Stefan Soesanto’s Tweets

So ... I wrote something about cyber deterrence. It encapsulates my explanation, critique, questions, and thinking on cyber deterrence. It also tries to explain what is attainable and what is not - and where we might go from here. airuniversity.af.edu/AUPress/Displa

Member of Hacking Group Sentenced for Scheme that Compromised Tens of

Catalin Cimpanu

@campuscodi

Denis Yarmak was sentenced today to five years in prison Yarmak was a member of the FIN7 group. More precisely, he was the guy who managed their JIRA 🤣

justice.gov

A Ukrainian man was sentenced today in the Western District of Washington to five years in prison for his criminal work in the hacking group FIN7.

FYI: I don't have a position on whether this op is acceptable behavior or not. All I know is that what is happening in Ukrainian and Russian cyberspace will not stay there.

lol😆

Quote Tweet

Gavin Wildе

@gavinbwilde

· 14h

GRU Takedown Awards

14h

I mean ... it's one thing to screw with a Russian company. It's quite another for a Ukrainian government sponsored group to target 1.5k Russian users with a fake app and then leak their names and emails.

Topics to follow

Carousel

14h

The IT Army claims to have breached a database of Rossgram beta sign-ups (Russian Instagram clone), then created a fake Rossgram app, send invites to said beta users, then pushed notifications out to those users that Rossgram was hacked and then leaked the data of the beta users

1:36

3.4K views

What has the world come to when you can't even trust murder-for-hire groups to not scam you on the dark web.

GIF

read image description

ALT

Quote Tweet

Catalin Cimpanu

@campuscodi

· Apr 6

Romanian law enforcement has searched the homes and detained five members of a criminal group who ran murder-for-hire websites on the dark web Romanian authorities intervened at the behest of US agencies to detain the group diicot.ro/mass-media/349

Show this thread

Ellen Nakashima

@nakashimae

U.S. government and energy firms close ranks, fearing Russian cyberattacks

NEW: Fearing Russian cyberattacks, U.S. and energy firms close ranks. I spent time with Berkshire Hathaway Energy in Iowa, seeing their plants and their inner sanctum ops center.

washingtonpost.com

After years of what critics saw as lip service, cybersecurity collaboration between the federal government and some critical industries has taken root, officials and industry leaders say, and it...

Selena

@selenalarson

Justice Department Announces Court-Authorized Disruption of Botnet

DOJ authorized disruption of Sandworm botnet, removing Cyclops Blink (VPNfilter replacement) from "thousands of infected network hardware devices"

justice.gov

Dustin Volz

@dnvolz

Apps With Hidden Data-Harvesting Software Are Banned by Google

Google has yanked dozens of apps from its Google Play store after determining that they include software that surreptitiously harvests data. The code is linked to U.S. national-security contractors, documents show

wsj.com

Code placed in consumer-facing apps is tied to U.S. national-security contractors, documents show.

In Cyberspace, Governments Don’t Know How to Count

For reference: I wrote about the problem of "counting" back in 2018

defenseone.com

NATO’s governments can’t agree on what constitutes a cyber attack, and that’s a big problem.

I still don't understand what

@dsszzi

is counting. Would be good if they could explain what incidents/vectors are included in the 198 number.

Quote Tweet

SSSCIP Ukraine

@dsszzi

· Apr 6

According to the @dsszzi analysis, the top 5 branches that suffer from #cyberattacks are central and local governments, the security and defense sector, commercial organizations, the financial sector, and telecom #Ukraine #WARINUKRAINE

I still remember this from back in 2003 and how outraged people in the US were.

swissinfo.ch

ICRC says PoW images breach Geneva Convention

The International Committee of the Red Cross (ICRC) has strongly criticised television footage showing prisoners of war in Iraq. The humanitarian organisation said the pictures were in violation of...

The IT Army has been defacing gazprom sites with pictures of Bucha. (I rarely see the IT Army using defacements as their tactic of choice as the impact is too short lived and miniscule. They only makes sense as a content mean to rally IT Army support)

Twitter won't recommend Russia govt accounts, will prohibit some POW content

Kind of mindblowing how slow Twitter has been reacting to violations of Article 13. Then again, I can't shake the eery feeling that Twitter management did it on purpose as a way to support the Ukrainian war effort

reuters.com

Twitter said on Tuesday it will not recommend Russian government accounts to users as part of a rule change affecting accounts run by states which limit access to the open internet and are engaged in...

Wordle but with CVEs. What the 🤣 cverdle.io

Joe Tidy

@joetidy

Hydra: How German police dismantled Russian darknet site

Hydra: How German police dismantled Russian darknet site. The Frankfurt prosecutor who led the operation tells me that taking down the infamous site gave his whole team “goosebumps�?.

bbc.co.uk

German police say illegal sales on the site amounted to at least £1bn a year

178

Martin Matishak

@martinmatishak

Around the horn with the U.S. Cyber Command chief

NEW: I sat through two congressional hearings with

@CYBERCOM_DIRNSA

so you didn't have to! Here are the highlights from today's double-feature testimony: therecord.media/around-the-hor On

@TheRecord_Media

therecord.media

U.S. Cyber Command chief Gen. Paul Nakasone made a pair of appearances before House and Senate lawmakers on Tuesday, offering insights on the latest digital threats to the nation and how his agency...

OFAC sanctions for looooots of Hydra related wallets

home.treasury.gov

Kevin Collier

@kevincollier

Hackers flood internet with what they say are Russian companies' files

New: Hacktivists (or at least people who present themselves as such) have been consistently flooded the zone with leaks from major Russian organizations since the invasion started. I tried to reckon with the information overload:

nbcnews.com

The leaks are part of a larger ecosystem of amateurs trying to help Ukraine’s war efforts with their own keyboards.

114

👀

Quote Tweet

Bandera Hackers

@BanderaHackers

· Apr 5

Взломали �?еть ро�?�?ий�?ких �?ертификационных агент�?тв и и�?пытательных лабораторий. Разрушили инфра�?труктуру, удалили 46ТБ данных включа�? бекапы, выгрузили в�?е данные из локальной CRM �?и�?темы, задефей�?или �?айты. #UkraineWar #UkraineWillResist #OpRussia #HackersAgainstPutin

Show this thread

Kevin Collier

@kevincollier

In a Zoom presser earlier today, UKR Telecom CIO Kirill Goncharuk said the hack on his ISP started with compromised credentials from an employee in a territory Russia recently occupied. Declined to address the potential implication that the employee was physically coerced.

126

206

Ep 114: HD

invented a hacking tool called Metasploit. He crammed it with tons of exploits and payloads that can be used to hack into computers. What could possibly go wrong? darknetdiaries.com/episode/114

191

774

Martin Matishak

@martinmatishak

Cyber Command chief: U.S. has 'stepped up' to protect Ukraine's networks

“We provided remote analytic support to Ukraine & conducted network defense activities aligned to critical networks from outside Ukraine — directly in support of mission partners,�?

@CYBERCOM_DIRNSA

said in testimony to the Senate Armed Services Committee.

therecord.media

U.S. Cyber Command chief Gen. Paul Nakasone said Tuesday that his organization has “stepped up�? its efforts to strengthen Ukraine’s networks and cyber defenses against Russian digital attacks since...

🤣😆

Quote Tweet

RBRU

@RUH4X0R

· Apr 4

Let's talk about #Liberator the #DDoS tool going around. We took a look at the tool and intercepted some traffic going out of the tool, we came to a highly suspicious VPS Server. Read the thread to see how uneducated the devs are #Ukraine #Russia #UkraineRussiaWar #RussianWar

Show this thread

Never forget that we are in the middle of an information war ... and your mind is the target.

According to the IT Army, Clearview identified 582 abandoned RU corpses through which they contacted relatives and friends. From a Russian view, one could argue that Clearview directly supports UKR information warfare operations.

The IT Army published a YT vid today in their Telegram channel. I won't link the vid cause it shows POWs. In it the IT Army shows the use of Clearview to identify dead RU soldiers, and how they go to the social media to send relatives and friends pics of the dead body & ID

Hack-A-Sat

@hack_a_sat

Time to hone your skills, quals is quickly approaching... Registration for the #HackASat3 Qualification Round opens THIS FRIDAY. #satellitesecurity #spacesecurity

The IT Army channel is steadily losing subscribers. First sign of disillusionment, repetitive tasking, boredom?

Pathless Road - Buckethead

Headphones on. Pathless Road. Let Monday begin

youtube.com

Pikes #102

CyberKnow

@Cyberknow20

Apr 3

🚨🚨Update 11. 4 APR. #cybertracker 🚨🚨 74 Groups: 48 Pro-Ukraine 23 Pro-Russia 3 UNK. Usual caveats apply. Thanks

@CuratedIntel

for info. #cybersecurity #ThreatIntelligence #Russiaukrainewar #UkraineRussiaWar #CyberAttack #infosec cyberknow.medium.com/update-11-2022

105

ЭКСКЛЮЗИВ! Дмитрий Щигель�?кий и Юлиана Шеметовец про движение...

Apr 2

The Stoprussiachannel picked up the news. It describes the Bandera Hackers as a "Ukrainian cyber group." (For context: According to the Ukrainian Ministry of Internal Affairs, the Stoprussiachannel was created by the Ukrainian Cyberpolice on Feb 26.)

would it be possible to add English subtitles to the "ЭКСКЛЮЗИВ! Дмитрий Щигель�?кий и Юлиана Шеметовец про движение Супраціў и Кибер-Партизан" video? (YT's auto-translation is only partially helpful)

youtube.com

Вітаем, белару�?ы!Это ЭКСКЛЮЗИВ. Запи�?ь пре�?�?-конференции движени�? «Супраціў» и «Кибер-Партизаны» на Радио 97.26 марта 2022 в Варшаве �?о�?то�?ла�?ь пре�?�?-конфере...

Interesting approach. For my taste though too limited in reach and easily debunked. Ops might want to deface multiple site with legit looking information at the same time. Usually it's always better to create the illusion of a group conspiracy.

Quote Tweet

Cyber, etc...

@cyber_etc

· Apr 2

Russia

: the #Sukhoi website was hit by a #cyberattack on April 2. A false statement was published on the site, in which the CEO of the UAC group, of which Sukhoi is a part, announced his resignation in protest against the war in #Ukraine. #Defacement #OpRussia Via Kommersant

Show this thread