Cyberknow

Updated India-Pakistan cybertracker

#indiapakistan

Hegseth’s Use of Passwords Raises New Security Concerns

This NYT piece is half baked. Hegseth's digital footprint is sloppy, but so is that of 99% of the internet-using population. Why not talk more about MFA, strong authentication, unique passwords, the infostealer problem, etc.? So many unmentioned angles. #infosec
www.nytimes.com/2025/05/07/u...

🚨India-Pakistan Cybertracker #1 🚨

There are 45 hacktivist engaging in cyber activities as a result of kinetic actions between India and Pakistan.

Geopolitical flashpoints will now always trigger hacktivist activity.

Defacement and DDoS remain the most popular and prominent attack vectors.

Exclusive | In Secret Meeting, China Acknowledged Role in U.S. Infrastructure Hacks A senior Chinese official linked intrusions to escalating U.S. support for Taiwan.

Chinese officials acknowledged in a December meeting with Biden officials in Geneva that Beijing was behind the Volt Typhoon intrusions into U.S. critical infrastructure citing increasing U.S. policy support for Taiwan as an excuse www.wsj.com/politics/nat...

Latest #cybertracker is up. Edition 30 on the 3rd anniversary of Russia's full invasion of Ukraine.

See the substack for more insights and indepth analysis. cyberknow.substack.com/p/russia-ukr...

#cybersecurity #infosec

Fsociety Ransomware has posted an anonymous Australian University.

But going by the layout of the name, it could be the Australian National University.

This is a university that has strong links and overlap with government and defence in Australia.

#cybersecurity #infosec #Australia #auspol

a man with the words i appreciate the advice written above him ALT: a man with the words i appreciate the advice written above him

What's the tips and tricks of maximising this app? I feel like I am not getting enough out of it.

ClearSky Cyber Security has discovered a UI vulnerability in Microsoft Windows. This vulnerability is actively exploited by a suspected Chinese APT group - Mustang Panda. When files are extracted from compressed “RAR” files they are hidden from the user. If the compressed files are extracted into a folder, the folder appears empty in the Windows Explorer GUI. When using the "dir" command to list all files and folders inside the target folder, the extracted files and folders are "invisible/hidden" to the user. Threat actors or users can also execute those compressed files from a command line prompt, if they know the exact path. As a result of executing "attrib -s -h" to system protected files, an unknown file type is created from the type "Unknown" ActiveX component. More details will be published in our blog. Microsoft classified it as a low-severity vulnerability.

ClearSky claims it found a Windows UI zero-day exploited in the wild by the MustangPanda APT

x.com/ClearskySec/...

Israeli spyware maker NSO Group claims it rejected contracts last year worth over $20 million due to human rights abuse concerns.

Source, the company's transparency report.

PDF: www.nsogroup.com/wp-content/u...

Trump presidency take 2 meme summary.

A meme for the cyber pals to gear up for 2025.

You might have seen me post throughout the years about financially motivated hacktivists..

This is an example here, Usersec, who has been making plenty of claims lately, is offering a course for a fee to their followers.

Anyone got a read on this 'lockbit 4.0' telegram page? Not Vibing right.

Standard operating procedure for pro-Russian hacktivists and especially Noname05716. Triggered by geopolitical events to conduct DDoS attacks, this time on the UK.

#cybersecurity #UK #russiaukrainewar

Is this what is happening to Tik Tok? 🤷‍♂️🤷‍♂️🤷‍♂️

The first indication that pro-Russian hacktivist will be active for President Trumps inauguration is starting to appear.

Expect hacktivist groups to be active closer to the 19th, conducting mostly DDoS - noname05716 and overflame to likely be the most active.

#cybersecurity #usa

Coldplay and Upsahl songs stolen by Luton cyber hacker Skylar Dalziel made about £42,000 from selling music she had stolen, including Shawn Mendes music.

British authorities have sentenced 22-year-old Skylar Dalziel to 21 months in prison for hacking and stealing unreleased music from famous artists like Coldplay and Bebe Rexha

www.bbc.com/news/article...

Is it a form of flattery that makes some cyber actors use @briankrebs.bsky.social name and images. It can't be a means of attention since the groups never get a mega boost from it.

Seems to happen on occasion on Breach and now a bit on Telegram.

Hacktivist activity linked to geopolitical events won't be slowing down in 2025.

We can expect more convergence between pro-russian and pro-palestine hacktivists.

We will also continue to see new groups emerge, like Moscow Pentest.

Pro-palestine hacktivists, RootDos are targeting Migros bank in Europe.

The group exclusively targets, European banks and often disrupts websites with their DDoS attacks.

#cybersecurity

Pro-Russian hacktivists, Zarya announce they have been in the shadows for 2024 but will share what they have been up to in 2025.

The group has been linked to Russian state-cyber actors.

#RussiaUkraineWar #cybersecurity

Apparently there is a Russian tourist site for parts of Ukraine, Hdr0, pro-Ukraine hacktivists have defaced the site in protest.

#RussiaUkraineWar #cybersecurity

Anonymous Libya have commenced operations and declares interest in targeting NATO and the United States.

#cybersecurity #Libya

Hacktivist cross-overs with other threats continue.

Alliance404 a pro-Palestine, Pro-Islam hacktivist group has now become the cyber-wing of a newly formed 'self-claimed Islamic resistance group' with possible linked to Hezbollah known as 'Al-Islamiya Brigade'.

Holy League and their pro-Russia groups continue to move through Europe.. This often happens when there is not a definitive geopolitical trigger to drive targeting.

Holy League has re-established itself as the unofficial command and control for many pro-Russian groups.

This comes after a leadership change for Cyber Army Russia Reborn, who has been in charge since the civil war of late 2023.

#cybersecurity #RussiaUkraineWar

Several hacktivists groups were active in support of rebel forces since 1 December.

Also been a few groups who are now targeting Russia due to them harbouring Assad.
#cybersecurity #Syria #Russia #cybertracker