VMWare zero-days are way more fun when they are introduced with DMX style format. Anyway, great blog from Mandiant 🎆, read this. mandiant.com/resources/blog… The 0-day allows host2guest OS cmd exec, and is a very late kill-chain (after significant priv esc) post-exploitation tactic.

Fortinet SSL VPN embargoed vulnerability (but early patch Jun 8th) details dropped:

Tired of not being able to click Defanged URLs? Same. Created a CyberChef recipe to 'Refang' URLs making them clickable once again. This may be irresponsible. github.com/breakersall/Cy… Pull request pending.

Smelling smokey in Chicago today.

Didn't expect to lookout the window today and see someone free climbing the Accenture Tower building (Olgivie) today (with a drone following him)...

👀 comm groups like scattered spider/unc3944...

Remember when breach reports consisted of technical analysis of the intrusion and not just thinly veiled marketing attempts shilling their security products?

The Mirai kids finally have chosen to tell their story, and I'm proud of them beyond measure. I'm also grateful to them for the work they've done in the years since. Their futures are bright. wired.com/story/mirai-un…

Hey Elon Musk yesterday I asked if you could amplify the other side - you know free and balanced speech and all? Remember when we hacked your Model S in 2013 & 2015? Remember how you asked us not to share until patches ready & you could share your side? cti-league.com/statement-by-m…

Microsoft has identified new Qakbot phishing campaigns following the August 2023 law enforcement disruption operation. The campaign began on December 11, was low in volume, and targeted the hospitality industry. Targets received a PDF from a user masquerading as an IRS employee.

The attackers were very sophisticated. They were drinking expensive wine and listening to classical music while they exfiltrated the data.

As foretold - LLMs are revolutionizing security research: hackerone.com/reports/2298307

What are five topics you can talk about for 30 minutes with zero prep? Mine are: 1. Why Armageddon, the movie, is a masterpiece in private/public partnership (oil drillers/NASA Astronauts), and how that is a blue print for Cyber Threat Intel Sharing. 2-5. Related to above.

“The level of cybercrime has risen to the point where it feels overwhelming. And every year it gets worse. And it feels like as defenders, it's almost like we're winning every battle and losing the war,” says Allison Nixon, a cybersecurity researcher. cbsn.ws/3Jh3nyL