Profile avatar
hultquist.bsky.social
Mandiant Intelligence at Google. CYBERWARCON and SLEUTHCON founder. Johns Hopkins professor. Army vet.
163 posts 8,808 followers 307 following
Prolific Poster
Posts 42 Comments 8

Last day to get your @sleuthcon.bsky.social tickets!!!

submitted 4 hours ago • 0 comments

access handoffs

submitted 23 hours ago • 0 comments

Researchers at Google said a prolific cybercrime group is tricking companies into giving them access to a Salesforce tool, allowing them to steal data and extort the organizations therecord.media/google-warns...

submitted 1 day ago • 0 comments

RED ALERT THIS IS NOT A DRILL REPEAT RED ALERT, SNACK WRAP COMING BACK IN JUST OVER 1 MONTH *MCDONALD'S SAYS SNACK WRAP TO RETURN TO US ON JULY 10

submitted 2 days ago • 11 comments

We’re hunting spies.

submitted 2 days ago • 2 comments

Last week to get your @SLEUTHCON tickets!

submitted 3 days ago • 0 comments

Sorry I’m not home right now I’m launchining the spiderweb

submitted 3 days ago • 0 comments

Is that five airbases?

submitted 4 days ago • 0 comments

NEW | Pictures are emerging of the preparation of the operation Ukraine carried out today, using drones inside trucks. Ukrainian sources suggest the attack has been in the works for the past year and a half.

submitted 4 days ago • 10 comments

submitted 4 days ago • 1 comment

The asymmetry here is staggering. Not my area here, but not sure how any exposed airframe is gonna be able to survive an attack by swarm. The cost of destroying them is just too relatively low. A milllion dollar op vs a billion dollar airframe is a smart investment.

submitted 4 days ago • 1 comment

SBU officials now say this was a coordinate attack on four Russian airfields: Belaya, Dyagilevo, Olenya and Ivanovo.

submitted 4 days ago • 13 comments

This is Olenya airbase - one of Russia’s key strategic aviation facilities, hosting aircraft capable of carrying nuclear weapon

submitted 4 days ago • 20 comments

submitted 4 days ago • 1 comment

Our latest investigation…

submitted 4 days ago • 6 comments

Finnish DM: Best way to counter hybrid action is to lay a red line somewhere. Threat will grow & grow. Doesn’t specify where red lines should lie or what consequences that crossing them should trigger. But Fr DM contests cyber attacks on a hospital v 300-400 hospitals (“act of war”) #sld25

submitted 5 days ago • 2 comments

Honest review of SLEUTHCON:

submitted 7 days ago • 0 comments

Next week it's CRIME TIME!

submitted 7 days ago • 0 comments

Honest review of SLEUTHCON:

submitted 7 days ago • 0 comments

If you’ve been laid off from a cyber intel position, please reach out if you’d like to come to @sleuthcon.bsky.social.

submitted 16 days ago • 3 comments

From breach simulations to fantasy adventures, Skylar Simmons knows how to build a great scenario. Hear from Walmart’s deception and purple team lead at #SLEUTHCON 2025 www.sleuthcon.com #Cybersecurity #SLEUTHCON2025

submitted 13 days ago • 0 comments

Interlock ransomware hits network of over a dozen medical centers in Ohio, according to a ransom note reviewed by CNN. Elective inpatient and outpatient procedures have been canceled today: www.cnn.com/2025/05/20/p...

submitted 15 days ago • 0 comments

If you’ve been laid off from a cyber intel position, please reach out if you’d like to come to @sleuthcon.bsky.social.

submitted 16 days ago • 3 comments

If there aren’t t shirts with this art on it, what are we even doing. Best con art ever

submitted 16 days ago • 0 comments

See you there! 💕🐍

submitted 16 days ago • 0 comments

The @sleuthcon.bsky.social socks are in!

submitted 16 days ago • 0 comments

"US Navy 35mm presentation slides," slide 1 of 20 [gallery]

submitted 17 days ago • 0 comments

In light of the recent high-profile attacks on US and UK retail, we’re hosting a webinar next Wednesday on UNC3944, aka Scattered Spider. Get insight on the actor and expert advice on hardening the enterprise. www.brighttalk.com/webcast/7451...

submitted 20 days ago • 0 comments

John Mancuso is joining #SLEUTHCON 2025! Threat hunting. Malware reversing. Adversary tracking. He brings nearly 20 years of experience to the stage. Check out the other speakers + lineup! >>> www.sleuthcon.com #ThreatIntel #CyberDefense #MalwareAnalysis

submitted 21 days ago • 0 comments

Quoted in this @kevincollier.bsky.social piece on #cyber threats to US retailers, which highlights the reporting yesterday from @hultquist.bsky.social and the Google threat intel team on the UK attackers potentially shifting their focus across the pond: www.nbcnews.com/tech/securit...

submitted 21 days ago • 0 comments

BREAKING: Polish Prime Minister Tusk announced full certainty that the massive fire at Marywilska 44, a major wholesale center in Warsaw, was arson ordered by Russian intelligence.

submitted 24 days ago • 53 comments

From AMOS to full-on eCrime ecosystem player, macOS stealers have entered the chat. 🍎 Charlie Cullen + Maddie Stewart walk us through the evolution at #SLEUTHCON 2025! 🔗 www.sleuthcon.com #ThreatIntel #Cybercrime #macOSSecurity

submitted 27 days ago • 0 comments

Catch Charlie Cullen at #SLEUTHCON 2025 From macOS malware to ransomware ecosystems, his research spans platforms and languages. 🎟️ Save your spot >>> www.sleuthcon.com #Cybercrime #ThreatIntel #SLEUTHCON2025

submitted 27 days ago • 0 comments

Surprised to find out the Bojinka plot was 30 years ago. I hope we’re considering those lessons now when we review these sabotage incidents. www.theguardian.com/uk-news/2024...

submitted 28 days ago • 0 comments

If they’ll do it in meatspace, they’ll do it in cyberspace. therecord.media/uk-spies-see...

submitted 28 days ago • 3 comments

Don’t confuse the Ransomware-as-a-Service provider with the intrusion crew behind these incidents in the UK. The real driving force is probably the crew, who many have connnected to Scattered Spider. Those guys love to tear through a sector, so shields up if you’re UK retail.

submitted 33 days ago • 0 comments

Alarm bells going off for sabotage in Europe. If they’ll do it in meatspace they’ll do it in cyberspace.

submitted 36 days ago • 0 comments

Meet Jon DiMaggio, Chief Security Strategist at Analyst1! Author of The Art of Cyberwarfare + The Ransomware Diaries, Jon’s undercover work infiltrating ransomware gangs has been featured on 60 Minutes, CNN, + more. Catch him at #SLEUTHCON2025! 🔗 sleuthcon.com

submitted 37 days ago • 0 comments

The French government confirms Olympics related activity tied to APT28 in lead up to Paris games. The era of Russian Olympics shenanigans has not yet ended. www.diplomatie.gouv.fr/fr/dossiers-...

submitted 37 days ago • 0 comments

I’m the last person to say Europe shouldn’t worry about cyberattacks on critical infrastructure, but we should approach individual incidents carefully and skeptically. Psychological impact is probably the chief motive of this activity. Let’s not do the adversary any favors.

submitted 38 days ago • 1 comment

TRBs are back! t.co/XArCSEHDYE

submitted 38 days ago • 0 comments

My daughter asked me what I use to play on the iPad as a kid. I told her, I use to talk into a fan to sound like a robot.

submitted 39 days ago • 208 comments