tlansec's Avatar

tlansec

@tlansec.bsky.social

Threat Intel @volexity.com n stuff. London, UK.

793 Followers  |  280 Following  |  47 Posts  |  Joined: 01.06.2023  |  1.7266

Latest posts by tlansec.bsky.social on Bluesky

Preview
two purple beach chairs on the beach with the words these are waiting for us ALT: two purple beach chairs on the beach with the words these are waiting for us

Reminder that the #PIVOTcon2026 CFP closes this Friday, February 6. Get those papers in. We want to see you at @pivotcon.bsky.social in Malaga! 😎

03.02.2026 15:59 β€” πŸ‘ 7    πŸ” 5    πŸ’¬ 0    πŸ“Œ 0
Security Update Guide - Microsoft Security Response Center

You say "Security Feature Bypass"... I say.... "Remote Code Execution":

msrc.microsoft.com/update-guide...

03.02.2026 12:14 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
Preview
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit Rapid7 Labs, together with the Rapid7 MDR team, has uncovered a sophisticated campaign attributed to the Chinese APT group Lotus Blossom.

For folks looking for Notepad++ IoCs, @rapid7.com just dropped a write-up. www.rapid7.com/blog/post/tr...

02.02.2026 16:52 β€” πŸ‘ 8    πŸ” 5    πŸ’¬ 1    πŸ“Œ 0
Post image Post image Post image Post image

#apt #unk via VT
BULLETEN_H.doc 7c396677848776f9824ebe408bbba943
1291.doc d47261e52335b516a777da368208ee91
Courses.doc 2f7b4dca1c79e525aef8da537294a6c4
Consultation_Topics_Ukraine(Final).doc 95e59536455a089ced64f5af2539a449
freefoodaid[.]com wellnessmedcare[.]org

30.01.2026 21:23 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

A++

30.01.2026 21:29 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I promise you. I absolutely guarantee. You are not ready for what happens when you click this link. ovu.moe

30.01.2026 07:32 β€” πŸ‘ 247    πŸ” 44    πŸ’¬ 123    πŸ“Œ 42

WHAT?!?

LABYRINTHM CHOLLIMA is evolving!

Congratulations

Your LABYRINTH CHOLLIMA evolved into LABYRINTH CHOLLIMA!

29.01.2026 19:33 β€” πŸ‘ 5    πŸ” 1    πŸ’¬ 2    πŸ“Œ 0

That parameter is also a palindrome and does the same thing in reverse!

22.01.2026 09:50 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Release v1.11.0 Β· VirusTotal/yara-x Make the parser stricter (#502). Implement dex module (#458). Implement C api console log (#515). Implement permhash for the crx module (#510). Implement the imports() method for the Rules object i...

github.com/VirusTotal/y... - 1.11.0 is out! Lots of new features, modules and bug fixes. Read the release notes and congrats to Victor and the contributors!

09.01.2026 13:43 β€” πŸ‘ 7    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Post image

Microsoft is so fucking stupid.

Microsoft renamed Microsoft Office to Microsoft 365 Copilot App

I'm not joking

05.01.2026 17:31 β€” πŸ‘ 2210    πŸ” 532    πŸ’¬ 166    πŸ“Œ 738
Post image

Volexity Volcano Server & Volcano One v25.12.18 adds 300+ YARA rules, full parsing of Windows prefetch and Linux cron jobs, inline syscall hooking detection, and 5-level page table support. [1/3]

05.01.2026 16:39 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

Narrator Voice: And so thousands of infosec people looking for relevance and attention logged into VirusTotal looking for samples uploaded from Venezuela in the last year.

04.01.2026 23:32 β€” πŸ‘ 11    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

finally, we're living through precedented times

04.01.2026 06:56 β€” πŸ‘ 18391    πŸ” 2385    πŸ’¬ 202    πŸ“Œ 93
Post image

Some phishers have taken inspiration from Russian cyber-espionage group UTA0355 and are using a technique that tricks users into sharing their OAuth material in a web page (UAT0355 did it via email replies)

pushsecurity.com/blog/consent...

11.12.2025 18:13 β€” πŸ‘ 12    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

everyone in the uk, internally hears: _OH DARLING HOLD MY HAND_

08.12.2025 09:38 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

A study in the evolution of SVR cyberespionage tradecraft

06.12.2025 19:07 β€” πŸ‘ 22    πŸ” 4    πŸ’¬ 0    πŸ“Œ 1
Preview
Dangerous Invitations: Russian Threat Actor Spoofs European Security Events in Targeted Phishing Attacks In early 2025, Volexity published two blog posts detailing a new trend among Russian threat actors targeting organizations through the abuse of Microsoft 365 OAuth and Device Code authentication workf...

@volexity.com tracks a variety of threat actors abusing Device Code & OAuth authentication workflows to phish credentials, which continue to see success due to creative social engineering. Our latest blog post details Russian threat actor UTA0355’s campaigns impersonating European security events.

04.12.2025 18:36 β€” πŸ‘ 10    πŸ” 8    πŸ’¬ 0    πŸ“Œ 0

On the plus side, everytime there's a Cloudflare outage 1000s of threat actors around the world have their malware C2 go down for a few hours.

05.12.2025 10:16 β€” πŸ‘ 11    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

I don't work for Insikit group.

05.12.2025 10:03 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending November 30th β€œA lack of liability for software vendors is among the most pressing issues putting Britain’s economic and national security at risk"

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

29.11.2025 10:28 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

🎡🎢All I want for Christmas is… electrons 🎢🎡

21.11.2025 15:09 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Release v1.10.0 Β· VirusTotal/yara-x New yr fix warnings command (#493). Generate more efficient WASM code for some expressions, reducing the size of compiled rules (5efc214, a865681). Improve the API for traversing the AST in DFS ord...

Yara-x 1.10.0 released today! It can now automatically fix some warnings, and some improvements in code generation. This is another great step forward for the project.

github.com/VirusTotal/y...

20.11.2025 18:33 β€” πŸ‘ 7    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
A picture of the evolution of warfare rising from early primate with a bone all the way to a threat developer hunched over a laptop.

A picture of the evolution of warfare rising from early primate with a bone all the way to a threat developer hunched over a laptop.

Really digging this year’s CYBERWARCON logo

19.11.2025 15:49 β€” πŸ‘ 10    πŸ” 5    πŸ’¬ 1    πŸ“Œ 0
Preview
a man says where do i register in front of a woman ALT: a man says where do i register in front of a woman

#PIVOTcon26 registration is now OPEN πŸ€ŸπŸ“· #ThreatResearch #ThreatIntel πŸ“·https://pivotcon.org
Please read carefully the whole 🧡 for the rules about invite -> registration (1/6)🌐

13.11.2025 15:28 β€” πŸ‘ 15    πŸ” 12    πŸ’¬ 1    πŸ“Œ 1
Post image

Enhance your CyberChef experience with GeoCities mode!

13.11.2025 20:42 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Remember NFTs? πŸ˜‚πŸ˜‚πŸ˜‚πŸ˜‚πŸ˜‚πŸ˜‚πŸ˜‚

11.11.2025 01:00 β€” πŸ‘ 77    πŸ” 12    πŸ’¬ 11    πŸ“Œ 3
Private jets don't pay fuel tax. Now I don't either.
YouTube video by Oli Frost Private jets don't pay fuel tax. Now I don't either.

This is so good. bahahaha:

www.youtube.com/watch?v=dr9M...

07.11.2025 10:27 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Tech Talks - Call for Papers

At @ncsc.gov.uk we have just launched the CyberUK tech talks call for papers across three topics

- Cyber applications of AI
- What works: approaches that reduce cyber harm
- The evolving threat

www.cyberuk.uk/2026/call-fo...

06.11.2025 20:12 β€” πŸ‘ 5    πŸ” 9    πŸ’¬ 0    πŸ“Œ 0

my response to this is the loudest OK BRO you've ever heard in your life

06.11.2025 22:10 β€” πŸ‘ 16    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0

@tlansec is following 19 prominent accounts