Olivia
Online
Jan Kopriva
@jk0pr
Just one of the infosec crowd.
Between red team and blue team
Joined July 2019
336 Following
687 Followers
392 Posts
Pinned Tweet
@bugfireIO Thank you, @bugfireIO, and I will send you a link to a file with body of the e-mail in a DM...
The strange case of disappearing Russian servers https://t.co/sCpjfUb6nb
Dnes jsem byl pozván do vysílání odpoledního Studia ČT 24, kde jsem odpovídal na otázky spojené s aktuálními výpadky spojenými s chybnou aktualizací pro senzory CrowdStrike Falcon pro Windows...
https://t.co/rF7GFHceXB
Who to follow
Group-IB Threat Intelligence 
@GroupIB_TI
Official account of the @GroupIB Threat Intelligence Unit. Latest research, analytics, IOCs and threat alerts.
CAPE Sandbox
@CapeSandbox
Payloads or it didn't happen.
https://t.co/rAVsWT6dcl
Joe Security
@joe4security
Deep Malware and Phishing Analysis for Windows, Android, macOS and Linux.
Few weeks ago, I came across a somewhat unusual phishing message that used a slight twist on the "reply-chain" theme to make it through e-mail filters.
It is not new, but since I didn't find any write-ups of it anywhere, I wrote a short article, which you may find bellow...
"Reply-chain phishing" with a twist https://t.co/qqMIMach2Z
Support of SSL 2.0 on web servers in 2024 https://t.co/VnkoagQ2qh
It appears that the number of ICS accessible from the internet has risen by 30 thousand over 3 years https://t.co/ijfLelgCtW
It occurred to me that the current situation surrounding the xz-utils backdoor might present a good opportunity for a quick analysis to see if national or governmental CSIRTs/their host organizations/similar entities publish security advisories during holidays...
The xz-utils backdoor in security advisories by national CSIRTs https://t.co/8NrlIGKz5T
An open redirect vulnerability exists in what remains of the Google Web Light service, and it is being actively exploited by threat actors in multiple phishing campaigns...
#phishing #Google #vulnerable
https://t.co/JzdNQusSPN
Threat actors generally like to use legitimate third-party online services to host malicious content, since it makes their job significantly easier. And - unfortunately - even the Internet Archive is no exception in this regard...
Phishing pages hosted on https://t.co/PlDWCzNEma https://t.co/QAOnaw8Foz
Computer viruses are celebrating their 40th birthday (well, 54th, really) https://t.co/UZJT6IYu7e
The smallest and largest #malware samples that were "caught" by my e-mail trap in 2023 were a small (<2 kB) VBScript file and a very large (350 MB) EXE... And what might come as a surprise is, that these two samples were pretty much functionally identical. https://t.co/VFPmMKx1mX
Phishing page with trivial anti-analysis features https://t.co/AH6FExcqVC
I was recently asked whether typos were still a useful indicator for identifying phishing messages. To answer this question, I wrote a short post, which was just published on the Internet Storm Center website...
Are typos still relevant as an indicator of phishing? https://t.co/dVuWYEIbWX
Co se stalo v září?🤔
Novinkami a událostmi z kyberprostoru vás tradičně provedou @StanleyNovo a @jk0pr. Tentokrát se věnovali novinkám, jako:
👉Ransomware Útok na MGM a Caesars
👉Severokorejští Hackeři a Kyberloupež
👉Čína vs USA
👉Microsoftu Unikly Desítky TB Dat
👉Kybernetické Útoky Jako Mezinárodní Zločiny
👉Británie Odkládá Plány na Scanování Zpráv s E2E Šifrováním
👉OpenSSL 1.1.1 End of Life
👉Doporučení pro Manažery a Architekty KB
#ITbezpecnost #CyberSecurity #Novinky #SecurityCast
Last week, I came across an interesting phishing, in which a text with zero font size was used in quite a novel way in order to make the message appear more trustworthy. You may find details in the article linked below...
A new spin on the ZeroFont phishing technique https://t.co/cZAoUC0L77
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a simple phishing which demonstrates quite well that the cost of committing cybercrime can unfortunately be extremely low…
The low, low cost of (committing) cybercrime https://t.co/9ICh4qj4Wy
One doesn't often find malware with 0 detections on VirusTotal, especially if it isn't completely new... Nevertheless, it seems I was “lucky” - a malicious batch file, which was used in a last week's phishing campaign I came across is still at zero…
https://t.co/dUDYI2DTj1
@nmeirmanov Since they don't seem to have their own CSIRT and no security-related contats were published on their site, i reached out to the generic "contact us" telecom@ e-mail ddress (I tried security@ as well, but that message bounced)...
It can be quite surprising to find out what devices accessible from the internet still support SSLv2. It seems that in Kazakhstan, where such devices are most common, over 166 thousand SSLv2-enabled devices are last-mile network boxes used by the largest national ISP...
Kazakhstan - world’s last SSLv2 superpower https://t.co/Vob4CY84aw
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers