Stephen Hilt  

@[email protected]
262 Followers
117 Following
144 Posts
Threat Researcher @TrendMicro, waffle maker, and dad. My tweets and opinions are my own and do not reflect my company. Co-Author Hacking Exposed ICS and SCADA.
Homepagehttps://stephenhilt.com
Pronounshe/him
Stephen Hilt  Mar 6
Again fuck this place https://youtu.be/eF_xzJ6-Ow4?si=XbFXjZvlmkI-Vtqv
Hero Of War

YouTube
Stephen Hilt  Mar 4

The global disruption of Tycoon 2FA, a phishing-as-a-service platform built to bypass MFA using adversary-in-the-middle techniques.

Proud to have worked with partners across industry and law enforcement to help dismantle this operation.

Details: https://www.trendmicro.com/en_us/research/26/c/tycoon2fa-takedown.html

Europol, Microsoft, TrendAI™, and Collaborators Halt Tycoon 2FA Operations

Tycoon 2FA was dismantled this week by law enforcement and industry partners including TrendAI™. The phishing-as-a-service platform offered MFA bypass services using adversary-in-the-middle (AitM) proxying.

Trend Micro
Stephen Hilt  Feb 17
Attackers are abusing Atlassian Jira Cloud to launch spam campaigns and bypass email defenses by leveraging trusted SaaS notifications. Worth a read: https://www.trendmicro.com/en_us/research/26/b/spam-campaign-abuses-atlassian-jira.html
Spam Campaign Abuses Atlassian Jira, Targets Government and Corporate Entities

We uncover how a campaign used Atlassian Jira Cloud to launch automated and targeted spam campaigns, exploiting trusted SaaS workflows to bypass security controls.

Trend Micro
Stephen Hilt  Dec 11
New research details SHADOW-VOID-042, a targeted spear phishing campaign abusing Trend Micro themed lures against multiple industries. Early detection prevented payload execution. Full analysis here: https://www.trendmicro.com/en_us/research/25/l/SHADOW-VOID-042.html
SHADOW-VOID-042 Targets Multiple Industries with Void Rabisu-like Tactics

Trend Micro
Stephen Hilt  Dec 9
Is the era of “Cybercrime-as-a-Service” is ending? In our new report we show how agentic AI could transform cybercriminals from service-buyers into autonomous operators, enabling scalable, adaptive, and near-self driving attacks.
https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/the-next-phase-of-cybercrime-agentic-ai-and-the-shift-to-autonomous-criminal-operations #Cybersecurity #AIThreats
The Next Phase of Cybercrime: Agentic AI and the Shift to Autonomous Criminal Operations | Trend Micro (US)

We dive into the transformation from “Cybercrime-as-a-Service“ to “Cybercrime-as-a-Sidekick“, which fundamentally alters the operational dynamics of criminal enterprises.

Stephen Hilt  Oct 22
https://spotify.link/TOXKwfTYEXb
Stephen Hilt  Oct 1
I hate when my candy comes with instructions
Stephen Hilt  Sep 4, 2025
https://open.spotify.com/track/0ypg59NyOVCpWVzd0SUsT5?si=huZ-xgj9TiGK7xP7YnI5aw&pi=JFv0FZx2R9y7M
Every Day Is Exactly The Same

Nine Inch Nails · With Teeth · Song · 2005

Spotify
Stephen Hilt  Aug 26, 2025
As part of a Trend Micro exercise, I helped show how quickly scammers can piece together your life: tagged photos, Strava runs, the street outside your home—in minutes. If we can do it, real criminals can too. Full story: metro.co.uk/2025/08/23/scammers-found-home-address-minutes-terrifyingly-easy-23966712/ #InfoSec
Stephen Hilt  Aug 9, 2025
It’s only the end of the world again… https://open.spotify.com/track/1sYpfdQKtB8UjeNE7nu0id?si=2lEWmS62Q760Lcchb8JNwA&context=spotify%3Aplaylist%3A37i9dQZF1EYkqdzj48dyYq
Endsmouth

Agents Of Oblivion · Agents of Oblivion · Song · 2000

Spotify