CIRCLE WITH A DOT

Drone and UAV ForensicThis repository is designed to accelerate the forensic analysis of DIY FPV drones and to help automate technical reporting from seized or recovered artifacts.The goal is pragmatic: extract useful evidence faster, normalize outputs, and produce data that can be reused in reports or shared into investigative platforms such as MISP. https://github.com/CIRCL/Drone-Forensic#drone #uav #opensource #dfir #threatintelligence #threatintel #misp #digitalforensics @circl @misp

️ Now Announcing: A New Cybersecurity Session at BSides Luxembourg𝗖𝗢𝗠𝗣𝗥𝗘𝗛𝗘𝗡𝗦𝗜𝗩𝗘 𝗙𝗥𝗔𝗠𝗘𝗪𝗢𝗥𝗞 𝗙𝗢𝗥 𝗔𝗡𝗔𝗟𝗬𝗭𝗜𝗡𝗚 𝗔𝗡𝗗 𝗗𝗘𝗧𝗘𝗖𝗧𝗜𝗡𝗚 𝗠𝗔𝗟𝗜𝗖𝗜𝗢𝗨𝗦 𝗕𝗥𝗢𝗪𝗦𝗘𝗥 𝗘𝗫𝗧𝗘𝗡𝗦𝗜𝗢𝗡𝗦 – Van NguyenTake a closer look at one of the web’s most overlooked threats in this 30-minute lightning talk session feature within the Actionable CTI and Detection Engineering Village. This session dives into the growing risk of malicious browser extensions and how they silently impact millions of users through tracking, redirects, ad injection, data theft, and other unwanted actions.Built on a curated dataset of 460 malicious extensions removed from the Chrome Web Store, this talk presents a practical detection framework combining static and dynamic analysis techniques, including CodeQL and Python-based workflows. A valuable session for analysts, threat hunters, and defenders looking to better understand browser-based threats.Van Nguyen is a Security Analyst with a strong background in Software Engineering, Machine Learning, and IT Security, currently focusing on modern threat analysis and detection methodologies. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026 #BSidesLuxembourg2026 #ThreatIntelligence #DetectionEngineering #BrowserSecurity #CyberSecurity #Infosec

Another Power-Packed 𝗞𝗘𝗬𝗡𝗢𝗧𝗘 Joins BSides Luxembourg 2026!𝗞𝗜𝗟𝗟𝗜𝗡𝗚 𝗞𝗜𝗟𝗟𝗡𝗘𝗧 – Alex HoldenStep inside a gripping 40-minute keynote that uncovers the real story behind one of the most visible hacktivist groups. What appeared to be a decentralized force was, in reality, a tightly controlled operation—until a small team exposed its weak points and brought it down.From uncovering financial ties to dark web markets to dismantling internal trust within the group, this session reveals how targeted investigation, OSINT, and strategic pressure can collapse even high-profile adversaries. A powerful case study in modern cyber disruption and how small teams can take on global threats.Alex Holden is the founder and CISO of Hold Security, LLC, and a leading expert in threat intelligence. His work focuses on understanding cybercriminal operations and helping organizations build stronger defenses against real-world attacks. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026 #BSidesLuxembourg2026 #Keynote #ThreatIntelligence #OSINT #CyberSecurity #Infosec

New ransom group blog posts!Group name: dragonforcePost title: delonhampton.comInfo: https://cti.fyi/groups/dragonforce.htmlGroup name: dragonforcePost title: ibswebsite.comInfo: https://cti.fyi/groups/dragonforce.html#ransomware #cti #threatintelligence #cybersecurity #infosec

NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Softwarehttps://thehackernews.com/2026/04/nasa-employees-duped-in-chinese.htmlRead on HackerWorkspace: https://hackerworkspace.com/article/nasa-employees-duped-in-chinese-phishing-scheme-targeting-u-s-defense-software#cybersecurity #compliance #threatintelligence

DARPA seeks deep-sea drones for autonomous warfare pushhttps://www.theregister.com/2026/04/24/pentagons_deep_sea_drones/Read on HackerWorkspace: https://hackerworkspace.com/article/darpa-seeks-deep-sea-drones-for-autonomous-warfare-push#cybersecurity #threatintelligence #aisecurity

How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite | Google Cloud Bloghttps://cloud.google.com/blog/topics/threat-intelligence/unc6692-social-engineering-custom-malwareRead on HackerWorkspace: https://hackerworkspace.com/article/how-unc6692-employed-social-engineering-to-deploy-a-custom-malware-suite-google-cloud-blog#malware #databreach #threatintelligence

New ransom group blog post!Group name: qilinPost title: Chase Cooper Limited (RiskLogix Solutions)Info: https://cti.fyi/groups/qilin.html#ransomware #cti #threatintelligence #cybersecurity #infosec

Your security tools might have missed this one. RustyStealer is actively targeting networks right now — here's what you need to know before it hits yours.Full analysis: https://threatchain.io/rustystealer-sample-detected-setup-exe-4c351350#cybersecurity #threatintelligence #infosec #SIEM

Some updates on the MISP Galaxy website:https://www.misp-galaxy.org/mitre-fraud-framework/#It now includes a matrix-like view of the galaxy for @misp #misp #cti #threatintel #threatintelligence

New ransom group blog post!Group name: ransomhousePost title: Star Energy Geothermal SalakInfo: https://cti.fyi/groups/ransomhouse.html#ransomware #cti #threatintelligence #cybersecurity #infosec

Your security tools might have missed this one. SnappyClient is actively targeting networks right now — here's what you need to know before it hits yours.Full analysis: https://threatchain.io/snappyclient-sample-detected-yrjkhywk-msi-562d8f83#cybersecurity #threatintelligence #infosec #SIEM

Malicious TikTok Downloader Extensions Quietly Compromised 130K Usershttps://www.techrepublic.com/article/news-malicious-tiktok-downloader-extensions/Read on HackerWorkspace: https://hackerworkspace.com/article/malicious-tiktok-downloader-extensions-quietly-compromised-130k-users#malware #databreach #threatintelligence

@julie New-ish. We had a report of some ClickFix activity that used it, and was related to a recent Elastic report.https://discourse.ifin.network/t/phantompulse-rat-macos-using-clickfix/302

New ransom group blog posts!Group name: worldleaksPost title: Equatorial Coca-Cola BottlingInfo: https://cti.fyi/groups/worldleaks.htmlGroup name: shinyhuntersPost title: 7-Eleven, Inc. (7-eleven.com)Info: https://cti.fyi/groups/shinyhunters.htmlGroup name: shinyhuntersPost title: Pitney Bowes Inc. (pb.com)Info: https://cti.fyi/groups/shinyhunters.htmlGroup name: shinyhuntersPost title: The Canada Life Assurance Company (canadalife.com)Info: https://cti.fyi/groups/shinyhunters.html#ransomware #cti #threatintelligence #cybersecurity #infosec

Another Power-Packed Session Joins BSides Luxembourg 2026!𝗪𝗛𝗬 𝗜 𝗚𝗢 𝗧𝗢 𝗧𝗛𝗘 𝗗𝗔𝗥𝗞 𝗪𝗘𝗕 𝗘𝗩𝗘𝗥𝗬 𝗗𝗔𝗬– Alex HoldenTalk (40 minutes)Venture into a 40-minute talk that takes you beyond the traditional security perimeter and straight into the Dark Web, where cybercriminals plan, collaborate, and operate. This session reveals how understanding attacker behavior, language, and ecosystems can transform the way defenders anticipate and prevent threats before they materialize.Through real-world experiences and practical examples, you’ll explore different threat actor profiles, their motivations, and how they operate in hidden environments. The talk emphasizes defensive intelligence—learning how to safely navigate, observe, and extract insights from the Dark Web to strengthen proactive security strategies.Alex Holden is the founder and CISO of Hold Security, LLC, widely recognized for his work in threat intelligence and cybercrime research. He specializes in studying cybercriminal behavior and using those insights to help organizations build stronger defenses against evolving threats. Conference Dates: 6–8 May 2026 | 09:00–18:00️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://pretalx.com/bsidesluxembourg-2026/schedule/ Want to navigate the event easily? Check out the full schedule on Hacker Tracker:https://hackertracker.app/schedule?conf=BSIDESLUX2026 #BSidesLuxembourg2026 #CyberSecurity #DarkWeb #ThreatIntelligence #OSINT #BlueTeam

Speaker Spotlight: New Talk at BSides Luxembourg 2026𝗣𝗔𝗡𝗘𝗟 𝗗𝗜𝗦𝗖𝗨𝗦𝗦𝗜𝗢𝗡: 𝗧𝗛𝗘 𝗙𝗨𝗧𝗨𝗥𝗘 𝗢𝗙 𝗗𝗘𝗧𝗘𝗖𝗧𝗜𝗢𝗡 𝗘𝗡𝗚𝗜𝗡𝗘𝗘𝗥𝗜𝗡𝗚 – Diana Waithanji , Ondrej Nekovar, Remi Seguy, Andrii B. Join a dynamic 40-minute panel bringing together leading voices in detection engineering to explore where the field is heading next. Building on insights from the village sessions, this discussion dives into evolving tools, methodologies, and the growing role of AI, pipelines, and collaborative detection strategies.From open-source innovation to multi-SOC collaboration and CTI-driven approaches, this session offers a forward-looking conversation on how detection engineering will adapt to increasing complexity and scale. Expect practical insights, diverse perspectives, and audience-driven discussion on the future of cyber defense.Diana Waithanji, CISSP is a cybersecurity professional at SAP Cloud Infrastructure and an advocate for data privacy as a human right. She is joined by Ondrej Nekovar, an expert in cyber defense and detection engineering; Remi Seguy, lead of the OpenTide initiative; Andrii B., founder of SOC Prime and creator of innovative detection engineering tools. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026#BSidesLuxembourg2026 #DetectionEngineering #ThreatIntelligence #SOC #CyberSecurity #Infosec

Your security tools might have missed this one. Gafgyt is actively targeting networks right now — here's what you need to know before it hits yours.Full analysis: https://threatchain.io/gafgyt-sample-detected-sh4-df0f35be#cybersecurity #threatintelligence #infosec #SIEM

New ransom group blog posts!Group name: AiLockPost title: PremComInfo: https://cti.fyi/groups/AiLock.htmlGroup name: pearPost title: Kinsmen TeleMiracleInfo: https://cti.fyi/groups/pear.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog posts!Group name: qilinPost title: Sea Air International ForwardersInfo: https://cti.fyi/groups/qilin.htmlGroup name: qilinPost title: Kolin TurkeyInfo: https://cti.fyi/groups/qilin.htmlGroup name: securotropPost title: Synergy EngineeringInfo: https://cti.fyi/groups/securotrop.html#ransomware #cti #threatintelligence #cybersecurity #infosec