Lawrence Abrams

4 months ago

New data theft campaign is targeting Okta SSO-connected platforms. Extortion demands signed by ShinyHunters. https://t.co/T2ieyZVKUT

4 months ago

Okta SSO accounts targeted in vishing-based data theft attacks - @LawrenceAbrams https://t.co/16uPzf7elf https://t.co/16uPzf7elf

0

27

6

9

10K

0

10

6

0

5K

6 months ago

My scoop: PornHub extorted by ShinyHunters for the theft of over 200 million activity data records for Premium members. The data is detailed linking member's emails to what videos they watched, downloaded, and searched for. https://t.co/EwiVHyCvO1

6 months ago

🚨PornHub is being extorted by the ShinyHunters extortion group over the theft of over 200 million Premum member activity data records. Both PornHub and ShinyHunters claim the data was stolen in the recent Mixpanel breach. https://t.co/M1mrL20jYd

61

1K

223

337

415K

19

1K

164

302

196K

Who to follow

Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!

DarkFeed

@ido_cohen2

DarkFeed: Cyber Threat Intelligence Platform, Putting things at order in the ransomware crazy world #OSINT | #Ransomware | #Cyberattacks | #Hacktivism

3xp0rt

@3xp0rtblog

Malware and cybercrime | Cyber Threat Intelligence Analyst at @PRODAFT https://t.co/FMGOkGnMR8

LawrenceAbrams retweeted

𝕯𝖒𝖎𝖙𝖗𝖞 𝕾𝖒𝖎𝖑𝖞𝖆𝖓𝖊𝖙𝖘

@ddd1ms

7 months ago

The rise and fall of LockBit Gang. It’s clear that FBI Newark and their partners have a solution even to the most prolific ransomware operation.

ddd1ms's tweet photo. The rise and fall of LockBit Gang.

It’s clear that FBI Newark and their partners have a solution even to the most prolific ransomware operation. https://t.co/M8UcTM7kuD

4

28

1

3

9K

7 months ago

The security incident at University of Pennsylvania appears to be a more extensive breach than originally stated. My scoop: https://t.co/STXDQujTxx

0

7

1

2K

LawrenceAbrams retweeted

8 months ago

The Clop ransomware gang confirmed to BleepingComputer they are behind the emails, claiming they exploited an Oracle bug to steal the data. “We not prepared to discuss details at this time. Soon all will become obvious that Oracle bugged up their core product and once again, the task is on clop to save the day. We do not damage to systems and only expect payment for services we provide to protect hundreds of biggest companies in world.”

5

151

53

48

48K

8 months ago

My scoop from earlier today. A sample shared with me had a full PDF customer engagement report.

8 months ago

Red Hat confirms security incident after hackers claim GitHub breach - @LawrenceAbrams https://t.co/kEx58sDjIg https://t.co/kEx58sDjIg

4

188

89

45

33K

1

6

0

1

2K

8 months ago

@DarkWebInformer Where did you get that email ?

0

1

0

282

10 months ago

@GhostyTongue @BleepinComputer No this is different from what I understand.

0

82

LawrenceAbrams retweeted

3xp0rt

@3xp0rtblog

11 months ago

The XSS forum community is actively discussing the situation. However, it appears that moderators are removing all content where the admin (LARVA-27) is being discussed. This was confirmed in a Telegram chat by moderator LARVA-466 (Rehub). The goal is to suppress any narrative that could turn the situation into a newsworthy event and to "troll" Westerners in the process. However, while the xss[.]is domain displays a seizure notice, the backup domain xss[.]as, the .onion site, and the Jabber service at thesecure[.]biz are still online and functioning.

3xp0rtblog's tweet photo. The XSS forum community is actively discussing the situation. However, it appears that moderators are removing all content where the admin (LARVA-27) is being discussed. This was confirmed in a Telegram chat by moderator LARVA-466 (Rehub). The goal is to suppress any narrative that could turn the situation into a newsworthy event and to "troll" Westerners in the process. However, while the xss[.]is domain displays a seizure notice, the backup domain xss[.]as, the .onion site, and the Jabber service at thesecure[.]biz are still online and functioning.

7

150

39

106

38K

LawrenceAbrams retweeted

11 months ago

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks - @LawrenceAbrams https://t.co/R4kPiB7HVb https://t.co/R4kPiB7HVb

5

205

68

30

19K

11 months ago

🚨 Don’t miss our upcoming BleepingComputer webinar with @specopssoftware and @SCMagazine! We'll discuss how stolen credentials and identity-based attacks have become a favorite way to break into networks. 🗓️July 9th at 2 PM ET ➡️Register here: https://t.co/AIuQIqoZLc

LawrenceAbrams's tweet photo. 🚨 Don’t miss our upcoming BleepingComputer webinar with @specopssoftware and @SCMagazine!

We'll discuss how stolen credentials and identity-based attacks have become a favorite way to break into networks.

🗓️July 9th at 2 PM ET

➡️Register here: https://t.co/AIuQIqoZLc https://t.co/9dSy5X6DQ5

1

8

0

1

1K

12 months ago

@grepnap @BleepinComputer @serghei 🤔

1

4

0

408

12 months ago

Original leak of stolen 2021 AT&T data had three files, a MASTER file containing encrypted SSNs and date of births, and two other files mapping the encrypted data to the plain text SSNs and DOBs. The new repackaged leak adds the unencrypted SSNs and DOBs to each customer record.

0

3

0

972

12 months ago

FYI, the repackaged AT&T data breach leak on XSS is from the 2021 breach, not the April 2024 Snowflake data theft attacks. Data matches the 2021 data leaked in March 2024. https://t.co/UuvgaxzyIb

1

7

2

1

2K

12 months ago

ShinyHunters is the threat cluster to track this year. They, or threat actors claiming to be, are behind a lot of the attacks we are seeing. https://t.co/80tJLcdWs8

0

19

7

6

5K