cda

6.) Re: 'voter database breach video.' Staged and fake. Attackers obscured details of the sqlmap operation, not to protect PII, but to hide what they are attacking. However, the attackers missed the target IP address in a log file – a VPS currently running SQL server in Moldova.pic.twitter.com/U6x12gOyJe

2.) The threats were sent using mailing scripts hosted on those breached domains; childish stuff, but the mailer probably provides a clue. Also the attacker seems to have used a VPN, looks like Private Internet Access. Sure that rings a bell for some threat intel folks.pic.twitter.com/udOJRN8ybP

𝐼𝓃𝓉𝑒𝓇𝓃𝒶𝓉𝒾𝑜𝓃𝒶𝓁 𝒞𝓎𝒷𝑒𝓇𝓌𝒶𝓇pic.twitter.com/yha9t7fgYg

Czesław Miłosz –pic.twitter.com/qdQvbePhpu

New hobby project — coaware, a tracker for COVID-19 exposure notification apps, for watching and mapping their adoption. Built off the simple and inexpensive @M5Stack hardware.pic.twitter.com/FO2qNUOiq1

Heh, "khar pedar." These Iranian hackers just don't give a damn.pic.twitter.com/0kfpajTSRL

Ten thousand retweets and enraged quote tweets in reaction to a "police officer from Texas" calling for civil war – account created May 2020, which only tweets in the dead of night Texas time. We are so easy to game.pic.twitter.com/DAkvkRozUr

I think another story here is buried. Whoever was behind the Telegram monitoring seems to have scraped Instagram for Iranian users using fake accounts and its recommendation system.pic.twitter.com/x8BkNz7dZ2

In the mystery of the leaked Iranian Telegram data, may I suggest BotSaz – the Telegram bot developer who's Gitlab was adjacent to the exposed Elasticsearch (and taken down at the same time) and doesn't care about security enough to leave PMA open. https://www.comparitech.com/blog/information-security/iranian-telegram-accounts-leaked/ …pic.twitter.com/RgShHodWhw

Sure enough, when @masoud_molavi was killed, @jabeh_siah immediately went silent on Twitter and Telegram https://twitter.com/JohnHultquist/status/1243874656504946694 …pic.twitter.com/v9SukHhiZ9

pic.twitter.com/NkW1cN5U2R

Apparent cuts to Iran's international internet connections this morning timed with #PS752 announcement and protests (from @internetintel).pic.twitter.com/AsBr19TqWr

The Clausowitz account has now been removed. I've converted and archived the World War 3 book for researchers. Whoever was trolling the #IranUSA situation decided to make some money from their hate. https://share.riseup.net/#5QjNy1mWx6jAKkcl76m7Yw …pic.twitter.com/Hnp4IVmTvZ

Well this is novel (heh): a fake account playing off political divisions on Soleimani is promoting a 616 page, pro-Trump/anti-Iran eBook on Amazon. Looks like someone seeded a machine learning text generator with Iran and published the (incomprehensible) result.pic.twitter.com/OtwZEjQVYW