rik van duijn

@rikvduijn

Wielder of the cyber

Netherlands
Vrijeme pridruživanja: studeni 2010.

Tweetovi

Blokirali ste korisnika/cu @rikvduijn

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @rikvduijn

  1. Prikvačeni tweet
    9. ruj 2019.

    So I leave the office for one week, we get a new coffee machine and this happens. ¯\_(ツ)_/¯

    Poništi
  2. proslijedio/la je Tweet
    prije 8 sati
    Poništi
  3. proslijedio/la je Tweet
    1. velj

    Badge Rework in full progress, 150 badges have been reworked and flashed with test firmware at this moment. If you want to help out bring your own soldering iron to and join in the fun (we take care of your drinks!). 5 wires need to be soldered on.

    Poništi
  4. proslijedio/la je Tweet
    1. velj

    Today is 1-feb-2020. One year after my sabbatical formally started. Now what?

    Poništi
  5. 1. velj

    Vandaag vol bezig met de hackintro. 10 die uitgeloot zijn tijdens onze presentatie op de Security meetup XL. Met

    Poništi
  6. proslijedio/la je Tweet
    30. sij
    Poništi
  7. proslijedio/la je Tweet
    30. sij

    My write-up on how I tracked down an alleged member of REvil group utilizing methods. If you enjoyed reading this please share it and I will work hard to create more write-ups like this!

    Prikaži ovu nit
    Poništi
  8. 30. sij

    Having some serious fomo. Will miss this edition though :( have fun all!

    Poništi
  9. proslijedio/la je Tweet
    28. sij

    Excellent research on released by today, using in the process! :)

    Poništi
  10. proslijedio/la je Tweet
    28. sij
    Poništi
  11. proslijedio/la je Tweet
    28. sij

    Tracking infections through sinkhole data, very interesting insights by from . We are seeing a lot of overlap and connections to our research. Please join and me at for a deep dive on REvil.

    Poništi
  12. 28. sij

    Will be presenting our research today and later in a joint presentation with at

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    28. sij

    "The most important step we as a security industry is secure offsite backups that are not removable from the network or using privileges acquired within the network. After that we can spend time actually securing our networks."

    Poništi
  14. 28. sij

    So glad that was able to cover the blog. Our blog is long and I'm not a writer. He is and has distilled our ramblings:

    Prikaži ovu nit
    Poništi
  15. 28. sij

    Just this morning I learned the "c2" domains do change. showed two distinct sets. This means we sinkhole one of the two. We already assumed we saw a subset of all infections. This confirms it. Going to try and figure out why there are two sets of domains.

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    28. sij

    The average ransom demand for a REvil ransomware infection is a whopping $260,000 * Average for full network compromise is $470,000 * When network compromise fails and REvil infects only one PC, average is $48,000

    Poništi
  17. 28. sij

    In the article we still talk about decryptor [.]top as one of the payment sites. The domain no longer resolves. We will need to update that later.

    Prikaži ovu nit
    Poništi
  18. 28. sij

    The attacks against MSP are tough to figure out. We'll see lots of different companies being infected. For example we saw lots of dentistry related infections but no clue why. A week later publishes this

    Prikaži ovu nit
    Poništi
  19. 28. sij

    In the past weeks we've seen mayor attacks against companies inside of Europe and Africa. Encrypting over 6500 unique systems in two attacks.

    Prikaži ovu nit
    Poništi
  20. 28. sij

    Blog: Tracking : our analysis of sample configurations, ransom demands and sinkhole data. The REvil affiliates operate at a huge scale encrypting 1000s of systems at once. And we're only seeing a fraction of the total activity.

    Prikaži ovu nit
    Poništi
  21. proslijedio/la je Tweet
    27. sij

    Presenting our analysis tomorrow @ Explanation on the DGA being used, the sinkhole data that we collected and how we were able to execute on the infected bots. Can't join? Read the blog here:

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·