Andrew 🌻 Brandt πŸ‡

@threatresearch@infosec.exchange
3.2K Followers
768 Following
5.2K Posts

Words published here do not necessarily reflect views of my employer or any other organization I am affiliated with.

Research and analysis about malware, network forensics, and the intersection of crime with anything that electrons or photons flow through.

Board member of World Cyber Health, the parent organization behind Malware Village and the NO-HAVOC project.

Docent of obsolete technology at @mediaarchaeologylab

Executive director, Elect More Hackers: electmorehackers.com

"By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges." -- Cory Doctorow

Backup tooter@threatresearch.bsky.social
Threat levelmostly harmless
Andrew 🌻 Brandt πŸ‡10h ago
Hey so, I just found out that there is a livestream from #BSidesBoulder so if you want to see my talk, it's at 3pm MDT or in 1 hour 40 minutes from now on "main track" here: https://www.youtube.com/channel/UCRUmseZMk79gcQdNga3DEHQ
Before you continue to YouTube

Andrew 🌻 Brandt πŸ‡2d ago
Andrew 🌻 Brandt πŸ‡2d ago
What a wonderful thing to find out while on vacation that my phone is blowing up because a news article about #ConnectWise published yesterday (https://www.bleepingcomputer.com/news/security/connectwise-rotating-code-signing-certificates-over-security-concerns/) referenced something I posted here in April (https://infosec.exchange/@threatresearch/114315246724920453). (Thanks, Bill ❀️ & @BleepingComputer)
ConnectWise rotating code signing certificates over security concerns

ConnectWise is warning customers that it is rotating the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise RMM executables over security concerns.

BleepingComputer
Andrew 🌻 Brandt πŸ‡2d ago
Lori Emerson2d ago
my idea of a good time: praxinoscope in tha' house! #mediaBeforeMedia @mediaarchaeologylab
Andrew 🌻 Brandt πŸ‡2d ago
Lee from Colorado2d ago

Almost like they wanted this to happen ...

-------

Within minutes of that attempted gun purchase at a store in CO Springs, an automatic email notification was sent from the Colorado Bureau of Investigation to the U.S. Department of Homeland Security advising them that a person without legal immigration status attempted to buy a firearm in Colorado.

But there is no indication that anyone from Immigration and Customs Enforcement took action on that notification

https://www.cpr.org/2025/06/10/cbi-notified-homeland-security-after-attempted-gun-purchase-by-boulder-attacker/

#uspol

Colorado notified feds after failed gun purchase by accused Boulder firebomber, months before the attack

The alert contradicts claims made by U.S. Rep. Evans about Colorado’s lack of information sharing.

Colorado Public Radio
Andrew 🌻 Brandt πŸ‡2d ago
The Record3d ago

Leaders at the U.K.'s National Cyber Security Centre are calling for more political attention on cybersecurity, arguing that regulation and legislation aren't keeping up with technology.

https://therecord.media/ncsc-pushes-uk-government-create-strategic-cyber-policy-agenda

UK cyber agency pushes for 'strategic policy agenda' as government efforts stall

Leaders at the U.K.'s National Cyber Security Centre are calling for more political attention on cybersecurity, arguing that regulation and legislation aren't keeping up with technology.

Andrew 🌻 Brandt πŸ‡2d ago
Hackread.com2d ago

#OperationSecure: INTERPOL disrupts 20,000 Infostealer domains, arrests 32 and notify 216,000 victims.

Read: https://hackread.com/operation-secure-interpol-disrupts-infostealer-domains/

#CyberSecurity #CyberCrime #InfoStealer #Malware #INTERPOL

Operation Secure: INTERPOL Disrupts 20,000 Infostealer Domains, 32 Arrested

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Andrew 🌻 Brandt πŸ‡2d ago
Broadwaybabyto3d ago

Did you know it’s not just two journalists who’ve been shot while covering the LA anti-ICE protests?

It’s many more. They appear to be targeting the press. Trying to silence them. Dissuade them from reporting on what is one of the most important issues America is facing.

Does the country want to submit to a fascist authoritarian?

Or do they want to fight back?

LA has chosen to fight back. And journalists are showing up to cover it. As they should.

Adam Rose is keeping a running tally on a thread on Bluesky. Highly recommend checking it out.

here’s some of the injured:

Ryanne Mena, shot with pepper balls

Sean Becker-Carmitchel, hit multiple times

Anthony Cabassa hit in face with chemical munition

Ryanne and Sean were hit again the next day, with a tear gas cannister

No name has been given but reports of someone from KTLA being hit with less lethal ammo and going to urgent care

Lauren Tomasi hit with less lethal ammo

Nick Stern shot with less lethal ammo and requires emergency surgery

These people were clearly identifying themselves as members of the press

They were there to do their jobs

And at least in the case of Lauren Tomasi, there’s video evidence which appears to show an officer taking clear aim and firing directly at her

Say their names.

Speak up.

The public need to know the risks the press are taking just to attempt to bring truth to the masses.

The Regime have been attempting to silence, sue and throttle the press since day one.

We shouldn’t tolerate any direct attacks on them.

#ice #abolishice #uspol #fascism #journalism #la #losangeles #resist

Andrew 🌻 Brandt πŸ‡2d ago
What a wonderful thing to find out while on vacation that my phone is blowing up because a news article about #ConnectWise published yesterday (https://www.bleepingcomputer.com/news/security/connectwise-rotating-code-signing-certificates-over-security-concerns/) referenced something I posted here in April (https://infosec.exchange/@threatresearch/114315246724920453). (Thanks, Bill ❀️ & @BleepingComputer)
ConnectWise rotating code signing certificates over security concerns

ConnectWise is warning customers that it is rotating the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise RMM executables over security concerns.

BleepingComputer
Andrew 🌻 Brandt πŸ‡Jun 6
Esther SchindlerJun 5
Typewriter Simulator
I find it oddly restful. And noisy.
https://shifthappens.site/typewriter/
Shift Happens typewriter simulator

A fun way to experience a typewriter without needing to have one!

Andrew 🌻 Brandt πŸ‡Jun 5
Hat of the City of CriminalsJun 5
NY City Councilwoman Vickie Paladino is an avatar of the decline of America β€” the triumph of proudly ignorant and bigoted trash empty of any value that ever helped us thrive. An America that elects people like her β€” and Trump β€” deserves to collapse.