Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
International Cyber Digest Profile picture
@IntCyberDigest
Nov 11, 2025 13 tweets 6 min read Read on X
Scrolly
‼️ China's largest cybersecurity firm, Knownsec, was breached, exposing details of China's state cyber operations.

The data includes cyberweapon documentation, internal hacking tool source code, and global target lists covering over 20 countries, including Japan, Vietnam, and India.

A spreadsheet lists 80 hacked foreign organizations, plus evidence of 95 GB of stolen Indian immigration data and 3 TB of call records from South Korean mobile operator LG U Plus.

One of the documents mention a malicious power bank, disguised as a charging device.

Knownsec is key to China's cybersecurity, providing advanced defense and offensive capabilities, including espionage tools.

A thread with their tools 🧵Image
ZoomEye

A global search engine similar to Shodan or Censys, lists vulnerabilities for each host. It claims to scan the entire IPv4 address range in 7-10 days. Image
Windows Trojan / Remote control Image
KRACK attack

An explanation of how to perform a KRACK attack on a device connected to a network. Image
Image
Passive radar

A tool called "Passive Radar," a PCAP analyzer, is used for quick asset mapping tasks, such as those required by military clients. Image
Un-Mail

A tool that claims to break email accounts via XSS. Image
Image
Image
Knownsec also provides tools and services for data collection as can be seen in the slides. Image
Image
Slides also indicate collecting data and mapping critical digital infrastructure of adversarial nations. Image
It's interesting to note the listing of critical Taiwanese edge devices. Reports confirm nation-state actors are attacking these devices. Image
Critical digital infrastructure in India: finance, military, industry, political parties. Image
This screenshot shows where opportunities exist for a company like KnownSec to add value, including internet surveillance, building command centers, providing big data analysis platforms for various departments, or network construction for specific public security bureaus. Image
Building digital command centers for the Ministry of Public Security and how the company supports Public Security in conducting "special investigations" Image
Image
Image
Read @NetAskari's report substack.com/home/post/p-17…

Link to the docs: ibb.co/album/5X11nM?p…

Additional sources:
juejin.cn/post/756884162…
chonglangtv.org/t/topic/1485
glav.su/forum/threads/…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with International Cyber Digest

International Cyber Digest Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @IntCyberDigest

International Cyber Digest Profile picture
Feb 1
‼️ Meet the personal hacker who worked for Epstein

His name was redacted, but based on what was previously known:
👉 Sold his company to CrowdStrike in 2017
👉 Took a VP role at the company after the acquisition
👉 Born in Calabria

We can now confirm he is Vincenzo Iozzo. Image
Image
His LinkedIn shows his company "Iperlane" was sold to CrowdStrike and that he was also a board member of Black Hat, hence he invited Jeffrey to join him at Black Hat.

He is currently CEO of SlashID and likes to post about Shinyhunters on LinkedIn. Image
Image
Image
Image
He is also one of the authors of iOS Hacker's Handbook. Image
Read 4 tweets
International Cyber Digest Profile picture
Jan 23
‼️A security researcher from Australia built a mass surveillance tool by scraping Waze reports and tracking the users behind them

He successfully linked usernames to real-world identities, allowing him to pinpoint where individuals live and work.

Waze has since responded by removing the feature that exposed usernames.Image
Image
Image
Image
He was able to deanonymize custom usernames by using OSINT tools.Image
Image
After he has a username he can plot it on a map an see where that user has been it's entire lifetime. Leading to the disclosure of:
- The general area where they likely live (cluster of morning reports.
- The area where they likely work (cluster of daytime reports)
- Their regular commute routes
- Their approximate scheduleImage
Read 4 tweets
International Cyber Digest Profile picture
Jan 2
‼️A German hacker known as "Martha Root" dressed as a pink Power Ranger and deleted a white supremacist dating website live onstage

This happened during the recent CCC conference.

Martha had infiltrated the site, ran her own AI chatbot to extract as much information from users as possible, and downloaded every profile. She also uncovered the owner of the site. She has published all of the data.
I found this video of “Marta Root” on her YouTube channel explaining what she did.
A chart showing where users of the white supremacist dating site come from. Image
Read 7 tweets
International Cyber Digest Profile picture
Dec 7, 2025
❗️On 11 July 2024, Belgian police found a dead body on a forest trail.

Initially, they thought it was suicide, but forensic investigation indicated homicide.

The suspected murderer was arrested and later released. He was using a GrapheneOS phone, which he claims did not work as intended.

He says he gave the duress PIN, but the device did not wipe itself, allowing law enforcement to access his data.Image
One year later, the suspect is summoned to appear at the police station in Antwerp, Belgium, on suspicion of premeditated murder. Image
Using the dates of the premeditated murder in the document he shared, we were able to find and confirm that this is the case. Image
Read 12 tweets
International Cyber Digest Profile picture
Dec 5, 2025
‼️🇮🇱 Smartphones worldwide were silently infected with Israeli malware via malicious ads

Simply viewing their ads was enough to get infected.

Surveillance company Intellexa gained full access to cameras, microphones, chat apps, emails, GPS locations, photos, files, and browsing activity.Image
Internal leaked company documents, sales and marketing materials, as well as training videos from the “Intellexa Leaks” investigation provide a never-before-seen glimpse into the internal operations of a mercenary spyware company focused on exploiting vulnerabilities in mobile devices to enable targeted surveillance attacks on human rights defenders, journalists, and members of civil society.Image
In an attempt to hide the spyware operator's identity, all data is relayed through a chain of anonymization servers called the “CNC Anonymization Network.”

Since the spyware relies on browser exploits, the operator must trick the victim into opening the malicious link; if the link is not opened, infection fails.

Each time a one-click attack link is sent, it risks exposing the operator, as a suspicious target may share it with forensic experts, revealing the attack and potentially the operator.Image
Read 8 tweets
International Cyber Digest Profile picture
Dec 4, 2025
‼️🇰🇵 Meet North Korean recruiter 'Aaron,' who infiltrates Western companies by using AI and posing as a remote IT worker using stolen or rented identities.

He was lured into a sandbox by researchers, who observed the wild APT in a controlled setting to see what he would do.
He wanders around the web sending messages to people like "I’d like to offer your an opportunity that I think could be interesting.".. Turns out @MauroEldritch likes opportunities. Image
Aaron then asks the "legit" worker to download AnyDesk.
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(