Christoffer S.
@cstromblad.com
Father, husband, Swedish and cyber. Oh man, all the things cyber but mostly threat Intelligence. Dabble with Python. In the cyber field as a professional since 2001 […]
🌉 bridged from ⁂ https://swecyb.com/@nopatience, follow @ap.brid.gy to interact
🌉 bridged from ⁂ https://swecyb.com/@nopatience, follow @ap.brid.gy to interact
Reposted by Christoffer S.
New, from me: The Cloudflare Outage May Be a Security Roadmap
An intermittent outage at Cloudflare on Tuesday briefly knocked many of the Internet’s top destinations offline. Some affected Cloudflare customers were able to pivot away from the platform […]
[Original post on infosec.exchange]
An intermittent outage at Cloudflare on Tuesday briefly knocked many of the Internet’s top destinations offline. Some affected Cloudflare customers were able to pivot away from the platform […]
[Original post on infosec.exchange]
November 19, 2025 at 5:04 PM
New, from me: The Cloudflare Outage May Be a Security Roadmap
An intermittent outage at Cloudflare on Tuesday briefly knocked many of the Internet’s top destinations offline. Some affected Cloudflare customers were able to pivot away from the platform […]
[Original post on infosec.exchange]
An intermittent outage at Cloudflare on Tuesday briefly knocked many of the Internet’s top destinations offline. Some affected Cloudflare customers were able to pivot away from the platform […]
[Original post on infosec.exchange]
"Evidence" of collaboration between Russian and North Korean APTs.
https://www.gendigital.com/blog/insights/research/apt-cyber-alliances-2025
#threatintel #cybersecurity
https://www.gendigital.com/blog/insights/research/apt-cyber-alliances-2025
#threatintel #cybersecurity
Alliances of convenience: How APTs are beginning to work together
Gen Threat Labs uncover evidence of rare cross-country coordination between Russia’s Gamaredon and North Korea’s Lazarus
www.gendigital.com
November 19, 2025 at 11:11 PM
"Evidence" of collaboration between Russian and North Korean APTs.
https://www.gendigital.com/blog/insights/research/apt-cyber-alliances-2025
#threatintel #cybersecurity
https://www.gendigital.com/blog/insights/research/apt-cyber-alliances-2025
#threatintel #cybersecurity
A few stories you might have missed:
https://www.greynoise.io/blog/fortiweb-cve-2025-64446
Expected exploitation of Fortinet ../ vulnerabilities. Exploitation seen from November 17. Always the useful data from GreyNoise […]
https://www.greynoise.io/blog/fortiweb-cve-2025-64446
Expected exploitation of Fortinet ../ vulnerabilities. Exploitation seen from November 17. Always the useful data from GreyNoise […]
Original post on swecyb.com
swecyb.com
November 19, 2025 at 8:42 PM
A few stories you might have missed:
https://www.greynoise.io/blog/fortiweb-cve-2025-64446
Expected exploitation of Fortinet ../ vulnerabilities. Exploitation seen from November 17. Always the useful data from GreyNoise […]
https://www.greynoise.io/blog/fortiweb-cve-2025-64446
Expected exploitation of Fortinet ../ vulnerabilities. Exploitation seen from November 17. Always the useful data from GreyNoise […]
(sqrx.com) Critical MCP API Vulnerability in Comet AI Browser Enables Arbitrary Command Execution
https://labs.sqrx.com/comet-mcp-api-allows-ai-browsers-to-execute-local-commands-dec185fb524b
> SquareX has discovered a critical security vulnerability in Comet […]
[Original post on swecyb.com]
https://labs.sqrx.com/comet-mcp-api-allows-ai-browsers-to-execute-local-commands-dec185fb524b
> SquareX has discovered a critical security vulnerability in Comet […]
[Original post on swecyb.com]
November 19, 2025 at 3:02 PM
(sqrx.com) Critical MCP API Vulnerability in Comet AI Browser Enables Arbitrary Command Execution
https://labs.sqrx.com/comet-mcp-api-allows-ai-browsers-to-execute-local-commands-dec185fb524b
> SquareX has discovered a critical security vulnerability in Comet […]
[Original post on swecyb.com]
https://labs.sqrx.com/comet-mcp-api-allows-ai-browsers-to-execute-local-commands-dec185fb524b
> SquareX has discovered a critical security vulnerability in Comet […]
[Original post on swecyb.com]
I'm not sure what's going on but @ESETresearch @ESET is really putting out some really good research these days.
Almost every other story they publish is quite awesome and even novel.
This article is no different.
I especially "like" the documented approach of redirect DNS requests for […]
Almost every other story they publish is quite awesome and even novel.
This article is no different.
I especially "like" the documented approach of redirect DNS requests for […]
Original post on swecyb.com
swecyb.com
November 19, 2025 at 12:27 PM
I'm not sure what's going on but @ESETresearch @ESET is really putting out some really good research these days.
Almost every other story they publish is quite awesome and even novel.
This article is no different.
I especially "like" the documented approach of redirect DNS requests for […]
Almost every other story they publish is quite awesome and even novel.
This article is no different.
I especially "like" the documented approach of redirect DNS requests for […]
I'm mostly surprised by the fact that the Cloudflare outage was not caused by badly propagated DNS resource records.
This is something new, and I'm not sure how I feel about it all.
It's as if a future Fortinet vulnerability wouldn't be caused by ../
@cR0w
This is something new, and I'm not sure how I feel about it all.
It's as if a future Fortinet vulnerability wouldn't be caused by ../
@cR0w
November 19, 2025 at 7:51 AM
I'm mostly surprised by the fact that the Cloudflare outage was not caused by badly propagated DNS resource records.
This is something new, and I'm not sure how I feel about it all.
It's as if a future Fortinet vulnerability wouldn't be caused by ../
@cR0w
This is something new, and I'm not sure how I feel about it all.
It's as if a future Fortinet vulnerability wouldn't be caused by ../
@cR0w
I really LOVE having access to a private "library" of articles and reports that have been tagged, and otherwise "enriched".
Looking for "threat" articles discussing or mentioning TightVNC, check.
Looking for articles mentioning various types of "Initial Access" methods, even if not […]
Looking for "threat" articles discussing or mentioning TightVNC, check.
Looking for articles mentioning various types of "Initial Access" methods, even if not […]
Original post on swecyb.com
swecyb.com
November 18, 2025 at 6:37 PM
I really LOVE having access to a private "library" of articles and reports that have been tagged, and otherwise "enriched".
Looking for "threat" articles discussing or mentioning TightVNC, check.
Looking for articles mentioning various types of "Initial Access" methods, even if not […]
Looking for "threat" articles discussing or mentioning TightVNC, check.
Looking for articles mentioning various types of "Initial Access" methods, even if not […]
Reposted by Christoffer S.
Chatting with a friend about Cloudflare's intermittent outages today, they brought up an interesting point: How many organizations have started relying on Cloudflare to do basic security blocking and tackling stuff, like stopping SQL injection attacks at the edge? Maybe your devs were lazy at […]
Original post on infosec.exchange
infosec.exchange
November 18, 2025 at 4:52 PM
Chatting with a friend about Cloudflare's intermittent outages today, they brought up an interesting point: How many organizations have started relying on Cloudflare to do basic security blocking and tackling stuff, like stopping SQL injection attacks at the edge? Maybe your devs were lazy at […]
Please be mindful that there's a significant amount of promotional language in this one, but there are some nuggets in there.
(crowdstrike.com) BLOCKADE SPIDER Employs Cross-Domain Techniques in Embargo Ransomware Campaigns
BLOCKADE SPIDER, a financially motivated eCrime adversary active since […]
(crowdstrike.com) BLOCKADE SPIDER Employs Cross-Domain Techniques in Embargo Ransomware Campaigns
BLOCKADE SPIDER, a financially motivated eCrime adversary active since […]
Original post on swecyb.com
swecyb.com
November 18, 2025 at 2:44 PM
Please be mindful that there's a significant amount of promotional language in this one, but there are some nuggets in there.
(crowdstrike.com) BLOCKADE SPIDER Employs Cross-Domain Techniques in Embargo Ransomware Campaigns
BLOCKADE SPIDER, a financially motivated eCrime adversary active since […]
(crowdstrike.com) BLOCKADE SPIDER Employs Cross-Domain Techniques in Embargo Ransomware Campaigns
BLOCKADE SPIDER, a financially motivated eCrime adversary active since […]
Reposted by Christoffer S.
Down, indeed!
November 18, 2025 at 2:40 PM
Down, indeed!
Comparisons have been made between the Internet infrastructure that was built back in late 90s and early 2000 as comparable to the AI investments now.
I think that's a dumb comparison. The "internet" infrastructure built back then was fundamentally different from what's being built today.
But […]
I think that's a dumb comparison. The "internet" infrastructure built back then was fundamentally different from what's being built today.
But […]
Original post on swecyb.com
swecyb.com
November 18, 2025 at 12:56 PM
Comparisons have been made between the Internet infrastructure that was built back in late 90s and early 2000 as comparable to the AI investments now.
I think that's a dumb comparison. The "internet" infrastructure built back then was fundamentally different from what's being built today.
But […]
I think that's a dumb comparison. The "internet" infrastructure built back then was fundamentally different from what's being built today.
But […]
Is there another Cloudflare snafu or something going on right now?!
November 18, 2025 at 11:39 AM
Is there another Cloudflare snafu or something going on right now?!
Reposted by Christoffer S.
We’re still an absolute skeleton crew of 14 people, competing with teams sometimes 100x as large as ours. To get to our humble team size was only possible through the less than 1% community members who donate to Mastodon, a handful larger donations, & EU grants, all of which we are forever […]
Original post on mastodon.social
mastodon.social
November 18, 2025 at 8:06 AM
We’re still an absolute skeleton crew of 14 people, competing with teams sometimes 100x as large as ours. To get to our humble team size was only possible through the less than 1% community members who donate to Mastodon, a handful larger donations, & EU grants, all of which we are forever […]
Reposted by Christoffer S.
Today I am stepping down from my role as the CEO of #mastodon. Though this has been in the works for a while, I can't say I've fully processed how I feel about it. There is a bittersweet part to it, and I think I will miss it, but it also felt necessary. It feels like a goodbye, but it isn't—I […]
Original post on mastodon.social
mastodon.social
November 18, 2025 at 8:46 AM
Today I am stepping down from my role as the CEO of #mastodon. Though this has been in the works for a while, I can't say I've fully processed how I feel about it. There is a bittersweet part to it, and I think I will miss it, but it also felt necessary. It feels like a goodbye, but it isn't—I […]
Just found this: https://authoritarian-stack.info/
I was somewhat oblivious how deep this hole was...
I was somewhat oblivious how deep this hole was...
The Authoritarian Stack
How Tech Billionaires Are Building a Post-Democratic America — And Why Europe Is Next
authoritarian-stack.info
November 18, 2025 at 8:53 AM
Just found this: https://authoritarian-stack.info/
I was somewhat oblivious how deep this hole was...
I was somewhat oblivious how deep this hole was...
Reposted by Christoffer S.
Hey everyone, we have some pretty big news to share. You might remember that we announced a big restructuring for the Mastodon team earlier this year. Today marks an important milestone in this transition.
#mastodon #fediverse #socialweb
#mastodon #fediverse #socialweb
November 18, 2025 at 8:05 AM
Hey everyone, we have some pretty big news to share. You might remember that we announced a big restructuring for the Mastodon team earlier this year. Today marks an important milestone in this transition.
#mastodon #fediverse #socialweb
#mastodon #fediverse #socialweb
Reposted by Christoffer S.
GenAI is a giant search engine, and it doesn’t do more for malware than a slightly shittier Google would. Malware has been using polymorphism since I didn’t have grey hair and drank less. Thanks for coming to my Ted talk.
November 17, 2025 at 9:11 AM
GenAI is a giant search engine, and it doesn’t do more for malware than a slightly shittier Google would. Malware has been using polymorphism since I didn’t have grey hair and drank less. Thanks for coming to my Ted talk.
Discovered the self-hosted todo app Tududi and I must say that first impression is... not bad, not bad at all.
It's clean, intuitive, has multi-user support and many other neat features.
I liked the idea of a simple capture without tying the "captured thing" as a task but just... here's a […]
It's clean, intuitive, has multi-user support and many other neat features.
I liked the idea of a simple capture without tying the "captured thing" as a task but just... here's a […]
Original post on swecyb.com
swecyb.com
November 16, 2025 at 3:12 PM
Discovered the self-hosted todo app Tududi and I must say that first impression is... not bad, not bad at all.
It's clean, intuitive, has multi-user support and many other neat features.
I liked the idea of a simple capture without tying the "captured thing" as a task but just... here's a […]
It's clean, intuitive, has multi-user support and many other neat features.
I liked the idea of a simple capture without tying the "captured thing" as a task but just... here's a […]
November 15, 2025 at 3:49 PM
There's one thing I'd love to see in #arcraiders gank-ratings. If someone uses the "Don't shoot" and next after that starts shooting should mark them as a ganker.
Or perhaps add some sort of scoring for people who shoot first. Like some sort of ration between people interacted with/people shot […]
Or perhaps add some sort of scoring for people who shoot first. Like some sort of ration between people interacted with/people shot […]
Original post on swecyb.com
swecyb.com
November 15, 2025 at 10:13 AM
There's one thing I'd love to see in #arcraiders gank-ratings. If someone uses the "Don't shoot" and next after that starts shooting should mark them as a ganker.
Or perhaps add some sort of scoring for people who shoot first. Like some sort of ration between people interacted with/people shot […]
Or perhaps add some sort of scoring for people who shoot first. Like some sort of ration between people interacted with/people shot […]
November 15, 2025 at 9:43 AM
Reposted by Christoffer S.
March 18, 2025 at 11:19 PM
Since the 1.2.0 update of ARCRaiders I've had multiple crashes in the "lobby". No crashes prior, but now it looks up almost frequently. Luckily not in game so far...
#arcraiders
#arcraiders
November 14, 2025 at 2:29 PM
Since the 1.2.0 update of ARCRaiders I've had multiple crashes in the "lobby". No crashes prior, but now it looks up almost frequently. Luckily not in game so far...
#arcraiders
#arcraiders
Reposted by Christoffer S.
Also, any team who makes THIS as their crowdfunding campaign launch video has my axe.
https://www.indiegogo.com/en/projects/bonfire/community?refcode=UScVLqSJJkKpZWg_Lnsg7w
https://www.indiegogo.com/en/projects/bonfire/community?refcode=UScVLqSJJkKpZWg_Lnsg7w
November 11, 2025 at 12:27 AM
Also, any team who makes THIS as their crowdfunding campaign launch video has my axe.
https://www.indiegogo.com/en/projects/bonfire/community?refcode=UScVLqSJJkKpZWg_Lnsg7w
https://www.indiegogo.com/en/projects/bonfire/community?refcode=UScVLqSJJkKpZWg_Lnsg7w
Anyone running @GrapheneOS, Android Auto?
Its no longer working for me in my Audi.
Stopped a while ago, since a recent update I'm assuming.
#androidauto #grapheneos
Its no longer working for me in my Audi.
Stopped a while ago, since a recent update I'm assuming.
#androidauto #grapheneos
November 11, 2025 at 4:55 PM
Anyone running @GrapheneOS, Android Auto?
Its no longer working for me in my Audi.
Stopped a while ago, since a recent update I'm assuming.
#androidauto #grapheneos
Its no longer working for me in my Audi.
Stopped a while ago, since a recent update I'm assuming.
#androidauto #grapheneos