Anthropic's AI cyberespionage report feels as odd as the last one. Just 13 pages, it has none of the traditional components of a usual threat intel report (IoCs, payload hashes, TTPs etc.) and it seems to bury the lead re: technical sophistication. Tucked in on page 11 are a number of caveats: the attackers are using open-source penetration tools plus standard password crackers, network scanners, exploit frameworks and other utilities. The threat group also wasn't doing custom malware or "advanced" exploit development with Claude. Don't get me wrong: I do buy Anthropic's contention that automation + AI is going to allow attackers to reach a greater scale and that will pose more difficulties in defence. But it would be insightful to hear from one of the 30+ entities that were attacked, as I feel a big chunk of the story here is missing. #infosec

Famed Russian spy hunter Christo Grozev made an extraordinary claim on this podcast four months ago: North Korea hacked the Democratic National Committee in 2016 and passed the info to Russia, which in exchange divulged access to Bangladesh Bank. No evidence was offered but Grozev says the situation “will come up later.” 🤔 Transcript in the image. Passage starts at 13m 31s:
https://www.youtube.com/watch?v=dimhhRVbNec #infosec

Accused ALPHV/BlackCat ransomware affiliate Ryan Goldberg made US$214,000 a year working in incident response at Sygnia but told the FBI he was in debt as the reason for getting involved in ransomware, according to court documents. He initially denied involvement in the attacks, a FBI affidavit says. #infosec

Been working on a Cybercrime Exposed episode for a while now, and it's out. It draws on years of deep Adversary and Malware Intelligence and HUMINT from our analysts at Intel 471. In a nutshell: DukeEugene is a Russian hacker, heavily tattooed with a large swastika on his chest. He specializes in developing malicious software for Android phones. The malware is aimed at stealing credentials and data in order to drain its victims’ bank accounts. Despite developing malware, DukeEugene isn’t a very great coder, but he’s well-known and has many connections in the cybercriminal underground – developers, crypters, hosting providers. His business is successful, but he has a big problem. He finds a possible way to solve it but he has to put everything he’s worked for on the line. Audio preview below and link to the pod on our website.
https://www.intel471.com/resources/podcasts/cybercrime-exposed-podcast-the-duke-is-dead

R.I.P. Ozzy.

Aldi is selling 50-gram packets of "hand picked" dried mixed forest mushrooms this week if anyone is interested, mmmmm? #Australia

I seem to have escaped the worst from the Qantas breach -- no phone number, email or physical address was leaked, just name, frequent flyer number and tier. #infosec #australia

This is the first time I've seen privacy used as a marketing argument for eyeglasses. Is Zenni's claim is accurate? Does deflecting infrared light foil facial recognition/AI-based tracking? #infosec