JHunt ​ 

@[email protected]
372 Followers
1.2K Following
22 Posts
coder + hacker + engineer. Hunting Adversaries. Sometimes posts about sports and video games.
Views/Opinions are my own. He/Him
Websitehttps://www.jhuntinfosec.com/
Bskyhttps://bsky.app/profile/jhuntinfosec.com
GMLEhttps://www.credly.com/badges/567e5144-1093-499e-9700-ff681734ba51/public_url
GREMhttps://www.credly.com/badges/ac486df2-f17a-4f6e-ac39-19b9f3501c0e/
GPENhttps://www.credly.com/badges/9743fec2-2858-40a1-b162-34613a967b1e/
JHunt ​ Feb 27
Seongsu ParkNov 5, 2024

Just dropped our research on DPRK's campaigns: Contagious Interview & WageMole.

Key takeaways:
1️⃣Threat actors are rapidly evolving tools in Contagious Interview.
2️⃣Successful infection across platforms in record time.
3️⃣WageMole shows in-depth interview prep & precise target selection.
4️⃣They're enhancing interview prep with data stolen from Contagious Interview & Generative AI tech.

https://www.zscaler.com/blogs/security-research/pyongyang-your-payroll-rise-north-korean-remote-workers-west

From Pyongyang to Your Payroll: The Rise of North Korean Remote Workers in the West

Explore how North Korean threat actors use the Contagious Interview and WageMole campaigns to steal data, secure remote jobs, and evade sanctions.

JHunt ​ Jan 25
Nick BensonJan 25

We need all of the dashcams we can get in Minnesota ASAFP for ICE observers.

You can send us cash with a few taps via this link and we’ll order them wholesale and get them deployed to Minneapolis, the suburbs, and beyond: https://ottergoose.net/dashcam/

Dash cams for Minnesota

A crowd-sourcing effort to collect and distribute dash cams in Minnesota to help ICE observers stay safe.

JHunt ​ Jan 25
Mike ShewardJan 24

Dear Journalists,

If a government official gives a statement that is easily disproven by multiple angles of high quality video, it is ok, encouraged even, to call them out on it in real time. That's called doing a journalism.

Secondly, although you all work for different media outlets, there is no reason why you can't sort of 'team up' and keep pressing the issue rather than letting them wriggle out by completely changing the line of questioning. This is also known as doing a Journalism.

Thanks!

JHunt ​ Jan 24
BleepingComputerJan 23

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion.

https://www.bleepingcomputer.com/news/security/shinyhunters-claim-to-be-behind-sso-account-data-theft-attacks/

ShinyHunters claim to be behind SSO-account data theft attacks

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion.

BleepingComputer
JHunt ​ Jan 24
evacideJan 23

Do not store your Bitlocker encryption keys on Microsoft's servers if your threat model includes governments or law enforcement. As this article points out, this is the result of a design choice Microsoft made. It didn't have to be this way.

https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/

Microsoft Gave FBI BitLocker Encryption Keys, Exposing Privacy Flaw

The tech giant said providing encryption keys was a standard response to a court order. But companies like Apple and Meta set up their systems so such a privacy violation isn’t possible.

Forbes
JHunt ​ Jan 24
ESET ResearchJan 23
#BREAKING #ESETresearch identified the wiper #DynoWiper used in an attempted disruptive cyberattack against the Polish energy sector on Dec 29, 2025. At this point, no successful disruption is known, but the malware’s design clearly indicates destructive intent.
#ESETresearch attributes the attack to the Russia‑aligned #Sandworm APT group with medium confidence, based on strong overlaps in behavior and TTPs with multiple earlier Sandworm-linked wiper operations investigated by our team.
The attack struck during peak winter and the 10‑year anniversary of Sandworm’s 2015 attack on Ukraine’s power grid - the first malware-driven blackout, leaving ~230,000 people without electricity.
#ESET detects DynoWiper as Win32/KillFiles.NMO. Customers of our private ESET Threat Intelligence APT reports have already received additional technical details and IOCs to support rapid detection and response. IoC: 4EC3C90846AF6B79EE1A5188EEFA3FD21F6D4CF6
We continue to investigate the incident and broader implications. As new evidence or links to additional Sandworm activity emerge, we will share further updates to help defenders protect critical sectors.
JHunt ​ Jan 12
ian bremmerJan 12
federal investigation into fed chief jerome powell.

political loyalty to president trump the decisive factor for the us attorney’s office, not rule of law.

let’s see if the business community has anything public to say condemning this. since republicans in congress will not.
JHunt ​ Jan 12
Mastodon MigrationJan 11
Kind of crazy that you see a headline about government troops targeting civilian protesters, and need to read the first paragraph to learn if it is Iran or the United States.
JHunt ​ Jan 2
BrianKrebsJan 2

New, by me: The Kimwolf Botnet is Stalking Your Local Network

Today's story is a long overdue series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time for a broader awareness of the threat. The short version is that everything you thought you knew about the security of the internal network behind your Internet router probably is now dangerously out of date.

https://krebsonsecurity.com/2026/01/the-kimwolf-botnet-is-stalking-your-local-network/

JHunt ​ Jan 2

RE: https://cyberplace.social/@GossiTheDog/115826380335148916