Olivia
Online
Cybermidnight Club Podcast - Hackers, Music🏴☠
@TodayDarkweb
Cybermidnight #Podcast #CyberSecurity #CyberCrime #Hackers #Hacking #Infosec #Podcast #Darkweb #Deepweb @DarkwebToday @ADanielHill #NFTs #NFTCommunity #NFTArt
https://cybermidnight.club/
Joined June 2021
2.5K Following
4.6K Followers
42K Posts
Listen to "Data Analysis: Cybermidnight Club Podcast" by Cybermidnight Club– Hackers, Cyber Security and Cyber Crime. https://t.co/ppVx23A0zf
https://t.co/iAoYaQufTQ
CYBER INTELLIGENCE ALERT: POSSIBLE NEW INCIDENTS DETECTED — MEXICO 🇲🇽
[STATUS: UNCONFIRMED / NEW INCIDENTS]
Malicious activity has been detected against two public and private entities in Mexico, identified as cases #6867 and #6866, attributed to the same threat actor.
Affected Entities:
IMSS Bienestar (Mexico City) 🏥
Private Security of the State of Baja California 🛡️
Threat Actor: CHRONUSTEAM 👤
Date of Registration: June 2, 2026 📅
Mitigation Recommendations 🛡️
Technical Audit: The affected entities (IMSS Bienestar and the Baja California Private Security Agency) are urged to initiate incident response protocols to verify the extent of the intrusion.
Infrastructure Monitoring: Strengthen surveillance of endpoints and databases following confirmed activity by the CHRONUSTEAM actor.
Strategic Monitoring Tools 🌐
Intelligence Platform: https://t.co/wk9bZJ3laQ 💻
Security Verification: https://t.co/5LuqwzZ2HE 🛡️
#CyberSecurity #Mexico #IMSSBienestar #BajaCalifornia #CHRONUSTEAM #DataBreach #ThreatIntelligence #CyberAlert #VECERT #UnderInvestigation
![VECERTRadar's tweet photo. CYBER INTELLIGENCE ALERT: POSSIBLE NEW INCIDENTS DETECTED — MEXICO 🇲🇽
[STATUS: UNCONFIRMED / NEW INCIDENTS]
Malicious activity has been detected against two public and private entities in Mexico, identified as cases #6867 and #6866, attributed to the same threat actor.
Affected Entities:
IMSS Bienestar (Mexico City) 🏥
Private Security of the State of Baja California 🛡️
Threat Actor: CHRONUSTEAM 👤
Date of Registration: June 2, 2026 📅
Mitigation Recommendations 🛡️
Technical Audit: The affected entities (IMSS Bienestar and the Baja California Private Security Agency) are urged to initiate incident response protocols to verify the extent of the intrusion.
Infrastructure Monitoring: Strengthen surveillance of endpoints and databases following confirmed activity by the CHRONUSTEAM actor.
Strategic Monitoring Tools 🌐
Intelligence Platform: https://t.co/wk9bZJ3laQ 💻
Security Verification: https://t.co/5LuqwzZ2HE 🛡️
#CyberSecurity #Mexico #IMSSBienestar #BajaCalifornia #CHRONUSTEAM #DataBreach #ThreatIntelligence #CyberAlert #VECERT #UnderInvestigation](https://pbs.twimg.com/media/HJ15jmUaUAAouRK.jpg)
@VECERTRadar https://t.co/QjsTLry2ZN
Who to follow
Cybermidnight 🏴☠️
@darkwebtoday
We navigate the shadows of #Cybersecurity. forging a path of enlightenment in #Web3, #AI, and #RemoteHelp. embracing the power of awareness. #SocialMedia
RASHEED
@RASHEED104
👩🌾follow me follow back
Louis Nyffenegger
@snyff
Founder/CEO/Trainer/Researcher/CVE archeologist @PentesterLab. Security engineer. Bugs are my own, not of my employer...
🚨 CYBER ALERT: Chronus Team Activity
The "Chronus Team" has announced the formation of a new subdivision, the "Chronus Revolution Team," in collaboration with a new member identified as "H1." This group is actively recruiting and explicitly targeting banking fraud and carding operations throughout Mexico, with plans to expand across Latin America.
Additionally, intelligence indicates new malicious activity attributed to this actor, targeting public and private entities in Mexico. Stay vigilant—the "devil is on the loose." 😈
#CyberSecurity #LatAmUnderAttack @Thelizard001 #FraudPrevention #ChronusTeam #DataBreach
🚨 ALERTA DE CIBERCRIMEN: Actividad del Chronus Team
El "Chronus Team" ha anunciado el lanzamiento de una nueva subdivisión llamada "Chronus Revolution Team", junto con su nuevo miembro "H1". El grupo está reclutando activamente y se dedica específicamente al fraude bancario y a la clonación de tarjetas (carding) en México, con planes de expansión hacia toda Latinoamérica.
Además, se ha detectado actividad maliciosa atribuida a este mismo actor, la cual ha afectado a entidades públicas y privadas en México. Como ellos mismos han advertido, "el diablo anda suelto". Manténganse alerta.
#CyberSecurity #FraudeBancario @Thelizard001 #LatAmUnderAttack #ChronusTeam #Ciberseguridad
Que interesante documento en video nos presenta Alberto D. Hill, experto en estos temas.
Como siempre con una gran capacidad de análisis nos relata lo que pasa en su país el cual es un espejo de lo que vivimos en cualquier lugar de LA.
Tienes que escuchar. 🫵🏼
Entrevista Exclusiva: Alberto Daniel Hill vs. PampaLeaks https://t.co/MI6KwtNrUp
Exclusive Interview: Alberto Daniel Hill vs. PampaLeaks https://t.co/VzZ2MooNGx
Just a Big Reminder there’s No hiding on the Internet 🫵🏽💯
#Pampaleks Nuevo servicio 🤔
Other update #2: To be fair I would not have know about this Tenant (or the other two without @userlolxxl to begin with).
cc: @cyb3rops
1) I believe there are more of these Tenants out there - have not gotten to them (I’ve never touched ‘cloud stuff’ before in my life)
2) Even this @virustotal graph - I may have thrown some data (i.e. ‘the kitchen sink’ into VT, but it was - and to be clear, the expertise of @userlolxxl who put in the work to make it look nice & pretty.
2) @Cyb3rops you put out a statement earlier re: ‘Bug Bounty & Responsible Disclosure’. Once is an instance, thrice is a hobby?
-Unclear if that applies here, it just sounds nice
-I tried reporting these, I sounded like a dipstick calling/writing to Microsoft that ‘hey guys…sooo…there is this one tenant thing that isn’t mine but is open with my ID/Creds/etc. No dice.
-@userlolxxl took it to the next level and put the data in an easily readable form & submitted it in to MSRC (it’s been a minute now), a ‘bug bounty report’ for these 3 Tenants). Have not heard back from MSRC about them.
-If not mistaken, I believe @userlolxxl also put in a bug bounty report for the subdomain (takeover/makeover?) for -> myCCID[.]ualberta[.]ca
-The email address that had the BEC/ATO (reported 100x over, fell upon deaf ears). My old email address is also a ‘subdomain’ now - I have no idea how that happens (not the only instance of this) -> I was told by @easyDNS and @CIRA the only way this would have been possible, is if I was a ‘Global admin’ at some point or another ( I provided screenshots of that and both #Evidence & #Data to @userlolxxl ) regarding this showing that I was at one point or another ( Uni told me “No Problems” when providing them a vulnerability report = IRL a significant amount of problems across sectors & countries ).
So to be clear…just wanted to clarify…I might have the #Data and #Evidence, but it is @userlolxxl who found the other 2 ‘Rogue’ Tenants that are under my name (still up and running…). I’ve tried reporting - I sounded like a dipstick.
@userlolxxl put in the ‘hard earned work’ - they have yet to receive any acknowledgement about the 3 malicious ‘Tenants’ nor the Subdomain thing.
It’s only #Canada ‘s 3rd largest University [ #Education, and our Provincial #Healthcare & #Government systems ] no big deal right?
No response from @albertaNDP @NathanIpYEG (who I have reported to directly and provided a ‘live presentation on’ ( wherein during ‘live presentation’ @albertaNDP was found to be ‘bleeding out’ their #Data direct to RU ip address - still active )
cc: @ADanielHill this is the kind of ‘ridiculousness’ I was referring to. I could literally slap a report on ‘whoevers’ desk here, but a lack of understanding (similar to your points on a ‘protocol of silence’ - I liken this much to be similar to a lesser and mas estupido version of that).
@ADanielHill Shining the light on the Madness as it’s Happening ‼️🔥
https://t.co/kxmfTUfBHk
@userlolxxl @g0njxa Just sent the best metaphor of what this means to @TheBreakdownAB here in @Alberta that makes some sense (if you will) to non-technical people. Does this look about correct @ADanielHill ??
https://t.co/eXWbidXAxu
Tested and validated by me.
Validated by me.
Darias Daries https://t.co/lK2O2iDS0Y
@g0njxa (Looking for “Defo not an Expert”) - I have 3 Tenants (not mine, not my jam, your guess is as good as mine).
Oh wait…#DataBreach at #Canada’s 3rd Largest University, ATO/BEC -> Multi-Account Takeover b/c non-technical Karen’s -> “No Problems” [ #Education ] + Time for Lateral Movement & Privilege Escalation over to @youralberta @albertandp @albertaUCP @Treaty8FNA @CT6FN_ RCMP/EPS/CrimeStoppers #Government + @AHS_media #Healthcare = this is only 3 Tenants of ??
- - -
Translation: You are actively being (literally not figuratively) robbed as we speak #Alberta
- - -
@cyb3rops to follow up, reporting things like this = MSRC @microsoft folks weren’t friendly or helpful when I tried to report these (when I had less of an idea of what was going on).
- - -
cc: @userlolxxl I believe is finding much of the same:
“I did reported: EntraID POwerAppsPOrtal - blank page template: d2e21312-0f63-4c25-8e95-fbd008baed07
Report
Web site: https://t.co/t2Nk1xa5pZ contains in its source code publicly available tenant 718b8a9b-44d8-441a-a344-4294ea842172. This tenant was misused/abused by criminals. The complex study is published: https://t.co/AoNrdNoJdh. We identified the url of PowerApps circa a year ago using FOFA: https://t.co/5jzmDrcUrV further, published on X (latest): https://t.co/m0BgOp1VlG
Pulses are published on LevelBlue/OTX; the most important: https://t.co/nd29Uha2KT (https://t.co/OoSgb51cHg), 2096 group especially focusing to solve stolen identity of the person associated with this tenant 718b8a9b-44d8-441a-a344-4294ea842172. Could you please remove the tenant from the publicly available website? .......................I wonder if anyone will hear back at all.”
https://t.co/A3cF3juzZx = 1x Tenant of the 3 highlighted below.
- - -
Certificates cc: @magicswordio are being pulled (apparently they’re on everything). It’s wild. @skocherhan just matching them up for takedown yayyy (there are literally thousands - that…is not normal). Taking their sweet time finally to ‘go away’ hopefully. ***************************************************
- - -
***Psuedo-related Q: Anyone want to buy a sub-domain at one of #Canada’s largest Universities? (or more?) The said subdomain is quite literally my name & email (just one) siphoning off #Data #Money #Evidence whathaveyou for a ‘hot minute’. But the registrars say it’s legit and mine - so…there is that. cc: @ADanielHill
![medsci_yb3r's tweet photo. @g0njxa (Looking for “Defo not an Expert”) - I have 3 Tenants (not mine, not my jam, your guess is as good as mine).
Oh wait…#DataBreach at #Canada’s 3rd Largest University, ATO/BEC -> Multi-Account Takeover b/c non-technical Karen’s -> “No Problems” [ #Education ] + Time for Lateral Movement & Privilege Escalation over to @youralberta @albertandp @albertaUCP @Treaty8FNA @CT6FN_ RCMP/EPS/CrimeStoppers #Government + @AHS_media #Healthcare = this is only 3 Tenants of ??
- - -
Translation: You are actively being (literally not figuratively) robbed as we speak #Alberta
- - -
@cyb3rops to follow up, reporting things like this = MSRC @microsoft folks weren’t friendly or helpful when I tried to report these (when I had less of an idea of what was going on).
- - -
cc: @userlolxxl I believe is finding much of the same:
“I did reported: EntraID POwerAppsPOrtal - blank page template: d2e21312-0f63-4c25-8e95-fbd008baed07
Report
Web site: https://t.co/t2Nk1xa5pZ contains in its source code publicly available tenant 718b8a9b-44d8-441a-a344-4294ea842172. This tenant was misused/abused by criminals. The complex study is published: https://t.co/AoNrdNoJdh. We identified the url of PowerApps circa a year ago using FOFA: https://t.co/5jzmDrcUrV further, published on X (latest): https://t.co/m0BgOp1VlG
Pulses are published on LevelBlue/OTX; the most important: https://t.co/nd29Uha2KT (https://t.co/OoSgb51cHg), 2096 group especially focusing to solve stolen identity of the person associated with this tenant 718b8a9b-44d8-441a-a344-4294ea842172. Could you please remove the tenant from the publicly available website? .......................I wonder if anyone will hear back at all.”
https://t.co/A3cF3juzZx = 1x Tenant of the 3 highlighted below.
- - -
Certificates cc: @magicswordio are being pulled (apparently they’re on everything). It’s wild. @skocherhan just matching them up for takedown yayyy (there are literally thousands - that…is not normal). Taking their sweet time finally to ‘go away’ hopefully. ***************************************************
- - -
***Psuedo-related Q: Anyone want to buy a sub-domain at one of #Canada’s largest Universities? (or more?) The said subdomain is quite literally my name & email (just one) siphoning off #Data #Money #Evidence whathaveyou for a ‘hot minute’. But the registrars say it’s legit and mine - so…there is that. cc: @ADanielHill](https://pbs.twimg.com/media/HJ11BvFXsAAl7j1.jpg)
Last Seen Users on Sotwe
รวมคริปเสียวชายๆ
Seen from Thailand
Ercan Demir 
Seen from United Kingdom
AŞK ARAYAN KADIN ❤️
Seen from Turkey
babji bala
Seen from Jordan
Eliseoantoniovazquezok 🔞🔞🔞
Seen from Argentina
ballbear
Seen from Japan
Penikmat stw
Seen from Indonesia
Konten terupdate, PAP, Video, Bahan Bacol
Seen from Indonesia
HOÀNG TỬ ĐÁ
Seen from Vietnam
ZEVK TUFANI 🔞
Seen from Turkey
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers