Jeremy Kirk
Okta Threat Intelligence. Personal account. Interests: Cybercrime, cyber threat intelligence, OSINT, data breaches. Formerly intel analysis @ Intel 471.
- An AI security and governance company, Knostic, has written some scripts to detect OpenClaw and also monitor what it's up to. Via the SANS blog: isc.sans.edu/diary/rss/32...
- Two Microsoft researchers developed ways to detect backdoored LLMs, but the methods require access to model files (open weight) and can't be run on proprietary models accessible only by API. #infosec www.microsoft.com/en-us/securi...
- The CIA announced it will no longer maintain the CIA World Factbook. Fun fact about the factbook: CIA officers contributed personal travel photos for it, which under U.S. law are copyright free: www.cia.gov/stories/stor...
- AI "butler" OpenClaw and an agentic AI social network, Moltbook, are here. What are the identity lessons that can be drawn from AI agents running amok? Okta's view here: www.okta.com/newsroom/art...
- A study of Moltbook (current as of Jan. 31) found that 2.6% of posts were some form of prompt injection and 19.3% contained cryptocurrency-related content. Study by Simula & SimulaMet: zenodo.org/records/1844...
- This AU$36 DC isolator for solar panels failed and just about burnt our house down today. It was just over two years old. DC isolators are not recommended in #Australia due to fire risks. If you have them, replace them with disconnection points.
- The Germans have added Russian man Oleg Nefedov to its Most Wanted list. Nefedov is alleged to be the leader of the Black Basta ransomware group and went by monikers including tramp, kurva, gg and Washingt0n. #infosec www.bka.de/DE/IhreSiche...
- Malicious hackers often get caught. But here's the story of a Russian man involved in cybercrime from the Angler exploit kit through today who slipped away. Audio preview of @intel471.bsky.social's Cybercrime Exposed podcast👇. Episode on Spotify and Apple. #infosec www.intel471.com/resources/po...
- The age verification industry is booming with the new regulations in the U.K. and Australia. In the UK, the @openrightsgroup.org is calling for stronger security standards since online platforms may opt for the cheapest, less vigilant vendors, www.openrightsgroup.org/press-releas... #infosec
- Hats off to @404media.co for creating a public library beat. I worked at two public libraries in the past, and access to information has never been more fraught and delicate than now. 👏 This latest one about AV collections from @clurrese.bsky.social a great read: www.404media.co/the-last-vid...
- Reposted by Jeremy Kirk[Not loaded yet]
- Anthropic's AI cyberespionage report feels as odd as the last one. Just 13 pages, it has none of the traditional components of a usual threat intel report (IoCs, payload hashes, etc.) and it seems to bury the lead re: technical sophistication. I wonder if a target will come forward. #infosec
- Lost iPhones can display a phone number or email of the owner, and thieves are now leveraging that to phish Apple ID credentials from the hapless owner and remove the Activation Lock. #infosec www.ncsc.admin.ch/ncsc/en/home...
- Famed Russian spy hunter Christo Grozev claimed on this podcast four months ago that North Korea hacked the Democratic National Committee in 2016 and passed the info to Russia, which in exchange divulged access to Bangladesh Bank. 🤔 #infosec Passage at 13m 31s: www.youtube.com/watch?v=dimh...
- Accused ALPHV/BlackCat ransomware affiliate Ryan Goldberg made US$214,000 a year working in incident response for Sygnia but told the FBI he was in debt as the reason for getting involved in ransomware, according to court documents. He initially denied involvement in the attacks. #infosec
- Winnie wanted to lay on the keyboard so I guess this is the second-best position. 😀
- @daveaitel.bsky.social One question that popped into my head re: AIs finding bugs is what happens when adversaries start using them to find bugs and develop exploits at scale. Is it going to be mayhem?
- Three U.S. nationals who worked in incident response and ransomware negotiations allegedly became ALPHV/Black Cat affiliates and conducted at least five attacks over two years. #infosec cyberscoop.com/incident-res...
- Terrific discussion with OpenAI's @daveaitel.bsky.social on @ryanaraine.bsky.social's Three Buddy Problem podcast about Aardvark, which is OpenAI's new agentic bug-hunting tool. It's a must listen if you're in security. #infosec www.youtube.com/watch?v=EwMJ...
- Here's an analysis from @intel471.bsky.social of the delicate dynamics in play regarding a secret U.S. FBI task force called Group 78 that European law enforcement officials say used covert tactics to disrupt the Black Basta ransomware group. #infosec www.intel471.com/blog/the-fbi...
- A Romanian prisoner hacked a prison management platform, changing permissions to allow inmates to view porn and padding their commissary accounts by increasing their balances. Great story by @campuscodi.risky.biz in Risky Business News. #infosec news.risky.biz/risky-bullet...
- Bruce Schneier on how security may be impossible for web-enabled LLMs: "We built a system that trusts everything, and now we hope for a semantic firewall to keep it safe. The adversary isn’t inside the loop by accident; it’s there by architecture." #infosec www.schneier.com/blog/archive...
- Le Monde reports of a secret FBI unit called Group 78 tasked with using covert tactics to disrupt Russian ransomware groups. The Europeans were not happy about it. #infosec
- Very interesting research into a very serious Microsoft Entra bug (CVE-2025-55241). dirkjanm.io/obtaining-gl...
- The Register reports Microsoft has cut off Chinese vendors from its MAPP program, which gives advanced warning of pending patches so vendors can prepare. #infosec www.theregister.com/2025/08/21/m...
- A new episode of @intel471.bsky.social's Cybercrime Exposed podcast is out! DukeEugene is a Russian Android malware dev who has a big problem, and he puts everything on the line to solve it. Link to pod here: www.intel471.com/resources/po...
- Trail of Bits has open-sourced its Buttercup Cyber Reasoning System, an AI tool that can find vulnerabilities in open source repositories and then patch them using a multi-agent AI patcher. #infosec Project here: github.com/trailofbits/...
- Reposted by Jeremy Kirk[Not loaded yet]
- Onery Apple decided to comply with right-to-repair laws by making spare parts available but for massively, makes-no-sense prices. A $20 charge port is being sold for $250. Outrageous. By @404media.co. www.404media.co/apple-is-sel...
- Well, if this is accurate so be it - fair, scoped play. At least US spies didn't try to exploit every vulnerable one it found on the internet, like (ahem). #infosec www.theregister.com/2025/08/01/c...
- Some 110,000 ChatGPT conversations that were (inadvertently?) allowed by users to become discoverable via search engines were picked up in the Wayback Machine. www.digitaldigging.org/p/chatgpt-co... #infosec
- Reposted by Jeremy KirkHoly shit, they did it. They wrote the headline.
- @campuscodi.risky.biz Coming off the SharePoint flaw mess, I found this line in the Risky Bulletin hilarious 🤣.
- Microsoft has introduced linkable token identifiers, which allow for greater precision when tracking the use of compromised credentials by differentiating between valid and malicious sessions. #infosec techcommunity.microsoft.com/blog/microso...
- Jacob Larsen is an #infosec pro who was involuntarily pulled into the dark world of doxing. I spoke with him about doxing's effects, how sites like Doxbin use legal loopholes and how to defend against being doxed. Latest Studio 471 podcast from @intel471.bsky.social www.youtube.com/watch?v=y5AO...
- The administrator of the XSS cybercrime forum has been arrested in Kyiv. #infosec www.europol.europa.eu/media-press/...
- The infamous XSS cybercrime forum appears to have been seized. #infosec
- R.I.P Ozzy.
