The Israeli government has restricted its cyberweapons export list by two-thirds, from 102 to only 37 countries

therecord.media/israel-restric…
All autocratic/oppressive regimes have been removed, and Israeli companies are only allowed to sell to countries in Europe, the Five Eyes alliance, and Japan.

Noticeably missing from the list are Hungary and Poland, even if they're European states

therecord.media/israel-restric…
Might want to give a listen to this podcast episode too, where Mark Dowd touches on why some Israeli spyware/exploit vendors sell to autocratic regimes.

The cyber export list restriction might spell doom for many companies, as they won't have the contacts to sell to western countries and the over-saturated NATO market.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Catalin Cimpanu

Catalin Cimpanu Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @campuscodi

12 Nov
A Russian national and the co-founder of two crypto-exchanges was detained in Amsterdam last week on charges of helping the Ryuk ransomware gang launder some of its profits

therecord.media/us-detains-cry…
The arrest made some waves in the Russian crypto Telegram channels. Been tracking this with @ddd1ms

The article adds a few extra details, but credit goes to @bobmcmillan who managed to find the reason for Dubnikov's arrest

Several crypto investors were outraged at the arrest and asked the Russian government to intervene, with one request eliciting a respond from the Russian MFA spokes
Read 4 tweets
29 Oct
A Minnesota man was charged with hacking MLB, NBA, NFL, and NHL user accounts to hijack live game streams and then rebroadcast them on his own pirate streaming site

therecord.media/man-charged-wi… Image
The suspect operated the HeHeStreams portal, according to court docs.

PDF: justice.gov/usao-sdny/pres… Image
The FBI tracked him down because of poor OpSec, as usual.

-he used the same username on the site support chat as on Reddit
-Reddit account was registered with his personal email
-there were also loads of IP address intersections between personal accounts and HeHeStream accounts Image
Read 4 tweets
23 Oct
NEW: CISA warned today about the compromise of a major JavaScript/npm library with millions of weekly downloads

-The library, called UAParser.js, was compromised with a cryptominer
-Library author said their account was hijacked

therecord.media/malware-found-…
The incident is a big deal, first and foremost, because of the large number of weekly downloads (6-7m).

Second, this library is used all over the place, including a bunch of big companies, such as Facebook, Apple, Amazon, Microsoft, Slack, IBM, HPE, Dell, Oracle, Mozilla, etc.
IOCs here: github.com/faisalman/ua-p…

Here's a very sane advice from GitHub's security team:
Read 4 tweets
23 Oct
NEW: Facebook sued on Friday a Ukrainian programmer who scraped its servers between Jan 2018 and Sep 2019 and then sold the data of 178 million users a on hacking forum

therecord.media/facebook-sues-…
The Facebook data was posted for sale on RaidForusm on Dec 1, 2020.

This predates the April 2021 scrape (533mil) by a few months, but Facebook said both scrapes were collected the same way, by abusing the contacts importer feature for Facebook Messenger

therecord.media/facebook-sues-…
Besides Facebook's data, the social network said the defendant, which used the Solomame and barak_obama usernames on RaidForums, also traded the data of many other companies as well

therecord.media/facebook-sues-…
Read 4 tweets
22 Oct
The US seizing the Tor sites of the REvil gang over the weekend has had some interesting effects on ransomware groups today

Just earlier, the Conti gang published a long-winded announcement on the matter

Among the highlights, they call their activity as "the art of pen-testing"
Conti also calls the US government a "street mugger" for their actions, which I find rich coming from a group stealing and extorting companies.

But, alas...
The full message is here, courtesy of VX-Underground:
Read 7 tweets
21 Oct
Google unmasks two-year-old phishing & malware campaign targeting high-profile YouTube creators

-more than 4k accounts were hijacked
-campaign started around late 2019 (still going on)

therecord.media/google-unmasks… Image
Independently from Google TAG, I've also been tracking these attacks since Nov 2019, mainly after this tweet from Jack:

At the time, there were a bunch of these reports on Google's support forums, if you were paying attention.

What drew my attention was that many of these users said they had 2FA enabled, which made me take a closer look at what was going on. ImageImageImageImage
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Thank you for your support!

Follow Us on Twitter!

:(