CYBERWARCON is ONE WEEK AWAY! 💣💥💻 ✉️

Check out our website to view the agenda and plan your day, read more about our speakers, or buy a last minute ticket!

We can't wait to see everyone in Arlington, VA on November 19th!

www.cyberwarcon.com

12.11.2025 19:21 — 👍 4    🔁 3    💬 0    📌 0

I couldn't have asked for a better venue than #RooCon25
🇦🇺 for my first Cyber Threat Intel talk! It was an amazing and surreal experience. A huge thanks to the organizers for having me and another thanks to everyone that attended!

10.11.2025 17:55 — 👍 1    🔁 0    💬 0    📌 0

Meet our speaker Patrick Whitsell!

Patrick has expertise in monitoring and defending against cyber espionage threat actors.

His talk, "Cyber(trade)war: Paradigm Shift in Economic Espionage", will cover the shift in PRC state-sponsored cyber espionage.

Learn more! www.cyberwarcon.com

05.11.2025 19:47 — 👍 4    🔁 3    💬 0    📌 1

Yes, no, maybe robot?? Which is it @wxs.bsky.social!? 🤖

21.10.2025 00:12 — 👍 0    🔁 0    💬 1    📌 0

I'm super excited to be speaking at @cyberwarcon.bsky.social
this year! The lineup looks amazing, as always. including a keynote with Dimitri Alperovitch. 🤯

Check out the full agenda here!
cyberwarcon.com/agenda-25

09.10.2025 14:21 — 👍 1    🔁 0    💬 0    📌 0

Join @austinlarsen.me and me next Tuesday for a deep-dive into PRC-nexus threat actor capabilities! Learn about advanced social engineering tactics, novel malware delivery, and strategies to defend your organization.

www.brighttalk.com/webcast/7451...

09.09.2025 22:49 — 👍 1    🔁 1    💬 0    📌 0

PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats | Google Cloud Blog A social engineering campaign leveraging signed malware, evasive tactics, and captive portal hijacking.

New GTIG blog just dropped! 🥸🇨🇳🌐💼 ”Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats"! We're analyzing an operation that has it all; AitM, social engineering, signed malware, and more! Get the full breakdown here:
cloud.google.com/blog/topics/...

25.08.2025 16:13 — 👍 2    🔁 0    💬 0    📌 1

What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia | Google Cloud Blog A Russia-sponsored threat actor is impersonating the U.S. Department of State, and using phishing to gain access to email accounts.

So @gabagool.ing (who will henceforth be referred to as "gabbot") and I wrote some stuff on some ASP phishing campaigns: cloud.google.com/blog/topics/...

Citizen Lab worked closely with one of the targets and shared their work on it also: citizenlab.ca/2025/06/russ...

18.06.2025 17:04 — 👍 10    🔁 7    💬 0    📌 2

COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs | Google Cloud Blog Russian government-backed group COLDRIVER is using LOSTKEYS malware to steal files and system information from NGOs and western targets.

I wrote some details on LOSTKEYS: malware which we directly attribute to COLDRIVER. They don't deploy it often, but we have seen it a few times and want to make people aware of it.

cloud.google.com/blog/topics/...

07.05.2025 14:13 — 👍 18    🔁 14    💬 1    📌 1

a man and a woman are standing next to each other in a room and the man is talking to the woman . ALT: a man and a woman are standing next to each other in a room and the man is talking to the woman .

I thought going overboard on emojis was a requirement for blog announcements?

28.05.2025 18:51 — 👍 1    🔁 0    💬 1    📌 0

🚨 Heads up! 🚨 APT41 is using Google Calendar 🗓️ as their latest C2 trick. GTIG just pulled back the curtain 🎭 on the TOUGHPROGRESS malware campaign and how we shut it down 💪. Dive into the details here: 🚀https://cloud.google.com/blog/topics/threat-intelligence/apt41-innovative-tactics

28.05.2025 14:11 — 👍 8    🔁 4    💬 1    📌 3