Daniel
@DanielOfService
Cybersecurity enthusiast with the main interest in DFIR | Tweet in English and Indonesian
You might like
Have a mixed feeling of excitement and nervousness for publishing my very first malware analysis write-up ever: Deobfuscating Tricky Excel Macro and Nine Layers of Powershell Obfuscation Underneath It danielsuryanata.wordpress.com/2019/05/30/deo…
🇰🇵 Livestreaming from a #Lazarus laptop farm. 📼 For the first time ever, we recorded DPRK’s Famous Chollima full attack cycle: interviews, internal chats, every tool they use and every single click they made. Get ready for tons of raw footage. ⬇️ Full article via ANYRUN.
🚨 New Shai-Hulud-style npm attack hitting 25k+ repos and growing fast. Devs & CI/CD exposed via malicious preinstall. Wiz Research has detection + mitigation. Details: wiz.io/blog/shai-hulu…
‼️ Meet Ryan Clifford Goldberg, a Digital Forensics and Incident Response manager at Sygnia, he is one of three insiders accused of cybercrimes. He allegedly conducted cyberattacks using ALPHV BlackCat ransomware. Goldberg and two other insiders ran ransomware operations since…
My CISO wants me to force my employees to get a security certification so I'm getting them all TLS certificates from letsencrypt Checked the checkbox, boss
🚨 The Fake Ledger That Stole Everything (1/8) James* thought he was safe. He used a Ledger hardware wallet, kept his 24 words private, and followed every crypto security tip out there. Then one day… a package arrived. 🧵👇
🚨 Breaking: Coinbase reveals insider threat incident where overseas support agents were bribed to exfiltrate customer data. Company refusing $20M extortion demand, instead offering same amount as bounty for threat actor identification.
I’ve been a vocal critic of AI developments – in 2023 I still dismissed a lot of the hype. Last year, I stayed mostly silent. Not because I agreed, but because I started seeing signs that impressed me. This year, after what we’ve built and tested internally across several areas,…
It’s Monday, and you know what that means? A fresh new week of chaos in IR. Here are some real red flags I’ve come across in AWS environments while investigating security events — the kind that make my brain twitch 🧠⚡👇
We’re seeing a clear trend: attackers are bypassing the endpoint entirely. Not just avoiding traditional EDR-monitored systems by pivoting to embedded and edge devices, but now also operating purely in the cloud. No shell, no malware, no persistence on the endpoint. Just an OAuth…
.@Volexity #threatintel: Multiple Russian threat actors are using Signal, WhatsApp & a compromised Ukrainian gov email address to impersonate EU officials. These phishing attacks abuse 1st-party Microsoft Entra apps + OAuth to compromise targets. volexity.com/blog/2025/04/2… #dfir
Nothing new in the article tbh. Just him straight up admitting everything and the "trolley problem". But still worth a peek if you wanna see the full drama unfold bloomberg.com/news/features/…
#IngressNightmare: Wiz Research uncovers a critical vulnerability in Ingress-NGINX 🚨 Wiz Research found a novel attack vector in one of Kubernetes's most fundamental projects, Ingress-NGINX, which is rated CVSS 9.8.
Gak hanya kemampuan teknis di pekerjaan, ada juga soft skill yang penting dimiliki manager untuk sukses Menurut lo, apa syarat sukses jadi manager yang belum banyak orang tau
The best practice is: when you see these 3 steps being instructed: 1. Windows + R 2. Ctrl + V 3. Enter Just do NOT! Close it immediately, whatever the narative is. I have not seen anything good come out of it. Turut berduka cita buat masnya. Semoga bisa cepet kekumpul uang lg
saat proses verify akan diarahkan bahwa proses verify gagal dan diarahkan melalui metode manual
Trump pardons Ross Ulbricht after eleven years in prison. An incredible twist in the never-ending Silk Road saga. wired.com/story/trump-fr…
We got Donald Trump selling HotDogs in Chongqing before GTA 6
Masih ingat tweet ini? Bbrp minggu yang lalu gw ngulik apa isi code yang mentrigger Microsoft Defender di VMnya @hynzoime_ dan ini yang dibilang oleh media infosec sebagai InfoStealer. Gw bahas detil teknis apa yang ada di dalam code ini. Gak pake iklan tentunya 🧵
Saya memiliki peristiwa yang sama dengan kasus eksploitasi yang terjadi di @indodax & @WilliamSutant0 , izin speak up agar banyak masyarakat atau bahkan Software Engineer terhindar dari scam di dunia web3 ini. Bedanya saya sempat skeptis & saya coba running di virtual machine.
Since 2021, crypto sleuth @zachxbt has helped recover nearly half a billion $ for scam/theft victims. Last month he cracked a $243m heist, the biggest ever to target a single person. He's never revealed his name or face, but spoke to me for this profile: wired.com/story/meet-zac…
„installing Wazuh agents on victims‘ devices“ … I love it 🖤 because the question is: why use a C2 and risk detection when legitimate tools offer 90% of the functionality and usually fly under the radar of AVs/EDRs?
New @kaspersky report: Cybercriminals are spreading #malware via fake websites with popular software like uTorrent, Microsoft Office, & Minecraft, and through #Telegram channels and #YouTube, installing Wazuh SIEM agents on victims’ devices. Full report: kas.pr/9icb
United States Trends
- 1. #TheTraitorsUS N/A
- 2. #TNAiMPACT N/A
- 3. #911onABC N/A
- 4. #thepitt N/A
- 5. Warsh N/A
- 6. Candiace N/A
- 7. Abigail N/A
- 8. #LGRW N/A
- 9. Cooper Flagg N/A
- 10. Eddie N/A
- 11. Mark Aguirre N/A
- 12. Ian Cunningham N/A
- 13. Iron Lung N/A
- 14. Yam Yam N/A
- 15. Lindgren N/A
- 16. whitaker N/A
- 17. Patrick Kane N/A
- 18. langdon N/A
- 19. Kon Knueppel N/A
- 20. Dillon Brooks N/A
Something went wrong.
Something went wrong.