Mastodawn

🚀 New Talk Dropped for BSides Luxembourg 2026!

In The Wild Cloud Exfiltration Paths You Might Not Expect – Tomas Kabrt

Cloud environments are no longer just infrastructure expansions — they are full-blown attack surfaces. This talk explores how real-world attackers move data out of cloud environments by abusing SaaS integrations, PaaS workflows, and IaaS-level infrastructure behaviors that often go unnoticed in traditional security monitoring.

Based on hundreds of real incident response cases, this session highlights practical exfiltration paths such as SaaS app abuse (Microsoft 365, DocuSign sync flows), ETL-based PaaS exploitation, and cross-cloud IaaS data movement. The focus is on what defenders miss and how to build meaningful detection and telemetry around it.

Tomas Kabrt is a Cloud Threat Intelligence Researcher at CrowdStrike, focusing on cloud intrusions and real-world attacker behavior observed through incident response and threat hunting engagements.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/

📅 Schedule: https://pretalx.com/bsidesluxembourg-2026/schedule/

📱 Want an easy way to follow the schedule?
Use Hacker Tracker: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #CloudSecurity #ThreatIntel #Exfiltration #IncidentResponse #CyberSecurity

Analyst207 5d ago

Chinese Supercomputer Breach Exposes Massive 10-Petabyte Data Heist

A massive 10-petabyte data heist has been reported from a state-run Chinese supercomputer, raising urgent questions about the breach and its potential consequences. The staggering scale of the alleged theft has sparked widespread concern, but details about the incident remain scarce.

https://osintsights.com/chinese-supercomputer-breach-exposes-massive-10-petabyte-data-heist?utm_source=mastodon&utm_medium=social

#ChineseSupercomputer #DataBreach #EmergingThreats #Exfiltration #MassiveDataHeist

Chinese Supercomputer Breach Exposes Massive 10-Petabyte Data Heist

Chinese supercomputer breach exposes 10 petabytes of stolen data, read the shocking details now and learn more about the massive data heist.

OSINTSights

C.Mar 12

OTTAWA - The Privacy Commissioner of Canada today held a press conference regarding the digital attack on Telus Canada's networks and information systems. Telus recently announced that attackers had claimed to have exfiltrated nearly 1 petabyte of company data, including customer data, equivalent to approximately 250,000 DVD movies.

The Commissioner announced a full investigation will take place. He also indicated that Canadian consumers should not be excessively worried about the breach of their personally identifiable information (PII), as the attackers will still be obligated to follow the requirements of the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada's data privacy law since passage in 2000.

#Canada #privacy #Telus #hack #hackers #intrusion #exfiltration #PIPEDA #PrivacyCommissioner #security #PII

tx_princess Mar 7

If the Kardashians launched their own framework it would be Kommand and Kontrol (K2).

The Momager (Kris.exe or Kris.sh): The primary C2 listener.
The Glow Up: Privesc
Keeping Up: Lateral movement

#C2Framework #RedTeaming #PostExploitation #MalwareDevelopment #Infosec #CyberSecurity #EDRBypass #ActiveDirectory #PenTesting #ThreatHunting #MITREATTACK #APTHunting #Shellcode #ZeroDay #Persistence #Exfiltration #BlueTeam #PurpleTeaming #kardashians

aboveFRL Jan 22

#PlaneAlert ICAO: #AE6C12 Tail: #205937
Owner: #USAF
Aircraft: #Lockheed MC-130J Hercules
2026-01-22 10:18:39 CET
#C30J #CommandoII #SpecialOps #Exfiltration https://w.wiki/8pAV
https://globe.adsbexchange.com/?icao=AE6C12&zoom=7&lat=50.949143&lon=3.590240&timestamp=1769073519&showTrace=2026-01-22

#adsb #planefence #planealert by kx1t - https://sdr-e.com/docker-planefence

Hacker News Jan 14

Claude Cowork Exfiltrates Files

https://www.promptarmor.com/resources/claude-cowork-exfiltrates-files

#HackerNews #ClaudeCowork #Exfiltration #Files #Cybersecurity #DataPrivacy #HackerNews

Claude Cowork Exfiltrates Files

Claude Cowork is vulnerable to file exfiltration attacks via indirect prompt injection as a result of known-but-unresolved isolation flaws in Claude's code execution environment.

aboveFRL Dec 19

#PlaneAlert ICAO: #AE6D7A Tail: #205941
Owner: #USAF
Aircraft: #Lockheed MC-130J Hercules
2025-12-19 11:16:31 CET
#C30J #CommandoII #SpecialOps #Exfiltration https://w.wiki/8pAV
https://globe.adsbexchange.com/?icao=AE6D7A&zoom=7&lat=50.425524&lon=5.756316&timestamp=1766139391&showTrace=2025-12-19