Andrew 🌻 Brandt πŸ‡

@threatresearch@infosec.exchange
3.2K Followers
769 Following
5.3K Posts

Words published here do not necessarily reflect views of my employer or any other organization I am affiliated with.

Research and analysis about malware, network forensics, and the intersection of crime with anything that electrons or photons flow through.

Board member of World Cyber Health, the parent organization behind Malware Village and the NO-HAVOC project.

Docent of obsolete technology at @mediaarchaeologylab

Executive director, Elect More Hackers: electmorehackers.com

"By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges." -- Cory Doctorow

Backup tooter@threatresearch.bsky.social
Threat levelmostly harmless
Andrew 🌻 Brandt πŸ‡1d ago
Viss1d ago
creating an account on, then putting all your data into whatever the newest "we built this all with ai" tech company product is
Andrew 🌻 Brandt πŸ‡1d ago
Not Just Bikes πŸ‡³πŸ‡±1d ago

I had already basically written-off ever going back to the United States ever again, but these (repeated) stories of completely innocent travellers getting detained and deported are the nail in the coffin.

https://www.newyorker.com/news/the-lede/how-my-reporting-on-the-columbia-protests-led-to-my-deportation

How My Reporting on the Columbia Protests Led to My Deportation

Alistair Kitchen on being detained at Los Angeles International Airport and sent back to Australia because of his reporting on the protests at Columbia University criticizing Israel’s actions in Gaza.

The New Yorker
Andrew 🌻 Brandt πŸ‡1d ago
Show threaddemi7en πŸŽ—πŸ‡ͺπŸ‡Ί1d ago

@heidilifeldman The USA has such deep structural/cultural issues with religion, dumbness, greed and cullibility that, as a European, I often feel frustrated beyond belief trying to "stand with you" fellow libs but I try to hang on...

The American fascist project has for over a decade drained your country's historical ability to help democracy movements around the world, and that is by design. UK's brexit (many same people behind it), PRC's crushing of Hong Kong's civil society and military expansionism, russia's invasion of Ukraine and renewed imperial belligerence, Burma/Myanmar freedom struggle, much of Africa under authoritarian rule, Netanyahu's Israel under attack and lashing out...

Democracy and civil liberties are under attack globally and the enemies feel increasingly emboldened, with china and russia the main instigators and providers.

All democracies since ca. 1990 are guilty of putting profits above values and empowering autocrats instead of using their then-powerful positions to prioritize democratic development. So here we are.

The despots are collaborating to save their despotic asses and they want democracy eradicated. Our democracies should finally wisen up to that fact.

β€œYour freedom and mine cannot be separated. ”

Nelson Mandela realised that. We should have listened.

Andrew 🌻 Brandt πŸ‡1d ago
Show threadHeidi Li Feldman1d ago
To use some philosophical terminology, a serious struggle against authoritarianism requires deontological fervor. You participate because it is the right thing to do, not because of the odds of success. It is a moral fight, not just an instrumental one. 5/
Andrew 🌻 Brandt πŸ‡1d ago
OTX Bot1d ago

Analysis of a Malicious WordPress Plugin: The Covert Redirector

A malicious WordPress plugin named 'wordpress-player.php' has been discovered, affecting at least 26 websites. The plugin injects a hidden HTML5 video player and establishes a WebSocket connection to a command and control server. It redirects visitors to suspicious websites after 4-5 seconds, avoiding execution for logged-in users. The malware uses a fake 'WordPress Core' author name to evade detection. It impacts website integrity through unauthorized redirects, SEO degradation, and potential security risks to visitors. Mitigation steps include thorough scanning, malware removal, credential resets, software updates, and implementing a Web Application Firewall.

Pulse ID: 68536e4f88b62f5f7d8c4865
Pulse Link: https://otx.alienvault.com/pulse/68536e4f88b62f5f7d8c4865
Pulse Author: AlienVault
Created: 2025-06-19 01:56:31

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #ESET #GRIT #HTML #InfoSec #Malware #OTX #OpenThreatExchange #PHP #RDP #Word #Wordpress #bot #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
Andrew 🌻 Brandt πŸ‡1d ago
flexghost.1d ago

Wow.

Absolute home run ad from Rep. Eric Swalwell

πŸ”₯

Andrew 🌻 Brandt πŸ‡1d ago
Charlie Stross1d ago
First word from the muskrat about the cause of the Ship 36 pad explosion is it seems a nitrogen COPV in the payload bay failed (below its proof pressure). Carbon fiber bottles are teh suck (as OceanGate Titan and AMOS-6/Falcon-9 can also attest).
Andrew 🌻 Brandt πŸ‡1d ago
Show threadjwz1d ago
@cstross I'm starting to think that the Space Nazi is not very good at building space ships.
Andrew 🌻 Brandt πŸ‡1d ago
Show threadAngus McIntyre1d ago
@cstross Carbon composite is showing itself to be impressively versatile. Whether your application calls for a catastrophic implosion, or a catastrophic explosion, carbon composite has got you covered.
Andrew 🌻 Brandt πŸ‡1d ago
Dare Obasanjo1d ago

A visual like this makes it look like progress is a straight line but the truth is more nuanced. During the Reconstruction from 1865 to 1877, Black people in the American South had civil rights. Eventually there was a backlash which led to almost 80 years of repression via Jim Crow laws.

We are currently living through another backlash era with Trump following Obama.