Attention Microsoft 365 and Entra admins. ICYMI There is a BIG security change coming up and soon (rolling out mid-July 2025)!! That's less than four weeks away 😮 Check your Message Center mc.merill.net/message/MC1097…

For the past three weeks I've been working to fix something which others, particularly on the Internet, were not able to. It was given to me because we had this issue as well. At first, I was confident but by attempt five my cockiness started to wane. So I started to research

Jason Haddix did an exceptional job today in Flare's Operationalizing Cybercrime Data for Red Teams and Offensive Ops webinar. Chock full with tradecraft, tooling, insights and more. Two full hours he spoke and didn't miss a beat. Really impressive talk. Recording and slides in

Your biggest threats are always internal

From the intel feed today, thinking of you mRr3b00t and your sleep rhythm! 🤣 iank.org/posts/loftie-r…

Sometimes I lie to the AI and tell it I've suffered an injury to my hands to force it to do stuff for me and bypass protections it has. It saves me a lot of time but now it thinks that I'm accident prone. 😂

Many folks in application security will go to every single security conference, but not a single developer conference 🧐

New The DFIR Report Hide Your RDP: Password Spray Leads to RansomHub Deployment thedfirreport.com/2025/06/30/hid…

>wake up >remove the polymorphic >put on make up >leave the code cave >shill the snake oil

And, in six months after its debut, it'll only be available by subscription, I mean prescription. 😳

One of the most horrifying pieces of literature, in my view, is Plato's "Allegory of the Cave" when one considers the time in which it was written, the level of intelligence Plato had juxtaposed against our current predicament which is that our children cannot read or reason,

Must suck being an unemployed software engineer and realizing that Soham Parekh has been hired 79 times in the past 4 years

Have a couple security roles open at a well funded startup. Anyone interested or folks you recommend? (Priority will probably go to mutuals)

Is it wrong I'm debating hosting an open source ICQ server for Defcon and hiding CTF challenges in it?

Happy Birthday, America! 🇺🇸 Now for some hot dogs, hamburgers and couch time with the fur babies, watching Jaws.

I'm reading a new book on Alexander the Great and referring to the source notes section, I note with great consternation, that that rat bastard Plutarch is mentioned and immediately my mood sours. I anticipated this. The mention of Plutarch. 🙄 He lived during the times

The investigation never stops 🕵️ We're celebrating the release of our 100th Sherlock together with YOU! Follow the steps below for a chance to win a VIP Annual Subscription so you can level up your #DFIR skills for a full year: ☝️ Follow Hack The Box ✌️ Like this post 🤟 Tell us

We got bored of all your low hanging default creds and your shitty wifi so we're going back to basics.

Neat PoC to show that chrome extensions have godmode over your session cookies, bypassing httponly flags on all domains

Microsoft just dropped a banger spreadsheet to help you level up your security! 🚀 It's a FREE Zero Trust assessment tool with a clear roadmap covering SIX key pillars. Let's break it down! 👇 👥 Identity 📱 Devices 📊 Data 🌐 Network 🏗️ Infrastructure 🕵️‍♀️ Security Operations