Real talk: if you’re not using MITRE ATTACK to measure detection coverage, what are you using ?

Happy new year LastPass LastPass Support ! Will 2024 be the year you support FIDO2 based auth for macOS + Okta?

I had a great conversation with my homie Jack on the Detection at Scale podcast. We discussed LAPSUS/Oktapus TTPs, mitigations, and detection strategies. Check it: podcasts.apple.com/us/podcast/det… @ me your hot takes #RemitlySecurity #DetectionatScale #D&R

Vendor security questionnaire addenda, circa January 2024: Do you run self hosted Exchange or Atlassian products? Do you use any Ivanti products?

Quit teh hell site for a while. Back now and it looks the same but with more garbage ads and bots.

Keep calm and enable Lockdown Mode. Come on people.

ThruntCon has the best swag.

Get some ARCANEDOOR IPs courtesy of John Althouse . linkedin.com/posts/johnalth…

Here's a full IP list to check against your ASA/Flow logs for the ArcaneDoor Cisco ASA Compromises (361 IPs): drive.google.com/file/d/1wlKPuM… This list was put together from information in the Talos Intelligence blog which stated that the actor came from ASA devices but with cert

Hugs to my Goog homies. This cycle has never been a long term win and as a shareholder I don’t support it.

Feels appropriate. youtu.be/Dkk9gvTmCXY?si…

Stay Gold.

Brilliant move to remove the “report phishing” link in Gmail for iOS. Have you heard of WarVOX buulo3609@gmail[ . ]com?

Dear Yubico | #YubiKey . Please send this man some keys.

DEIntel

This article by Microsoft on detecting browser based anomalies isn’t wrong. It is about a decade late however. youtu.be/87eroAF_Q-8?si… techcommunity.microsoft.com/t5/microsoft-d…

It’s been real y’all. Already miss what this used to be.

Dear Apple , I ❤️but you’re bringing me down. Messages app in Lockdown mode on iOS 18.1.1 is totally unusable. Repeated app hangs, crashes.