March 12, 2025
March 12, 2025
In-Depth Technical Analysis of the Bybit Hack #Lazarushttps://t.co/chfR1uQ7Wg pic.twitter.com/dqMCJEBpiK
— blackorbird (@blackorbird) March 11, 2025
Just published in the Journal of Cold War Studies!
— Filip Kovacevic (@ChekistMonitor) March 11, 2025
My article surveys more than 50 books & provides short biographical notes on the intelligence authors, historians & retired #KGB officers-turned-writers in Putin's Russia. @SocIntelHist @CWIHP ⬇️https://t.co/72Xud1ZjsA
⬇️
RogueSliver: disrupt campaigns using the Sliver C2 framework https://t.co/1ilKHcSue5
— Nicolas Krassas (@Dinosn) March 11, 2025
"virtually all modern internet services experience [DDoS attacks] and must proactively defend themselves.... [But] some X...servers...weren't properly secured behind the company's Cloudflare DDoS protection and...as a result attackers could target them" https://t.co/LPAWFy57H6
— Kim Zetter (@KimZetter) March 11, 2025
https://blog.doyensec.com/2025/03/04/exploitable-sshd.html
Zack Whittaker: "NEW by @carlypage: CISA had another round of layo…" - Mastodon
NEW by @carlypage: CISA had another round of layoffs, per people directly affected, said to be more than a hundred CISA employees. Red team staffers and its Cyber Incident Response Team (CIRT) are affected. More: https://techcrunch.com/2025/03/11/doge-axes-cisa-red-team-staffers-amid-ongoing-federal-cuts/
Did you know that pressing CTRL+D in linux terminal is like pressing ENTER? (to some extent, of course)
— Gynvael Coldwind (@gynvael.bsky.social) (@gynvael) March 11, 2025
Well, I didn't, so after randomly investigating what CTRL+D actually does, I've decided it's a fun topic to write about:https://t.co/xEBGw1um3c
NEW: Apple patched a zero-day in WebKit that “may have been exploited in an extremely sophisticated attack against specific targeted individuals.”
— Lorenzo Franceschi-Bicchierai (@lorenzofb) March 11, 2025
This is second time, AFAICT, that Apple uses the "extremely sophisticated" phrase for a patched bug.https://t.co/ZROZ0MULTL
My @Disobey_fi talk is finally out! Link to video and slides available at https://t.co/nuOW6Vp6Dz
— Dr. Nestori Syynimaa (@DrAzureAD) March 11, 2025
And yes, NotMyNick used some weird filter, I'm not that fat nor old 😜 pic.twitter.com/xuECGJuVOQ
Looks like all the new AMOS builds are being delivered from the panel with new Anti-VM techniques, checking system memory details and checking if contain vendor-specific strings like "QEMU" or "VMware".
— Who said what? (@g0njxa) March 11, 2025
The old anti-VM technique on AMOS was deleted few days ago https://t.co/lLnMVWtPNW pic.twitter.com/tuzL9Mknrj
NEW macOS 15.3 🥫🍝 sauce! 🎉
— Blacktop (@blacktop__) March 11, 2025
xnu:https://t.co/BQZhpM0pjD
dyld:https://t.co/0nYAYzFM39
Security:https://t.co/lTUUh1ON7k
- this post was generated by `ipsw` 🤖
https://t.co/hSnQgZRANahttps://t.co/FmnBSjVa48 pic.twitter.com/tcuZZGFbna
— xvonfers (@xvonfers) March 11, 2025
📢 Join the OCWG Online Workshops on Offensive Cyber
— Offensive Cyber Working Group (@Offensive_Cyber) March 8, 2025
We are holding 4 online workshops, based on a proposed 'COP' framework and on lessons from Ukraine.
• Concepts (17 March)
• Organisation (25 March)
• Practice (1 April)
• Ukraine (6 May)
More 🔽https://t.co/RW8A557OLD
The Microsoft Vulnerable Driver Blocklist and WDAC fail in 3 different ways to achieve what Microsoft claims what they do.
— Will Dormann is on Mastodon (@wdormann) March 11, 2025
MSRC claims they (CWE-693) are not vulnerabilities, so they won't fix them
If you rely on these features, be prepared to be let down.https://t.co/kKR3DHmk5L

Will Dormann: "I recently deleted a thread here as my tests were…" - Infosec Exchange
Attached: 2 images I recently deleted a thread here as my tests were not valid. What was wrong? The driver I was using as an example of "blocked via signer" was indeed in the Microsoft recommended driver block rules list for TWO YEARS (It's present in a March 2023 version of the list). Given that the blocklist is updated on W...
Beyond the Hook: A Technical Deep Dive into Modern Phishing Methodologies https://t.co/w7bJ4eqPtG
— Panos Gkatziroulis 🦄 (@netbiosX) March 11, 2025