Aiden Mitchell (@amitchell516) Twitter Tweets • TwiCopy

Sublime Security

3 years ago

Sublime has observed an increase in QR code credential phishing attacks over the past several weeks. We've enabled a new scanner to decode QR codes embedded in message bodies or attachments, and pushed new coverage to prevent these attacks: github.com/sublime-securi…

thumb_up_off_alt69

chat_bubble_outline4

repeat25

shareShare

Aiden Mitchell

@amitchell516

3 years ago

k bye threads.net/@amitchell516

thumb_up_off_alt1

chat_bubble_outline0

repeat0

shareShare

Josh Kamdjou

@jkamdjou

3 years ago

This is so sick. Email -> Attached EML -> Embedded image -> OCR -> NLU to identify a financial request. Outlook/many clients will render an attached EML in the *original* message, making this an effective evasion technique. We've seen this in the wild recently. h/t Aiden Mitchell

thumb_up_off_alt33

chat_bubble_outline1

repeat10

shareShare

Amtrak

@amtrak

3 years ago

thumb_up_off_alt8,8K

chat_bubble_outline155

repeat1,1K

shareShare

Aiden Mitchell

@amitchell516

3 years ago

Can confirm, it just works. Now it looks like I have a FortiGate at home :p maybe tomorrow it'll look like I have a Sophos firewall

thumb_up_off_alt5

chat_bubble_outline0

repeat1

shareShare

Frank McGovern - INACTIVE

@frankmcg

3 years ago

Average age of last reboot time on core switches.

thumb_up_off_alt90

chat_bubble_outline9

repeat10

shareShare

Josh Kamdjou

@jkamdjou

3 years ago

If you're running Sublime Security, you can prevent this at your email perimeter. delivr.to put out a detection for the WinRAR vuln when the CVE initially dropped: share.sublime.security/feeds/delivr-t…

If you're running <a href="/sublime_sec/">Sublime Security</a>, you can prevent this at your email perimeter. <a href="/delivr_to/">delivr.to</a> put out a detection for the WinRAR vuln when the CVE initially dropped: share.sublime.security/feeds/delivr-t…

thumb_up_off_alt15

chat_bubble_outline0

repeat7

shareShare

Aiden Mitchell

@amitchell516

3 years ago

why make employees suffer with these useless assessments, when you could invest in better email security punishing employees for failing phishing tests is not the answer...

thumb_up_off_alt3

chat_bubble_outline0

repeat0

shareShare

Polling Canada

@canadianpolling

3 years ago

Canada 🤝 United States Pick New Speakers

thumb_up_off_alt224

chat_bubble_outline5

repeat21

shareShare

Aiden Mitchell

@amitchell516

3 years ago

Yeah, I won’t believe it until I see it, what with Google’s history of killing things at random.

thumb_up_off_alt3

chat_bubble_outline0

repeat0

shareShare

Aiden Mitchell

@amitchell516

3 years ago

Please, everyone, use an ad blocker.

thumb_up_off_alt5

chat_bubble_outline0

repeat0

shareShare

Josh Kamdjou

@jkamdjou

a year ago

EML attachments are a clever way to bypass traditional analysis because they automatically get rendered and embedded in the original message, without user interaction, by most mail clients: sublime.security/blog/hidden-cr… h/t Aiden Mitchell

thumb_up_off_alt58

chat_bubble_outline0

repeat20

shareShare

Sublime Security

@sublime_sec

a year ago

Scammers are using distribution lists to hide their tracks while blasting a wide range of targets in this new variant of Living Off the Land (LOTL) + callback phishing attacks. We’ve seen it with trusted brands like Microsoft, Venmo, and PayPal. Learn how the scam works:

thumb_up_off_alt8

chat_bubble_outline0

repeat3

shareShare

sam scholten

@samkscholten

a year ago

🚨 Detection coverage for CVE-2025-21298: 🤝 h/t to our friends at delivr.to for their excellent detection work: github.com/delivr-to/dete… 💪 🔍 Sublime Security 's existing rule flags this too: sublime.security/feeds/core/det…

thumb_up_off_alt13

chat_bubble_outline0

repeat5

shareShare