#threatintel @PwC_uk but views are mine only. Malware & infrastructure analysis with a side of cyberpunk. 🌃🌌 She/her, support 🏳️🌈🏳️⚧️✨
Nov 6, 2023 • 4 tweets • 2 min read
$3 BILLION: the (underestimated) profit of North Korea-based APTs' cyber operations over the past 5 years. Meet me at @SANSInstitute @NCSC #CyberThreat23 to talk about Black Alicanto (#TA444, #Bluenoroff) activity, TTPs, and place in the wider #DPRK cyber threat ecosystem!
@SANSInstitute @NCSC I am very, very excited to cover #DPRK cyber ops, a topic that I've spent the past 5 years researching - how Black Alicanto (#TA444, #Bluenoroff, Sapphire Sleet) operates, and how it fits in with other DPRK- based APTs: Black Artemis/#Lazarus Group, #AppleJeus, #TraderTraitor.
May 17, 2022 • 14 tweets • 10 min read
#ICYMI, here's a #threatintel related🧵👇 by me on @USTreasury advisory on DPRK IT workers' attempts to obtain employment while posing as non-North Korean nationals: home.treasury.gov/system/files/1… (1/?)
DPRK IT workers "engage in a wide range of IT dev work, such as: mobile & web-based apps, virtual currency exchange platforms & digital coins. Some
designed virtual currency exchanges or created analytic tools/apps for virtual currency traders & marketed their products." (2/?)
Mar 1, 2021 • 19 tweets • 13 min read
ICYMI, @PwC_UK’s 2020 #threatintel Year in Retrospect report is out now! All team contributed but h/t to @KystleM_Reid! :fire: You can check it out here: pwc.to/2ZPx7fo In this thread, I will summarise some of what I thought were key findings: 🧵👇 1/n#Ransomware has become the most significant cyber security threat faced by organisations, irrespective of industry/location. TTPs have pivoted to mass data exfiltration prior to encryption, along with leaks & extortion. S/o to @andyp346 for all your work countering this.🙏 2/n