Ranuja Wanigasinghe @ranujawan

I would encourage @dialoglk users to copy-paste the below email (update with your telephone number, obv) and send to [email protected] to see what Dialog has on you, and what companies/entities they've shared your number with. It's pretty comprehensive, and not under the #PDPA

Dinidu de Alwis @dinidu

2 days ago

My anger at the Bima team was completely misdirected. This is all @dialoglk. In their privacy policy they claim I have a right to access data, so I've sent a comprehensive data request to their Data Protection Officer, including about data they've sold. I'll post the email below:

1 7 58 10K 26

What did I do bro 😭🥀 Is this a real company?

back in 2022 i found a bug that would let me, with no user interaction, turn any chromium-based browser into a permanent js botnet member in edge, you wouldn't even notice anything out-of-place, and would stay connected to the c2 even after closing the browser

Don't often see this kind of analysis of Middle East infrastructure: Over 3 months this year, 1,350 hacker command-and-control servers found being hosted across 98 regionaly providers. Saudi Telecom Company hosts 981 , or 72.4%, of them. hunt.io/blog/middle-ea…

28 years ago today, 7 members of the hacking group @L0phtHeavyInd told the U.S. Senate they could "shut down the internet in 30 minutes."

>37 year old Taiwanese Man >Works as a manager in southern Taiwan with an annual salary of around NT$2 million >Spent NT$5,000 on a lucky bag and won a brand new Nintendo Switch 2 >Wife secretly gave the console (and all the lucky bag items) to her relatives >Called him “unmotivated” and said a 37-year-old man shouldn’t still be playing games >This became the final straw after years of control and criticism and he filed for divorce >In divorce negotiations he offered to walk away with nothing. No house, no car, no savings >His only request: “Just give me back the Switch 2” She broke him so badly that he no longer cares about the house, car, or money. All he wants now is his dignity back, and that Switch 2 has become the final symbol of it. When a man is truly broken, he can no longer be controlled.

‼️🚨 One of the world's largest Certificate Authorities, DigiCert, was compromised by a malicious screensaver file sent through a customer support chat. Their antivirus blocked the malware four times. The agent kept clicking. The fifth try got through. 27 code signing certificates were stolen and used to sign malware. DigiCert ultimately revoked 60 certificates. Per DigiCert's incident report, filed in Mozilla's CA compliance tracker as Bug 2033170, here is how it unfolded: April 2: an attacker contacted a DigiCert helpdesk agent through the company's customer support chat channel, posing as a customer. The lure was a zip file pitched as a screenshot. Inside the zip was a .scr file. On Windows, .scr files are executables, and this one carried a malicious payload. Opening a file a customer sent through the official support channel is what an agent is supposed to do. Support staff are the one role designed to accept files from strangers. DigiCert's endpoint security blocked four infection attempts. On the fifth, the support analyst's machine was infected. DigiCert detected the infection, ran an investigation, and concluded the incident was contained. Eleven days later, an external researcher tipped DigiCert off about misuse of DigiCert-issued code signing certificates in the wild. That tip led to the discovery of a second compromised machine, belonging to a different support analyst, infected through the same vector. The EDR on that machine had not been functioning correctly, so the original investigation missed it. The second machine gave the attacker access to DigiCert's internal support portal. That portal lets support staff reach limited views of customer accounts, including initialization codes for ordered but not-yet-issued code signing certificates. Combining a stolen initialization code with an approved order let the attacker pull a real, validly issued code signing certificate. They did this 27 times. DigiCert's own list of what went wrong: - File-type filtering on the customer support chat channel did not catch the .scr - EDR coverage was inconsistent and incomplete, creating a blind spot - Initialization codes for code signing certificates were not adequately protected DigiCert says it got lucky. An outside researcher found the malware abuse before DigiCert did. Without that tip, the second machine and the active certificate theft might still be running today.

keyboard_arrow_left Previous keyboard_arrow_right Next

A 23-year-old Sri Lankan national residing in Romania was arrested with 1,000 pills, 500 stamps, and some buds. #HustleCulture

Hello, any Sri Lankan with a premium infostealer monitoring solution? I think I stumbled upon something worth investigating 😶‍🌫️ @SriLankaCERT_CC

Howdy folks! Taking a break from my twitter break to let yall know that we released a new @GreyNoiseIO product yesterday. It's called Project Swarm. We've been quietly not-so-quietly working on it for a few years. You can buy it now. It costs $1. There are lots of vulnerabilities on edge-facing apps. To catch in-the-wild exploitation of them, we @ GreyNoise run sensors on the internet. New AI models means more vulnerabilities being identified and exploited, and FASTER. Long term, software and hardware will probably get better, but in the meantime we're gonna have to deal with A LOT of vulnerabilities. At GreyNoise, the sensors we run are basically honeypots- we bait attackers to scan and exploit them which enables us to learn where the attackers are, which vulnerabilities they are exploiting, what it drops, and what it looks like on the wire. From ~2020-now it took us years to build up our fleet. Now anyone can use our new product to deploy their own sensors on their own networks, or an entire fleet of any size, in a day. You can rip back the data and do whatever you want with it. You can resell it, put it into your product, or just stare at it- whatever you want! On our side, we aggregate the data and pour it into a community dataset that everyone shares. As more people join, the data gets bigger and better. Couple neat features: - Sensor deployment is a single bash command on any modern linux distro that supports iptables and wireguard. - Sensors and vulnerable software (profiles) are abstracted into different logical concepts, which means the "what" and "where" are different things, and the sensor is not constrained by the compute required to run the vulnerable software. Also, no matter how hacked the profile (honeypot) gets, it can't touch your host sensor or the rest of your network. - Sensors can run fake honeypots, real software, or even real hardware (bridged with a raspberry pi) like old crappy routers and modems (or expensive firewalls and VPN gateways 👀) - You can create dynamic blocklists that block IPs sourced from your own sensors in real time, so if a remote IP address *looks at your network* the wrong way, you block them instantly. - All the PCAP data is available to you in a gorgeous and intuitive interface at near real time and fully enriched against all of our (thousands of) rules. We're working on the host metadata (malware, syscalls, host behaviors) as well, but this will come later. - If we don't tag a CVE that's interesting to you, you can write a Suricata rule to tag it yourself once and your data gets tagged with it in real time forever. - You can instantly download PCAPs of any exploits that hit your sensors. - If you don't want your data shared with the community dataset, you can talk to our team and we'll work out rights to make it private. Check it out! There's a lot of moving pieces to make this work and we expect bugs, but it's available right now. Join the fight! greynoise.io/project-swarm

keyboard_arrow_left Previous keyboard_arrow_right Next

An Assistant Director attached to the External Resources Department of Sri Lanka’s Finance Ministry, who had been interdicted over the alleged USD 2.5 million cyber theft, has died, Police said. According to Ada Derana, quoting Police sources, the death is suspected to be a suicide, although there has been no official confirmation yet. He had been under investigation following the high-profile incident involving the diversion of state funds, believed to have been carried out by hackers through compromised communication channels. The deceased had been suspended from duty pending the outcome of ongoing investigations into the incident. Police said further inquiries are underway to establish the circumstances surrounding the death. (Newswire)

@UNPUnOFFICIAL_ Heyy could you let us know what the real domain is? newswire.lk/2026/04/29/cou… says the fake domain is exportfinance.av[.]com Sooo? Bit confused

HACKER HUMOUR: Tried GotabayaRajapaksa.com lately? Surprise -- it redirects to the Sri Lanka Prisons website. The real twist? The Prisons department site itself is “not secure”. You really couldn’t make this up. Over to you Hans Wijesuriya.

@aguyonx12839 @Jamz5251 dailymirror.lk/breaking-news/….

@nimeshk_

Peter Gostev @petergostev

a month ago

What the hell

250 444 16K 993K 869

🔐 Proton CEO Andy Yen warns that the global push for age verification is the quiet death of online anonymity, because every passport scan, selfie, and biometric uploaded for "verification" inevitably ends up leaked, hacked, or monetized. He argues Big Tech and governments cannot be trusted to act as gatekeepers, and the only real protection for ID data is to never collect it in the first place.

keyboard_arrow_left Previous keyboard_arrow_right Next

@MonThreat Hi ThreatMon team, This is regarding the copycat shiny hunters group according to many analysts

@RP5186837141663 @UvinduBro So I covered this on September 16-17, And at that time the authorities said they were aware and investigating. This may or may not be directly related to the misappropriation of $2.5 Mil