home.social

#ukrainecyber — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #ukrainecyber, aggregated by home.social.

  1. паляниця 🇺🇦 @[email protected] ·

    Looking for early reviewers on chapters 2 + 3 of my BSc thesis (Pterodo network architecture + WinRAR exploit chain).

    Project notes live at github.com/palianytsia-200/U-OB-KY. Draft PDFs available — DM here on Mastodon or email [email protected]. Happy to trade reviews (your DFIR / detection-engineering writeup for mine).

    Especially looking for anyone with hands-on Gamaredon incident-response experience. The thesis is methodology-heavy but I want feedback from people who've actually had to triage this stuff in a real SOC.

    #Pterodo #ThreatIntel #DFIR #UkraineCyber

    #pterodo #threatintel #dfir #ukrainecyber
  2. TechNadu @[email protected] ·

    The CANFAIL campaign demonstrates structured, LLM-assisted phishing operations attributed to a suspected Russian-linked actor.

    Per Google Threat Intelligence Group:
    • Sectoral targeting: defense, military, energy, aerospace
    • Regionally tailored email list generation
    • Google Drive-hosted RAR payload delivery
    • Double-extension obfuscation (*.pdf.js)
    • JavaScript loader → PowerShell execution
    • Memory-only dropper
    • Fake error decoy
    • Links to PhantomCaptcha activity (via SentinelOne)

    LLMs were used for reconnaissance, lure generation, and post-compromise operational guidance.

    This signals operational AI integration into state-aligned cyber campaigns.

    Are detection models prepared for LLM-generated phishing artifacts?

    Engage below.
    Follow TechNadu for deep technical analysis.

    #ThreatIntel #CANFAIL #APTActivity #PhishingDetection #LLMThreats #PowerShellAbuse #UkraineCyber #C2Infrastructure #SOC #BlueTeam #CyberOperations #MalwareAnalysis #Infosec

    #threatintel #canfail #aptactivity #phishingdetection #llmthreats #powershellabuse
  3. TechNadu @[email protected] ·

    The CANFAIL campaign demonstrates structured, LLM-assisted phishing operations attributed to a suspected Russian-linked actor.

    Per Google Threat Intelligence Group:
    • Sectoral targeting: defense, military, energy, aerospace
    • Regionally tailored email list generation
    • Google Drive-hosted RAR payload delivery
    • Double-extension obfuscation (*.pdf.js)
    • JavaScript loader → PowerShell execution
    • Memory-only dropper
    • Fake error decoy
    • Links to PhantomCaptcha activity (via SentinelOne)

    LLMs were used for reconnaissance, lure generation, and post-compromise operational guidance.

    This signals operational AI integration into state-aligned cyber campaigns.

    Are detection models prepared for LLM-generated phishing artifacts?

    Engage below.
    Follow TechNadu for deep technical analysis.

    #ThreatIntel #CANFAIL #APTActivity #PhishingDetection #LLMThreats #PowerShellAbuse #UkraineCyber #C2Infrastructure #SOC #BlueTeam #CyberOperations #MalwareAnalysis #Infosec

    #threatintel #canfail #aptactivity #phishingdetection #llmthreats #powershellabuse
  4. TechNadu @[email protected] ·

    The CANFAIL campaign demonstrates structured, LLM-assisted phishing operations attributed to a suspected Russian-linked actor.

    Per Google Threat Intelligence Group:
    • Sectoral targeting: defense, military, energy, aerospace
    • Regionally tailored email list generation
    • Google Drive-hosted RAR payload delivery
    • Double-extension obfuscation (*.pdf.js)
    • JavaScript loader → PowerShell execution
    • Memory-only dropper
    • Fake error decoy
    • Links to PhantomCaptcha activity (via SentinelOne)

    LLMs were used for reconnaissance, lure generation, and post-compromise operational guidance.

    This signals operational AI integration into state-aligned cyber campaigns.

    Are detection models prepared for LLM-generated phishing artifacts?

    Engage below.
    Follow TechNadu for deep technical analysis.

    #ThreatIntel #CANFAIL #APTActivity #PhishingDetection #LLMThreats #PowerShellAbuse #UkraineCyber #C2Infrastructure #SOC #BlueTeam #CyberOperations #MalwareAnalysis #Infosec

    #infosec #malwareanalysis #cyberoperations #blueteam #soc #c2infrastructure
  5. TechNadu @[email protected] ·

    The CANFAIL campaign demonstrates structured, LLM-assisted phishing operations attributed to a suspected Russian-linked actor.

    Per Google Threat Intelligence Group:
    • Sectoral targeting: defense, military, energy, aerospace
    • Regionally tailored email list generation
    • Google Drive-hosted RAR payload delivery
    • Double-extension obfuscation (*.pdf.js)
    • JavaScript loader → PowerShell execution
    • Memory-only dropper
    • Fake error decoy
    • Links to PhantomCaptcha activity (via SentinelOne)

    LLMs were used for reconnaissance, lure generation, and post-compromise operational guidance.

    This signals operational AI integration into state-aligned cyber campaigns.

    Are detection models prepared for LLM-generated phishing artifacts?

    Engage below.
    Follow TechNadu for deep technical analysis.

    #ThreatIntel #CANFAIL #APTActivity #PhishingDetection #LLMThreats #PowerShellAbuse #UkraineCyber #C2Infrastructure #SOC #BlueTeam #CyberOperations #MalwareAnalysis #Infosec

    #threatintel #canfail #aptactivity #phishingdetection #llmthreats #powershellabuse
  6. Tarnkappe.info @[email protected] ·

    📬 Ukraine warnt vor Cyber-Angriffen auf den Telegram-Messenger
    #Hacking #Armageddon #Gamaredon #Phishing #Telegram #Ukraine #UkraineCyber​​Police tarnkappe.info/artikel/hacking

    #ukrainecyber #ukraine #telegram #phishing #gamaredon #armageddon
  7. Tarnkappe.info @[email protected] ·

    📬Bulletproof Exchangers: Ukrainische Cyberpolice verhaftet Cyber-Gang📬 tarnkappe.info/bulletproof-exc #BulletproofExchangers #UkraineCyber​​Police #Krypto-Geldwäsche #DarkCommerce #Binance #Bitcoin #Poltawa #TRMLabs #Krypto

    #trmlabs #poltawa #bitcoin #binance #darkcommerce #krypto