benincasa
bindinghook.bsky.social
Binding Hook @bindinghook.bsky.social · Jul 25
In the latest Hooked!, editor @katharinegk.bsky.social ties together some fascinating recent research from @benread.bsky.social , @euben.bsky.social, @winnona.bsky.social, and others on private sector elements of Chinese offensive cyber: bindinghook.com/articles-hoo...
Hooked! #5: A series of new reports and research shows that China’s tech sector is on the offense
A series of new reports and research shows that China’s tech sector is on the offense
bindinghook.com
2 6
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 21
css.ethz.ch/en/center/CS...
Before Vegas: The “Red Hackers” Who Shaped China’s Cyber Ecosystem
This CSS Cyberdefense report by Eugenio Benincasa examines how a core group of red hackers from the 1990s and 2000s laid the groundwork for China’s modern cyber capabilities and traces their trajector...
css.ethz.ch
Reposted by Eugenio Benincasa
780thmibdecyber.bsky.social
780th Military Intelligence Brigade (Cyber) @780thmibdecyber.bsky.social · Jul 21
Before Vegas – The “Red Hackers” Who Shaped China’s Cyber Ecosystem (Center for Security Studies at ETH Zürich): css.ethz.ch/content/dam/...
css.ethz.ch
1 1
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 21
6/ Sincerely grateful to the all-star team of experts who shared their insights and feedback: Scott Henderson (Google Mandiant), Adam Kozy (SinaCyber), @meidanowski.bsky.social (@nattothoughts.bsky.social), @thegrugq.bsky.social, @Chris St.Myers (SentinelOne), & Charles Li and Zha0 (TeamT5)
3
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 21
5/ The key lesson: what begins in anonymous forums can end in boardrooms and on digital battlefields. Overlooking civilian hacking talent is a strategic risk.
1 2 2
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 21
@kimzetter.bsky.social's excellent piece for Wired unpacks the state-linked side of the story, covering the report and Adam Kozy’s research: www.wired.com/story/china-...
How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyberspies
A new report traces the history of the early wave of Chinese hackers who became the backbone of the state's espionage apparatus.
www.wired.com
1 1
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 21
3/ Some Red 40 hackers have carried out operations on behalf of China’s military and intelligence services. Their informal networks, formed during their teens or twenties as members of the same hacking groups, exemplify tool sharing and collab that underpins China’s APTs MO.
1 1
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 21
2/ It identifies 40 prominent red hackers — “The Red 40” — who shaped China’s cyber ecosystem from the ground up. It tells the story of how these individuals transitioned from online forums to becoming part of a tightly integrated ecosystem.

Full report:
css.ethz.ch/en/center/CS...
css.ethz.ch
1 2
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 21
1/ China’s cyber capabilities didn’t start top-down, they started with raw hacking talent. The new CSS/ETH report "Before Vegas" traces how informal talent shaped China’s cyber ecosystem, moving from online forums to industry leaders (link in thread).
1 8 14
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 20
haha haven't spent too much time around here
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 20
Thank you 🙏 really appreciate it!
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 20
Thank you! I’d definitely add Alex Josie’s “Spies and Lies” to the book list
2 4
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 19
Thank you! Looking forward to hearing your thoughts on it
2
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jul 19
Fully agree, Patrick. I also love his work. He was very kind to review the report and provide feedback before publication 😊
Reposted by Eugenio Benincasa
kimzetter.bsky.social
Kim Zetter @kimzetter.bsky.social · Jul 18
How did China's top APT hackers come to be? Many were early "Honkers" - patriotic hackers who in late 90s launched low-skill cyberattacks against nations deemed disrespectful to China. But once Honkers developed their skills, PLA/MSS came calling. Based on great research by bsky.app/profile/eube...
How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyber Spies
A new report traces the history of the early wave of Chinese hackers who became the backbone of the state's espionage apparatus.
www.wired.com
30 58
Reposted by Eugenio Benincasa
nattothoughts.bsky.social
Natto Thoughts @nattothoughts.bsky.social · Jul 10
How has China advanced its AI development to its current state? No single innovation path in AI can be considered definitive.

nattothoughts.substack.com/p/debating-c...
Pick Your Innovation Path in AI: Chinese Edition
China’s advances in AI show the effects of a state approach of “introduce, digest, absorb, re-innovate” and years of debate on the balance between market-driven innovation and state-led development
nattothoughts.substack.com
1 2
Reposted by Eugenio Benincasa
shashj.bsky.social
Shashank Joshi @shashj.bsky.social · Jul 11
I wrote on the arrest in Italy of Xu Zewei, an alleged Chinese hacker, perhaps the first case where America has sought to extradite a Chinese hacker for mainly or exclusively cyber operations—in this case theft of Covid research during the pandemic. www.economist.com/china/2025/0...
America is coming after Chinese it accuses of hacking
Xu Zewei was arrested in Milan on July 3rd
www.economist.com
12 71
Reposted by Eugenio Benincasa
winnona.bsky.social
Winnona @winnona.bsky.social · Jul 9
“alignment with CCP priorities offers privileged access to state resources, regulatory favor, and expanded commercial opportunities [to hackers]."

NEW Phenomenal report on Chinese civil military fusion and cyber militias by Kieran Green: margin.re/mobilizing-c...
Mobilizing Cyber Power: The Growing Role of Cyber Militias in China’s Network Warfare Force Structure
This report examines how China’s cybersecurity industry fields reserve and militia units in support of the PLA and national mobilization system.
margin.re
1 4
Reposted by Eugenio Benincasa
winnona.bsky.social
Winnona @winnona.bsky.social · Jun 25
🚨 NEW PAPER on the 0day Supply Chain 🚨:
I gathered open source data & interviewed Gov employees, VR and china researchers to figure out what the zero day marketplace looks like in the U.S. and how it compares to China.

key findings below ⬇️- 0/🧵 
www.atlanticcouncil.org/in-depth-res...
Crash (exploit) and burn: Securing the offensive cyber supply chain to counter China in cyberspace
If the United States wishes to compete in cyberspace, it must compete against China to secure its offensive cyber supply chain.
www.atlanticcouncil.org
2 17 26
euben.bsky.social
Eugenio Benincasa @euben.bsky.social · Jun 13
I think European countries are struggling even to allow government teams to do this kind of work, so extending it to broader private sector involvement seems unlikely to me as things stand
1 1