Profile avatar
campuscodi.risky.biz
☆ Cybersecurity reporter ★ Newsletters at Risky Business #infosec #cybersecurity https://risky.biz
2,049 posts 11,382 followers 376 following
Prolific Poster
Conversation Starter
Posts 40 Comments 10

1/2 Telegram, a messenger app known for facilitating child sex abuse, arms dealing, terrorism and drug smuggling, has repeatedly been found to have links with the Russian FSB. Nevertheless,its owner, Pavel Durov,claims to be a freedom fighter opposed to the Kremlin - yet he is able to enter and exit

submitted 11 hours ago • 2 comments

-Russian hackers abuse app-specific passwords to bypass MFA -Viasat identified as 10th Salt Typhoon victim -Predatory Sparrow hacks Iranian crypto-exchange -Argentina arrests Russian disinfo gang -Passkeys for Meta apps Podcast: risky.biz/RBNEWS440/ Newsletter: news.risky.biz/risky-bullet...

submitted 8 hours ago • 1 comment

Ooof RCE in BeyondTrust Remote Support (née Bomgar): www.resillion.com/la...

submitted 2 days ago • 0 comments

I’m hearing from people on the ground that ICE is just dragging people out of Home Depot, Costco, churches, homeless shelters and other places today all over Los Angeles. Men,women children, citizens, legal immigrants…just getting hauled away with no warning. This is so wrong.

submitted 19 hours ago • 3 comments

New DDoS record reported by Cloudflare, which claims it blocked a 7.3 Tbps attack, one full terabit larger than the one seen by Brian Krebs last month blog.cloudflare.com/defending-th...

submitted 20 hours ago • 1 comment

The UK NCSC has published two new malware reports, both PDFs: -UMBRELLA STAND-Malware targeting Fortinet devices: www.ncsc.gov.uk/static-asset... -SHOE RACK-A post-exploitation tool for remote shell access & TCP tunnelling through a victim device: www.ncsc.gov.uk/static-asset...

submitted 1 day ago • 0 comments

"The far-right former president is accused of using Brazil’s intelligence agency to conduct illegal spying." Using Cognyte's FirstMile product which is an SS7 geolocation. Previousy known as SkyLock www.aljazeera.com/news/2025/6/...

submitted 1 day ago • 1 comment

🚨NEW REPORT: exposing clever new hacking tactic. 🇷🇺Russian state-backed hackers used an App-Specific Password attack against prominent Russia expert @keirgiles.bsky.social It's like they knew what we all expect from 🇷🇺...and then did the opposite 1/ By us @citizenlab.ca & Google's GTIG

submitted 1 day ago • 10 comments

JD Vance isn't in the top 20 blocked accounts yet. We can do better.

submitted 1 day ago • 1 comment

North Koreans reportedly host fake Zoom meeting featuring multiple deepfake colleagues. Target’s microphone doesn’t work so the colleagues talk them through installing malicious fix. www.huntress.com/blog/inside-...

submitted 1 day ago • 0 comments

Intel471 has published a profile on Tinker, a member of the Black Basta group who operated call centers, drafted phishing content, and strong-armed ransomware victims into paying intel471.com/blog/a-look-...

submitted 1 day ago • 0 comments

Predatory Sparrow has dumped the Nobitex crytpo platform source code on Telegram They previously stole $90mil worth of assets in a hack yesterday t.me/gonjeshkdara...

submitted 1 day ago • 1 comment

Shit I missed a Jerk off guy?

submitted 1 day ago • 2 comments

Per a new Cybereason report, together with DragonForce, the Qilin ransomware service is one of the biggest and most active RaaS platforms these days www.cybereason.com/blog/threat-...

submitted 1 day ago • 1 comment

Academics published research on FPTrace, a system to detect browser fingerprinting online While not a new, the research finds that the practice is more widely used than previously before, especially after Google threatened to remove 3rd-party cookies engineering.tamu.edu/news/2025/06...

submitted 1 day ago • 1 comment

New Zealand has adopted minimum cybersecurity standards for government agencies. The new standards will apply from October 30. www.ncsc.govt.nz/resources/mi...

submitted 1 day ago • 1 comment

Cyber threat intelligence has evolved primarily as a private domain driven by cyber security vendors and researchers. Is this about to change? My reflections on several recent publications about whether threat intelligence is becoming 'nationalized' fromcyberia.substack.com/p/nationaliz...

submitted 2 days ago • 1 comment

excited bc today @huntress.com is releasing our analysis of a gnarly intrusion into a web3 company by the DPRK's BlueNoroff!! 🤠 we've observed 8 new pieces of macOS malware from implants to infostealers! and they're actually good (for once)! www.huntress.com/blog/inside-...

submitted 1 day ago • 1 comment

For all you insomniacs: have you blocked JD Vance yet? He’s moved past Brianna Wu. You can get him to the top spot. It’s a worthwhile collective effort.

submitted 1 day ago • 17 comments

The US government has seized more than $225.3 million in cryptocurrency stolen through crypto investment scams. The sum represents the largest cryptocurrency seizure against crypto scam operations in US history. www.justice.gov/opa/pr/unite...

submitted 1 day ago • 1 comment

The DOJ is fighting a decision that banned it from using cell phone tower dumps www.courtwatch.news/p/exclusive-...

submitted 1 day ago • 0 comments

Malaysia obtains local court order against Telegram for allegedly spreading harmful content reut.rs/45ACthL

submitted 1 day ago • 0 comments

DHS says Chinese tech firms are "smuggling" signal jammers in the US www.dhs.gov/news/2025/06...

submitted 1 day ago • 1 comment

I post my "Bluesky is dying" article on Twitter and sit back smugly as it's shown to 274 of my 80,000 followers, receiving two likes, on retweet, and an anime avatar called lolitas1488 telling me my inferior skullshape means I belong in the camps.

submitted 1 day ago • 90 comments

The current view from Israeli cyber firm Check Point is they are currently seeing very little significant and successful Iranian activity.

submitted 1 day ago • 2 comments

"By 2029, 10% of global boards will use AI guidance to challenge executive decisions that are material to their business." "By 2027, 50% of business decisions will be augmented or automated by AI agents for decision intelligence." www.gartner.com/en/newsroom/...

submitted 1 day ago • 1 comment

Viasat identified as 10th Salt Typhoon victim Previous ones included: Verizon, AT&T, T-Mobile, Spectrum, Lumen, Consolidated Communications, Windstream, Comcast, and Digital Realty www.bloomberg.com/news/article...

submitted 1 day ago • 0 comments

US intel community "assesses that Israel’s campaign so far had set Iran’s nuclear work back by about 5 to 6 months, the senior US intelligence official said, adding that the damage could grow as Israel’s campaign continues." Only 5-6 mos? Stuxnet also set Iran's nuclear program back about 5-6 months

submitted 2 days ago • 6 comments

I think a lot of journalists and politicians thought that coming to Bluesky would get them praised and worshipped like it was 2017 Twitter and the fact that didn’t instantly happen has absolutely broken their brains

submitted 1 day ago • 133 comments

Kremlin-backed Matryoshka bots attack Armenian PM Pashinyan, falsely accuse him of ignoring genocide, taking strong tranquilizers The Bot Blocker Project @antibot4navalny.bsky.social believes the smear campaign against Pashinyan is timed with his visit to Ankara.

submitted 1 day ago • 0 comments

Believe it or not, I started looking into Crushmate/CrushAI a year ago! And just got too busy with other projects. But with Meta announcing they are suing Joy Timeline, one of the entities linked to CrushAI's nudify ads, we were ready to hit publish on our investigation. Check it out!

submitted 1 day ago • 0 comments

more from me, @wxs.bsky.social (wxsbot), & @jsrailton.bsky.social about the ASP phishing attempts in this great piece by @timstarks.bsky.social. & kudos to @keirgiles.bsky.social for bringing attention to this, especially since it is targeting individuals vs orgs!

submitted 1 day ago • 4 comments

HACK ALERT - Several of my email accounts have been targeted with a sophisticated account takeover that involved impersonating the US State Department. More on the how, what and when later (including how to prevent similar attacks in the future), but for now - [1/5]

submitted 6 days ago • 3 comments

Novel phishing tactic used App Secure Passwords to bypass MFA + take over @keirgiles.bsky.social email accounts. Giles to me: Attack reveals "massive security hole in Gmail,” flaw is "like investing heavily in locks for your front door, but leaving the window open" therecord.media/keir-giles-r...

submitted 1 day ago • 0 comments

The DOJ announces the seizure of $225.3M in crypto, the largest-ever US seizure of cryptocurrency linked to confidence schemes known as "pig butchering" (MacKenzie Sigalos/CNBC) Main Link | Techmeme Permalink

submitted 1 day ago • 2 comments

Write normally about Bluesky challenge level: impossible

submitted 2 days ago • 9 comments

-Chrome gets a new prompt to prevent sneaky local network attacks -Chinese ransomware gang detained in Thailand -100-year-old napkin company goes under after ransomware attack -Israel-linked hackers claim Iran bank disruption Newsletter: news.risky.biz/risky-bullet... Podcast: risky.biz/RBNEWS439/

submitted 2 days ago • 1 comment

These guys are fascinating and yet technical details are about as robust as what we have to go on for Salt Typhoon

submitted 2 days ago • 1 comment

Double scoop : We got to talk to Brett Leatherman about his new role as head of the FBI's Cyber Division, and we broke the news of the latest Salt Typhoon victim to be identified, satellite comms company Viasat: www.bloomberg.com/news/article...

submitted 2 days ago • 0 comments

It got worse:

submitted 2 days ago • 5 comments