ICYMI, if graph visualization and investigation together pique your interest, watch this talk by Tom Tom & Giulio Giulio Ginesi of WithSecure™ on Detectree. It began life as a Matteo Donini Notebook! 📺youtube.com/watch?v=EBVhGs… 🕹️labs.withsecure.com/tools/detectree 🔗github.com/countercept/de…

So #Emotet is back once again with the traditional Email -> XLS -> XLM -> Regsvr -> Dll execution flow. IoCs are readily available checking the hashtag but as a group known to use 'hashbusting', let's complement these IoCs with some hunting #mde 🧵

Are you ever in the midst of reviewing web browser logs only to find yourself desperate to write some SQL? Me neither, so I wrote a python script to do it instead. Convert web browser history DBs into more human-readable .CSVs with BrowserDBParser github.com/CyberGoatherde…

Me and @goldb3rry did a thing: labs.withsecure.com/publications/d…

Wonderful EP - thanks Hiro Ama

* People ask LLMs to write code * LLMs recommend imports that don't actually exist * Attackers work out what these imports' names are, and create & upload them with malicious payloads * People using LLM-written code then auto-add malware themselves vulcan.io/blog/ai-halluc…