SwitHak (👁️)

Army Secretary forces West Point to rescind appointment given to Easterly The United States Military Academy abruptly ended the appointment of Jen Easterly to a high-profile academic position in West Point’s Department of Social Sciences, according to a memorandum issued We...

In another episode of “we live in the stupidest timeline,” Jen Easterly, a woman I have (1) never met and (2) did not work for, had her appointment at West Point terminated because Laura Loomer lied about both of us in a tweet.

cyberscoop.com/jen-easterly...

Russia will move its electronic document signing system from its official government portal to the new Max national messenger app

Officials plan to integrate government services into Max by October and transform it into an everything-app for Russians—like China's WeChat.

www.rbc.ru/rbcfreenews/...

Decoding Secrets Through Symbols: How Military Insignia Revealed Russia's Hidden SIGINT Network - CheckFirst Sometimes the best intelligence comes from the most unexpected sources. Our latest investigation proves this by using Russian online military insignia stores to map one of the FSB's most secretive uni...

Decoding Secrets Through Symbols: How Military Insignia Revealed Russia’s Hidden SIGINT Network by @checkfirst.network
↘️
checkfirst.network/decoding-sec...

Armenian National Extradited to the United States Faces Federal Charges for Ransomware Extortion Conspiracy An Armenian national extradited from Ukraine to the United States faces federal charges for his role in Ryuk ransomware attacks and extortion conspiracy targeting companies throughout the United State...

Armenian extradited to US for role in Ryuk ransomware attacks

www.justice.gov/usao-or/pr/a...

Exploitation of CitrixBleed 2 (CVE-2025-5777) Began Before PoC Was Public GreyNoise has observed active exploitation attempts against CVE-2025-5777 (CitrixBleed 2), a memory overread vulnerability in Citrix NetScaler. Exploitation began on June 23 — nearly two weeks before a public proof-of-concept was released on July 4.

🩸& #threatintel | We (GreyNoise) just published a quick note (www.greynoise.io/blo...) regarding CVE-2025-5777 - CitrixBleed 2
1/2

Finally got the time to read it.
So great paper, a lot of red flags and got me some thoughts about how you can apply these lessons to vetting sources in the Cyber ops.
Also a very good case to study!
Thanks for the work @wylienewmark.bsky.social

Congratulations 🎉
I need to find time to read this one, also the other papers in the issue are looking great too 👀

*sarcastic*
That's how you get the big guys to know your service name, important during the budget decision to have support from them, especially in these cuts and DOGE thingies...

Outstanding work from @julianferdinand.bsky.social, @lawrencesec.bsky.social, and our Malicious Infrastructure Discovery (MID) team.

GrayAlpha shows how financially motivated actors operate with APT-level tradecraft.

Time to retire old threat models. Think in terms of ecosystems, not just malware.

NSO Group asks judge for new trial, calling $167 million in damages 'outrageous' | TechCrunch The spyware maker claims the damages it was ordered to pay are "excessive," and that the jury wanted to “bankrupt” the company.

NEW: NSO Group is trying to avoid paying $167 million in damages to WhatsApp.

In a court filing last week, the spyware maker asked the judge to order a new trial, or reduce the damages amount, arguing that the decision was “outrageous," and "reflects the improper desire to bankrupt NSO."

I can't wait to read the SDR that some say it should be released next Week (Monday).

Good work!
Also I would have added the IG/L part to explain why sometimes the technical evidence isn't released.
Also, it would benefit from distinguishing between Political attribution and the Technical one, some states do one, not the other.

License Plate Reader Company Flock Is Building a Massive People Lookup Tool, Leak Shows Flock, which has license plate readers (LPRs) all around the country, wants police to be able to “jump from LPR to person,” according to leaked audio obtained by 404 Media.

New from 404 Media: Flock, the license plate reader company that has cameras all across the U.S., is now building a massive people lookup tool using hacked data. The plan is to "jump from LPR to person." Won't require a warrant. This is according to leak we obtained.

www.404media.co/license-plat...

Exposing DPRK - DTEX Systems Explore DPRK cyber strategy and threat indicators. Uncover how North Korean operatives and IT workers drive global cyber espionage.

Exposing #DPRK:
Nation-State Threat Actors
↘️
www.dtexsystems.com/exposing-dprk/

After a post‑pandemic dip in 2022, Canadians' social media account ownership and usage have largely rebounded, new State of Social Media in Canada 2025. (n=1,500) socialmedialab.ca/2025/05/05/n...

EFF Leads Prominent Security Experts in Urging Trump Administration to Leave Chris Krebs Alone SAN FRANCISCO – The Trump Administration must cease its politically motivated investigation of former U.S. Cybersecurity and Infrastructure Security Agency Director Christopher Krebs, the Electronic F...

Now is the time to stand up against the Trump administration as it tries to bully the cybersecurity community by targeting Chris Krebs. Sign on to our open letter:

www.eff.org/press/releas...

🪧Rethinking Data Visualisation for CTI
🗣️Chris Horsley at @cosiveco
⏱️074250 - 081320

🪧Scoring Vulnerabilities by Leveraging Activity Data from the Fediverse
🗣️ @adulau & Cédric Bonhomme at @circl_lu
⏱️071000 - 074220
↘️
www.vulnerability-lookup.org

🪧Bridging Gaps in CTI: Using PIRs for Threat-Informed Security
🗣️Keith Swagler, Ondra Rojcik & Ondra Rojčík @RedHat
⏱️061354 - 064029
↘️
red.ht/pir

🪧Analyst in a SOC by Day, CTI Developer by Night
🗣️ Bianka Bálint at DEKRA
⏱️ 054130 - 061340

🪧Securing Green Energy: CTI, OT, and Geopolitics
🗣️ Ilmar Üle @Orsted
⏱️TLP:AMBER (Not Available)

Report: The Influence of Geopolitics on Cyber Threat Intelligence Teams In today’s volatile world stage, the convergence of geopolitical and cyber threats creates complex challenges for organisations across the globe. Understanding how these issues intersect is essential ...

🪧Leveraging Geopolitical Intelligence in the Private Sector: Key Findings from a Multi-Industry Study
🗣️ @Silobreaker
⏱️032400 - 035350
↘️ (Gated Access)
www.silobreaker.com/resources/re...

SIMKRA – Medium Read writing from SIMKRA on Medium. Every day, SIMKRA and thousands of other voices read, write, and share important stories on Medium.

🪧Navigating the Fog of War
🗣️ @simonekrausora1 & @_John_Doyle
⏱️025510 - 032340
↘️
medium.com/@simone.kraus

🪧Numbers Game, The case for quantifying Cyber Threats
🗣️Scott Small @TidalCyber @scott
⏱️022430 - 025454
↘️
www.tidalcyber.com/threatpebook...

CTI-CMM on X: "🚨 Big News! Version 1.2 of the CTI-CMM framework is here! 🚨 We’re proud to officially debut this release at the FIRST CTI Conference during the talk: 🎤 "Immaturity Can Be Fun: Just Not in a CTI Program" 🎤 by @gertjanbruggink What’s new in v. 1.2? ✨ A brand-new https://t.co/G16C5RxOTN" / X 🚨 Big News! Version 1.2 of the CTI-CMM framework is here! 🚨 We’re proud to officially debut this release at the FIRST CTI Conference during the talk: 🎤 "Immaturity Can Be Fun: Just Not in a CTI Program" 🎤 by @gertjanbruggink What’s new in v. 1.2? ✨ A brand-new https://t.co/G16C5RxOTN

🪧 Immaturity can be fun. Just not in a CTI Program!
🗣️ @gertjanbruggink
⏱️012700 - 015454
↘️
x.com/CTIcmm/statu...

🪧Decoding a Decade: 10 Years of Applied CTI Discipline
🗣️ @PDXbek @asfakian
⏱️ 005450 - 012600

2025 FIRST CTI Conference - Day 1 Plenary Sessions - Live Stream YouTube video by FIRST

#FIRSTCTI25 2025 Berlin | Day 01
↘️
www.youtube.com/live/2pSjbSx...

We're suing Trump to save library funding. Show up for our libraries, American Library Association.

NEW: ALA is going to court to stop the President’s attempts to illegally dismantle the Institute of Museum & Library Services.

The President does not have the authority to destroy a federal agency. That's why we're taking action with our co-plaintiff @afscme.bsky.social. #ForOurLibraries (1/3)

Merci au @lemonde.fr de publier ce soir ma tribune, écrite après ma relaxe par le tribunal de Créteil, qui faisait suite au procès en diffamation intenté par la chaîne RT France contre mon éditeur, l'INA, et moi-même. 1/3

#StandUpForScience

Guerre en Ukraine : trois années d'opérations informationnelles russes

Trois ans après le déclenchement de l’invasion du territoire ukrainien par les forces armées de la Fédération de Russie, #VIGINUM publie une synthèse des principaux modes opératoires informationnels observés depuis le 24 février 2022 ➡️ www.sgdsn.gouv.fr/publications...