Cybersecurity news reporter at @TheRecord_Media Past bylines: ZDNet, Bleeping Computer, Softpedia I like pew pew maps! Keybase: campuscodi

EU
Joined May 2009
Catalin Cimpanu retweeted
Yikes, Microsoft have signed multiple rootkits (which allow kernel drivers) and reach out to a remote IP. I’ll put hashes in thread.
☢️Network filter rootkit that connects to this IP in China: hxxp://110.42.4.180:2081/u It does not look like Moriya (signature will be corrected asap) File is signed by Microsoft. #rootkit #netfilter virustotal.com/gui/file/63d6…
Show this thread
6
168
22
303
Show this thread
Catalin Cimpanu retweeted
#Emotet’s demise sent ripples through the email threats as well as other malware categories. Due to the takedown, #spam volume dropped by 22% in T1 2021 and malicious Office email attachments became notably less frequent. #ESETresearch 1/4
1
14
1
25
Show this thread
Catalin Cimpanu retweeted
Address your remark to “former British colony in North America” and maybe they will understand
Dear @CBCNews @CBCTheNational The Baltic States have been independent for 30 years. You can join the rest of the western world and drop the “former Soviet” tag.
4
43
2
187
Catalin Cimpanu retweeted
NEW: South Korean police is on a roll today!!! 🇰🇷 After the Clop operation, they also arrested 9 computer repair workers who installed ransomware on the computers they serviced therecord.media/south-korean…
2
73
8
193
Show this thread
Catalin Cimpanu retweeted
The Clop ransomware group were known as “big game” hunters, targeting critical financial and security sector networks. This is what disruption and delay look like. Happening this week (joint US/Ukraine/South Korea effort) may be a coincidence. Who knows? But neither do they.
NEW: Ukrainian authorities have arrested this week members of the Clop ransomware gang and have seized some of their server infrastructure therecord.media/ukrainian-po…
Show this thread
0
23
0
41
Catalin Cimpanu retweeted
It took me 10 minutes and about five reads to understand that the White House counts EDR as two separate things 🤦🏻‍♀️ (Taken from their memo on the threat of ransomware).
8
7
1
11
Do not discount this discovery just because it's 2G and not 5G. 2G is still used for controlling loads of IoT devices. You might be surprised by how many "smart cars" use 2G modems nowadays.
Researchers: encryption algorithm GEA-1, used in GPRS data in 2G networks, was deliberately backdoored by its designers; ETSI blames export regulations (@lorenzofb / VICE) vice.com/en/article/4avnan/b… techmeme.com/210617/p26#a210…
7
31
0
81
Catalin Cimpanu retweeted
Last week Volkswagen/Audi blamed a breach involving 3.3M customer records on a third-party that left the data exposed on the internet over a two-year period (tcrn.ch/3xdZQsL). Per @lorenzofb, now the data is for sale on a notorious hacking forum. vice.com/en/article/xgxaq4/h…
NEW: Hackers are selling data stolen from Audi/Volkswagen on a notorious hacking forum. Data includes names, emails, home addresses, and phone numbers. Hackers posted sample of data, we verified data is legitimate by contacting seven people in it. vice.com/en/article/xgxaq4/h…
Show this thread
3
22
1
30
Show this thread
Haven't seen this trick before... smart, tbh
1
6
1
33
Catalin Cimpanu retweeted
What's Microsoft doing right (and not so right) on the security front? My latest #MJFChat guest, security expert @ryanaraine, weighs in, and also talks firmware/IoT security, MS becoming a security vendor powerhouse and more. Podcast and transcript: petri.com/mjfchat-whats-new-…
0
11
0
17
Windows 10 - All Things About Application Guard techcommunity.microsoft.com/…
0
18
1
48
Akamai boo-boo. Doing their best Fastly impersonation
Wakes up. Checks Twitter. Sees some Internet issue. “Not my problem anymore.” Goes back to bed.
0
2
0
11
Catalin Cimpanu retweeted
Replying to @boztank
8
280
6
2,225
Cybersecurity experts have uncovered evidence that interconnects several multi-year and sprawling cyber-espionage campaigns to a Chinese military unit operating out of the city of Ürümqi in China’s western province of Xianjing therecord.media/sprawling-cy…
0
60
3
99
Catalin Cimpanu retweeted
It is important to realize that the Pulse Secure Integrity Checker Tool (ICT) and the PCS factory reset functionality can both be subverted by an attacker on a compromised PCS device. If we can do this, assume that attackers can do this as well. 🤔
2
27
1
48
Show this thread
Catalin Cimpanu retweeted
Looks like @POTUS gave Putin a list of the 16 critical infrastructure sectors (as defined by presidential policy directive & @CISAgov). Essentially, saying these are off limits to cyber attack consistent with recently updated @UN cyber norms. cisa.gov/critical-infrastruc…
50
286
30
1,187
Show this thread
Catalin Cimpanu retweeted
when you ransomware a firm with real resources, sometimes this happens...
NEW: Ukrainian authorities have arrested this week members of the Clop ransomware gang and have seized some of their server infrastructure therecord.media/ukrainian-po…
Show this thread
0
14
0
20
Best Putin description ever
He's like a one-man Fox News up there.
0
3
0
16
Catalin Cimpanu retweeted
NEW: Ukrainian authorities have arrested this week members of the Clop ransomware gang and have seized some of their server infrastructure therecord.media/ukrainian-po…
8
135
16
264
Show this thread