Profile avatar
opalsec.io
Daily Cyber News Summaries, straight to your inbox 👉🏻 opalsec.io
156 posts 27 followers 65 following
Prolific Poster
Active Commenter
Posts 30 Comments 20

Mandiant is now aware of multiple incidents in the airline sector that resemble Scattered Spider. The industry should button up its call centers where this actor has had a lot of success with social engineering. www.axios.com/2025/06/27/a...

submitted 2 days ago • 0 comments

mas.to/@statsguy/11... Google, this is why I can't trust your AI generated answers

submitted 65 days ago • 0 comments

I took a look at the changes to Microsoft Recall, which is rolling out to compatible Windows devices soon. Photographic memory that stores all your deleted messages, keystrokes etc 😅 doublepulsar.com/microsoft-re...

submitted 69 days ago • 6 comments

"Defense Secretary Pete Hegseth shared detailed information about forthcoming strikes in Yemen on March 15 in a private Signal group chat that included his wife, brother and personal lawyer, according to four people with knowledge of the chat." www.nytimes.com/2025/04/20/u...

submitted 70 days ago • 0 comments

In the midst of a Trade War - would China actually pull the trigger on destructive cyber attacks using known footholds (think Volt & Salt Typhoon) in US critical infrastructure? 🤔 We've taken a closer look at how this could - and has - unfolded: opalsec.io/is-cyber-a-l... #InfoSec #ThreatIntel

submitted 70 days ago • 0 comments

Chris Krebs (@thekrebscycle.bsky.social) is being politically persecuted, and in this week's Seriously Risky Business podcast @tom.risky.biz and I talk about why we're not expecting an outcry from angry cybersecurity executives FULL VIDEO: www.youtube.com/watch?v=1oSJ... AUDIO: risky.biz/SRB117/

submitted 73 days ago • 4 comments

In a last-minute switch, the #CISA said it will continue funding a contract for #MITRE to manage the CVE program and other vulnerability databases. via @derekbjohnson.bsky.social cyberscoop.com/cisa-reverse...

submitted 74 days ago • 0 comments

This makes no sense if you look at it from a targeting point of view. Why would the NSA even go after a sporting event. There isn't anything of worth for an intel op there. This looks like a political move, China falling for a false flag, or just a straight-up made up case

submitted 75 days ago • 3 comments

@campuscodi.risky.biz did a great write up on an APT10's clever use of the Windows Sandbox to keep malware stealthy... running malware in Windows Sandbox via a scheduled task from a separate account is smart. You don't gotta hand it to 'em etc. risky.biz/risky-bullet...

submitted 75 days ago • 0 comments

Palo Alto looks at Slow Pisces, a North Korean APT and its recent campaign that targeted cryptocurrency developers on LinkedIn, posing as potential employers, and sending malware disguised as coding challenges. unit42.paloaltonetworks.com/slow-pisces-...

submitted 75 days ago • 0 comments

Noticed a bunch of these ornate gold medallions slapped all over the Oval Office. We found em on Alibaba. “High-density Home Decoration Polyurethane Appliques Ornament PU Foam Veneer Accessories” from seller Guangzhou Homemax Decorative Material Limited. sherwood.news/power/shop-t...

submitted 75 days ago • 634 comments

#Chinese law enforcement places #NSA operatives on wanted list over alleged #cyberattacks. The allegations, supported by the foreign ministry, are more specific and aggressive than usual and say the U.S. sought to disrupt the Asian Winter Games. via @timstarks.bsky.social youtu.be/SAPjQxbruL0?...

submitted 75 days ago • 0 comments

Dutch police study on ransomware: -companies with cyber insurance pay almost 2.8 times bigger ransoms than non-insured ones -95/100 have to pay ransomware groups or go bankrupt -those with backups paid ransoms 27 times less often cyberpolice.gov.ua/news/infikuv...

submitted 75 days ago • 1 comment

submitted 77 days ago • 38 comments

submitted 76 days ago • 0 comments

🚨 New ASR rules are now GA: ❌ Block rebooting in Safe Mode 🕵️‍♂️ Block copied/impersonated system tools ASRGEN had these since preview. 😎 Want to: ⚡ Quickly create Intune-ready ASR policies 🧪 Simulate and understand rule impacts Check → asrgen.streamlit.app Be proactive. Be precise.

submitted 76 days ago • 0 comments

submitted 79 days ago • 259 comments

I guess because like five of us are saying something, what was done to @thekrebscycle.bsky.social is an absolute injustice and a mockery of his selfless service. America no longer supports or protects critical infrastructure defenders. I hope someone else appreciates him a lot more.

submitted 78 days ago • 9 comments

Recent developments in the US suggest a troubling shift away from expert-driven cyber defense towards political expediency. From sidelined Russia operations to gutted agencies, we examine the evidence and the potential global fallout. Read our full analysis here: opalsec.io/eroding-foun...

submitted 80 days ago • 0 comments

This should be obvious!

submitted 83 days ago • 196 comments

there is no stock market collapse and looming recession in america

submitted 85 days ago • 3 comments

SVGs carrying obfuscated JS code to redirect users to phishing sites.... the new trend: sublime.security/blog/scripti... www.forcepoint.com/blog/x-labs/... asec.ahnlab.com/ko/87057/

submitted 87 days ago • 1 comment

Pictured: the place which is, according to the Trump White House, apparently imposing 10% tariffs on the United States. Note the total lack of any human settlements there.

submitted 88 days ago • 118 comments

We go now live to our economics editor who has broken out the good whiskey and seems to be playing with a revolver. How are the markets reacting Greg

submitted 88 days ago • 37 comments

Some personal news: new gig starting tomorrow. All I have to do is sit around a campfire. if I hear a noise, I stand up, look around, and say “must have been the wind.” Sounds pretty easy. Not sure why the last guy quit.

submitted 86 days ago • 5 comments

financial advice in a weird time: -- develop a plan -- find friends who support you -- preferably 10 of them -- steal $160 million from the Bellagio, the Mirage, and the MGM Grand -- yes those are Terry Benedict's casinos -- get your wife back -- one of the friends should be Don Cheadle btw simple

submitted 87 days ago • 151 comments

New Ivanti zero-day: forums.ivanti.com/s/article/Ap... Mandiant links it to a known Chinese APT (UNC5221): cloud.google.com/blog/topics/...

submitted 87 days ago • 3 comments

We've thrown out all the other babies with the bathwater, what's a few more 🤷🏻

submitted 86 days ago • 0 comments

Hacker Claims Twilio’s SendGrid Data Breach, Selling 848,000 Records hackread.com/hacker-twili...

submitted 86 days ago • 0 comments

🧵 Grab your beverage of choice ☕, because there's a LOT to recap from the last 24 hours. Check it out here 👉 opalsec.io/daily-news-u... There's a lot to digest, so here's a TL;DR on the key points:

submitted 87 days ago • 1 comment