J⩜⃝mie Williams
@jamieantisocial
Red Team Engineer (Internal) @Crowdstrike, Formerly 'Jamie from @mitreattack' and @Unit42_Intel, #UNC1799 forever🤘 @DistrictHeather ♥️ +🍷🍷+ he/him
"some indicators age like wine...others more like milk" ⏲️

Disruption ≠ obliteration. Lumma remains one of the most profitable stealers, running both the stealer and its own log market. It’s not Redline or Meta. Even if it gets taken down, expect a rebrand and fresh infrastructure. This ecosystem doesn’t die - it changes.
Lumma infostealer malware returns after law enforcement disruption - @billtoulas bleepingcomputer.com/news/security/…
(Evil-)Morty knows geopolitical cyberwar pre-positioning strategy 🪖🌐
having a totally normal day.
Purchase link: amazon.com/dp/B0FJGMMKC7
Hiring a junior/mid role on my team for a Red Team operator, feel free to DM me with any questions or anything nvidia.wd5.myworkdayjobs.com/NVIDIAExternal…
"...you are sheltering enemies of the state, are you not?"
Aqua , AI-generated malware in Panda Image hides persistent Linux threat -- aquasec.com/blog/ai-genera…
this part is brutal.
🛡️ Then read the next blog post to learn how to defend: bit.ly/4kSWrbc
Free PDF: mini-01-s3.vx-underground.org/samples/Papers…
this is 🅱🅰🆂🅸🅲🅰🅻🅻🆈 how a process seems after linking, loading, injection, etc etc etc.

talent.
I’m doing $5 ghosts today! Send $5 to my venmo or cashapp in my bio with your @ (important!) and I’ll summon a creepy little guy for you
strong contender for a malware '𝕟𝕖𝕧𝕖𝕣 𝕙𝕒𝕧𝕖 𝕀 𝕖𝕧𝕖𝕣' champion 🏆
Nothing too exciting by APT41 🇨🇳 here IMO, using Impacket, CobaltStrike, Mimikatz, Pillager, RawCopy, Neo-reGeorg Using a compromised SharePoint server for C2 is interesting I guess, especially with this new ToolShell exploit for SharePoint servers securelist.com/apt41-in-afric…
Exciting news! Select SLEUTHCON 2025 talks are now live on our YouTube for you to watch! Get a recap on some of your favorite talks from SLEUTHCON 2025, or watch the ones you missed! Check them out here >> youtube.com/@sleuthcon #SLEUTHCON #cybersecurity
CYBERWARCON is back! Join us on Wednesday, November 19, 2025, in Arlington, VA + virtually. Follow us to stay up to date for CFPs, volunteer opportunities + more! Check out for more information + sponsorship opportunities >> cyberwarcon.com
Tap in to the stream this week for some YARA fun, highlighting some crazy rules, how I think about learning yara (or anything) as a mid-career professional, and more!
🔥 Ready for this week's live stream with Greg Lesnewich... youtube.com/live/JIxbM82hW…