Tweets

You blocked @ShaneHuntley

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @ShaneHuntley

  1. Pinned Tweet
    Jan 25

    New blog post from TAG with details of a North Korean campaign targeting security researchers working on vulnerability research and development. Stay safe out there everyone!

    Show this thread
    Undo
  2. Quips aside, this is all a very complex topic and worth debate. I actually do think we need a more secure world and need to invest heavily in that as a matter of critical urgency. Spies are going to spy though Good intelligence saves lives.

    Show this thread
    Undo
  3. So do the current critics of government cyber offensive technology think that Bletchley Park should have just spent the 1940s just making crypto more secure for everyone?

    Show this thread
    Undo
  4. Feb 5

    I also see this mistake regularly in cyber threat analysis. I've learned to be EXTREMELY skeptical of any opinion or analysis that starts with "Well, if *I* was government hacker...."

    Undo
  5. Feb 5

    (sorry no remote, no DC)

    Show this thread
    Undo
  6. Feb 5

    Looking to hire a great threat analyst to us in Sunnyvale (or Boulder) to analyze and counter government backed threat actors in Google TAG.

    Show this thread
    Undo
  7. Feb 4

    ALL caps should be removed. Australian citizens have a right to return to Australia. Quarantine is a hard but solvable problem especially this many months in. Stop the excuses.

    Undo
  8. Retweeted
    Feb 4

    Today we're publishing root cause analyses for the seven 0-day exploits we discovered in-the-wild in Oct 2020. Chrome, Windows, Safari, & iOS. Great work to Sergei and Mark!

    Show this thread
    Undo
  9. Feb 4

    I strongly believe that almost everyone needs to read more, write more, do more and meet less.

    Show this thread
    Undo
  10. Feb 4

    "endemic problems caused by those 11 layers of management, a culture of perpetual, permanent meetings, a stubborn insistance on creating every possible product no matter what" in *2006* hmmm

    Show this thread
    Undo
  11. Feb 3
    Undo
  12. Feb 1

    Yep. My team has a counter disinformation mission but countering misinfo, ie. someone being wrong on the Internet, is not (yet) a threat intel function.

    Undo
  13. Jan 30

    I only give one piece of advice to soon-to-be dads: You only get one day to make all the “you weren’t born yesterday” Dad jokes. Make the most of that opportunity before it passes.

    Undo
  14. Retweeted
    Jan 28

    Normally security researchers are the ones doing the hunting. This actor was hunting security researchers.

    Show this thread
    Undo
  15. Retweeted
    Jan 27
    Replying to

    We created a collaborative Graph in VirusTotal with all IOCs (to date) of this campaign, hopefully this will be useful for the security community to work together in this investigation.

    Undo
  16. Retweeted
    Jan 25

    A look at some of the malware mentioned in this Google TAG research. - Two-stage (payload in ProgramData) - AV Check (Kasp, Avast) - Basic Persistence - Multiple C2s per payload More to be done re:C2 comm (unless someone does it first)

    Undo
  17. Retweeted
    Jan 25
    Show this thread
    Undo
  18. Retweeted
    Jan 25

    Loving all these posts from infosec people who have been digging through past communications to find chats with actors now revealed to have been North Korean hackers trying to ensnare security folk

    Show this thread
    Undo
  19. Retweeted
    Jan 25

    WARNING! I can confirm this is true and I got hit by who sent me a Windows kernel PoC trigger. The vulnerability was real and complex to trigger. Fortunately I only ran it in VM.. in the end the VMDK I was using was actually corrupted and non-bootable, so it self-imploded

    Show this thread
    Undo
  20. Jan 25

    These actors have used multiple platforms to communicate with potential targets, including Twitter, LinkedIn, Telegram, Discord, Keybase and email. We are providing a list of known accounts and IOCs in the blog post.

    Show this thread
    Undo
  21. Jan 25

    In addition to targeting users via social engineering, we have also observed several cases where researchers have been compromised after visiting the actors’ blog. The victim systems were running fully patched and up-to-date Windows 10 and Chrome

    Show this thread
    Undo

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·