🚨 - The @RecordedFuture 2024 Malicious Infrastructure Report is here! I know many of you have been looking forward to this! Insikt Group significantly expanded its tracking of malicious infrastructure over the past year. Findings below!

Blog: https://t.co/5xthB0x4C9 pic.twitter.com/838Jcko4K1

— Alexander Leslie (@aejleslie) February 28, 2025

Interesting result if you're looking for proxies for progress on exploit generation https://t.co/v60jKMkfNG

— Sean Heelan (@seanhn) March 1, 2025

A security firm providing services to threat actors? 🥴

BGP routing suggests that @kaspersky is providing internet connectivity to a large Russian cyber crime outfit called "Prospero" 👀. According to @Intrinsec, both, Securehost and BEARHOST are hosting their infrastructure on…

— abuse.ch (@abuse_ch) March 1, 2025

So here’s a simple request to Apple. Apple iMessage needs to enable “disappearing messages.” And they need to do it soon. https://t.co/eAfr2Hnhi9

— Matthew Green is on BlueSky (@matthew_d_green) March 1, 2025

The United States is falling “increasingly behind” its adversaries in cyberspace, according to former US Cyber Command and NSA director Nakasone: https://t.co/00QOm8ebjT

— Electrospaces (@electrospaces) March 1, 2025

"Always/Never: The Quest for Safety, Control & Survivability is a first-person documentary film about the use, control, detonation safety, and survivability of US nuclear weapons with an emphasis on the contributions of the DOE/NNSA nuclear weapon laboratories from 1945 to 1991.…

— Dino A. Dai Zovi (@dinodaizovi) March 1, 2025

In 1960 the Joint Intelligence Committee and GCHQ launched an urgent investigation when it became clear that Sir Winston Churchills private papers, then in public hands, contained 'ULTRA' material.

Short thread and PSL blog on keeping ULTRA secret in the 1960s... pic.twitter.com/1HsCpG9chO

— Sir Humphrey (@pinstripedline) February 28, 2025

how to gain code execution on millions of people and hundreds of popular apps
and of course, firebase was (partially) the causehttps://t.co/U7j7YcYS18

— xyzeva (@xyz3va) February 28, 2025

Atomic Red Team™ is a library of tests mapped to the MITRE ATT&CK® framework. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments.https://t.co/JsL1PW67b1

— Nicolas Krassas (@Dinosn) February 28, 2025

One of the advantages of using Safe{Wallet}: "Eliminate single points of failure" pic.twitter.com/SoZrsyqInj

— Costin Raiu (@craiu) March 1, 2025

Watch a short ad before your terminal commands are executed

(this sucks, and actually works) pic.twitter.com/jo3JCRII7E

— Navid Mafi (@NavidMafi) February 27, 2025

When I noticed AMSI behaving weird, such as no longer detecting the "amsiscanbuffer" as malicious I thought my VM was bad, now when working with execute-assembly and noticed my PS1 scripts were fine but my .NET was flagged I assumed I failed in the AMSI bypass:#redteam pic.twitter.com/UM4mbwMyRm

— David (@dmcxblue) March 1, 2025

BypassAV. List of essential techniques to bypass anti-virus and EDRhttps://t.co/azKMvxy0ux

— DirectoryRanger (@DirectoryRanger) March 1, 2025

Why this matters:
1. While NSA doesn't have to stand down, many service members working *at* NSA work for their individual services, addressing their intel priorities. The national mission broadly benefits from this. 1/https://t.co/CgPBERfiQB

— Jake Williams (@MalwareJake) February 28, 2025

Calling all malware reverse engineers, please take a look at this. It’s a sample of the JavaScript Lazarus used on Safe to steal 1.4B from ByBit. https://t.co/PsI8z1BCyW

— vxdb (@vxdb) March 1, 2025

Sample is now on VT!

🚩Hash: fbd5e3eb17ef62f2ecf7890108a3af9bcc229aaa51820a6e5ec08a56864d864d
🎯Actor name: Lazarus
🔹Comment: The Safe{Wallet} JavaScript used by Lazarus in the ByBit hack that was deployed Feb 19, 2025 17:29:05 and replaced with the original clean version…

— Is Now on VT! (@Now_on_VT) March 1, 2025

#SpyNews - week 9 (February 23-March 1):
A summary of 86 espionage-related stories from week 9 coming from 🇦🇺🇮🇱🇫🇷🇺🇸🇺🇦🇷🇺🇨🇳🇺🇿🇹🇷🇿🇦🇬🇧🇦🇫🇮🇶🇸🇴🇧🇪🇰🇵🇰🇷🇯🇵🇨🇭🇨🇦🇮🇳🇱🇾🇦🇪🇨🇾🇵🇭🇵🇸🇧🇾🇻🇺🇳🇨🇸🇪🇪🇸🇱🇧🇸🇬🇪🇬🇮🇷🇷🇸🇫🇮🇻🇳🇭🇰🇹🇼🇵🇰🇳🇪🇽🇰🇵🇱🇦🇷 https://t.co/aaxbzW2JQo#espionage #spy #OSINT #SIGINT #HUMINT

— Spy Collection (@SpyCollection1) March 2, 2025