Olivia
Online
ledziow (aka W0J)
@ledziow
Senior Principal Threat Analyst at Advanced Practices in Mandiant Intelligence
Warsaw, Poland
Joined October 2015
170 Following
411 Followers
462 Posts
‼️ Nowa aktywność grupy UNC1151/Ghostwriter
Zespół CERT Polska zaobserwował w ostatnich miesiącach zmianę w sposobie działania grupy UNC1151 - znana z operacji dezinformacyjnych oraz phishingów na polskich dostawców poczty elektronicznej (Onet, Wirtualna Polska, Interia), od paru miesięcy przygotowuje swoje kampanie celując również w użytkowników Gmaila.
🔗 Szczegółowy opis zagrożenia wraz z przykładami znajduje się w artykule na naszej stronie:https://t.co/8UawqXj0Gy
Grupa atakuje osoby zaangażowane w życie polityczne, aktywne społecznie, zajmujące eksponowane stanowiska, naukowców, dziennikarzy, pracowników administracji publicznej i służb mundurowych, a także inne osoby powiązane z nimi poprzez relacje rodzinne lub towarzyskie.
Przejęte skrzynki poczty elektronicznej są przeszukiwane pod kątem listy kontaktów, wrażliwych dokumentów czy powiązanych kont.
🚩 Grupy APT (Advanced Persistent Threat), takie jak UNC1151, to podmioty, których działalność cyberprzestępcza może być powiązana z działaniem obcych państw. W CERT Polska stale monitorujemy ich aktywność w polskiej cyberprzestrzeni, a wnioskami dzielimy się w naszych raportach.
Make ‘em Say UNC!
Thank you 🙏
Live Flax Typhoon Raptor Train botnet sinkholing data now available through @shadowserver free daily Sinkhole Event and Sinkhole HTTP Event network reports:
https://t.co/6xiL05ipph
https://t.co/4O7u3bw6lF
events tagged as "raptor-train"
Remediate current infections!
Who to follow
⚛️ Marcin Siedlarz
@siedlmar
Technical attribution of cyber threats | Frontline Intelligence Operations 🦅 @Mandiant
Dan Perez 
@MrDanPerez
Technical Lead, 🇨🇳 Mission @Google GTIG. Specializing in tracking and attribution of China-Nexus Threats, and making life difficult for them.
Mathew
@mittypk
Frontline Intel Ops 🦅 Advanced Practices @Mandiant | AU Military DCO | My views are my own
Looking forward to giving my first @teamcymru research webinar tomorrow!
I shall be discussing a hot topic for many: DPRK IT Workers👨🏻💻
Tune into this tomorrow if you’re interested in how you can use NetFlow data to detect the 🇰🇵 activities 🔍
Reg here:
https://t.co/xkiwZKxl9B
🎉 RooCon25 is coming! 🎉
Join us on 5-6 November for our 3rd edition! As one of Australia's key cyber threat intelligence conferences, we're building on past success to make this our best event yet.
Our Call for Papers opens in just one week! [1/3]
Someone has done an excellent job collecting RATs and documenting them by version. They also included images.
A+ work. This is amazing (we're going to ingest this eventually)
https://t.co/I1QvpNU0k9
Last year, we discovered custom backdoors on Juniper Networks’ Junos OS routers and attributed this to China-nexus espionage group #UNC3886.
We recommend organizations to upgrade their Juniper devices and run the JMRT Quick Scan and Integrity Check. https://t.co/dzlA6kY3Tg
EXCLUSIVE: Defense Secretary Pete Hegseth last week ordered U.S. Cyber Command to stand down from all planning against Russia, including offensive digital actions.
https://t.co/fsFQzOt17y
JPCERT/CC's Tomoya Kamei writes about an attack carried out by the APT-C-60 group around August 2024. The attack involved sending emails posing as job applicants to organizations' recruitment departments, infecting them with malware. https://t.co/xcWhxv1QBT
Yesterday Banshee Stealer, the MacOS-based Malware-as-a-Service infostealer, had their source code leaked online.
As a result of the leak they've shut down their operations. We've archived the leak and made it available for download on GitHub.
https://t.co/5RHeEYWYth
“Malware distribution groups are tricky to look at as a collective, so let’s narrow it down to some of my *least* favorites…”
See ya next week, @mWISEConference 🫶🏼
#mWISE2024
We uncovered striking connections between #Olympics-related domains used for #phishing and #scams for the #Tokyo and #Paris2024 Olympics. The shared infrastructure/similarities in domain names indicate a single actor may be behind this abuse. Details at https://t.co/37dld8uigt
CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers.
Chcecie być objęci nadzorem ABW? Zapraszamy na Oh My H@ck 2024! Nie pożałujecie ;)
https://t.co/if6j0NM7n7
Z pozwu przeciwko członkom Dragon Sector: NEWAG zwrócił się do ABW o usunięcie artykułów oraz "objęcie szczególnym nadzorem wszystkich uczestników konferencji Oh my Hack"
🚨 ALERT: @Mandiant's #AdvancedPractices team has recently received a video message from a State nexus actor. Sharing this for general visibility. Be safe out there.
cc:@ryankaz42 🚨
https://t.co/0B18D6hxiL
@Mandiant is releasing details on a data theft and extortion campaign undertaken by UNC5537, targeting Snowflake customer instances. Since April, UNC5537 has leveraged stolen credentials to target over 100 organizations. https://t.co/mJbrKP8n9x
@CONFidenceConf was a really impressive conference and it was an honour to present there this week. Overwhelmed by all the positive feedback! Thanks to all the organisers and attendees, I met so many great fellow experts this week. I hope to be back again one day in Kraków. 🇵🇱👨💻
Nice! https://t.co/U0s5Bbl0Ek
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers