Waarom 2-factor authenticatie middels SMS niet te vertrouwen is, laat dit onderzoek van Bloomberg (gift article) goed zien: bloomberg.com/news/articles/…

🤓 OpenAI recently published an interesting threat report about how threat actors are using generative AI. Here is a quick rundown: 👇 - Fake Jobs: IT workers using AI for deceptive hiring schemes. - China IO: “Sneer Review” creates fake reviews and posts. - Philippines IO:

🚨 A forgotten staging site. No MFA. No alerts. Just a wide open door. This is how attackers see your company. And this is how Microsoft Defender EASM helps you stop them. 🔗 Watch now: youtu.be/zJuBQOz3WVY #MicrosoftDefender #CyberSecurity #EASM

Social Engineering Attack KQL Detection 📨💣📞💻☣️: 1. Mail Bomb User 2. Impersonate Help Desk Call User 3. Offer assistance via RMM Tool 4. Deploy Ransomware MDO: New Mail Bomb Detection Technology admin.microsoft.com/?ref=MessageCe… KQL Detection (Point 1 & 3): github.com/SlimKQL/Huntin…

This tweet thread discusses how to use #Kusto explorer to graph data on the fly. ➡️ Get kusto explorer: aka.ms/ke ⬇️ Read on!

Great talk by John Lambert on ways you can turn security data into graphs: youtube.com/watch?v=cXhX3s…. Especially the vector part is great: so many tools have built in support for embeddings (e.g. BigQuery ML.GENERATE_EMBEDDING and VECTOR_SEARCH), defenders should be using them more!

If you work on a Mac, first of all Raycast is a must have productivity app. If you also work with #KQL a lot, I made a simple extension to search the documentation easily, based on the git repos behing ms learn raycast.com/olafhartong/ku…

De eerste DDoS-aanvallen van het Pro-Russische collectief NoName057(16) zijn begonnen, gefocust op websites over de NAVO en natuurlijk de gemeente Den Haag. Impact lijkt voor nu beperkt (en sterkte aan alle IT'ers van de overheid komende dagen) rtl.nl/nieuws/politie…

Hackers breached Norwegian dam and opened the valve. ‘The valve ran at full capacity for four hours before the unauthorized change was detected’. Unclear intent energiteknikk.net/2025/06/hacker…

Happy Stuxnet day

🎯 DEFENDERS — ASRGEN is here to make your life easier... and it’s now TRENDING on @Streamlit! 🚀 ➡️ share.streamlit.io/explore?catego… 🛡️ What is ASRGEN? A simple, powerful, and ✨free✨ tool that helps defenders: ✅ Build custom Attack Surface Reduction (ASR) rules ✅ Test and simulate

Detect anomalous external OAuthApp activity using 🆕ActorInfoString 🔥 techcommunity.microsoft.com/blog/microsoft… KQL Code: detections.ai/rules/8ba39853…

Pretty cool! If you use the tool with a public client and scope from entrascopes.com you can add this to roadtx interactiveauth with the -url parameter to catch the resulting token 😀

👋 Bye bye Azure Portal, hello Unified Security Portal. Microsoft announced the deprecation of #Sentinel in the Ibiza portal. It's time to start planning techcommunity.microsoft.com/blog/microsoft…

Connected with 100+ Mbps at 8.500 ft at 100+ knots, getting real-time updated weather and en-route information. Starlink is revolutionizing flying! 🙏 Thank you Elon Musk

The Scattered Spider hacking group has caused chaos among retailers, insurers, and airlines in recent months. Researchers warn that its flexible structure poses challenges for defense. wired.com/story/scattere…

‘Na nader onderzoek van een aantal cyberaanvallen concludeerde de Autoriteit Persoonsgegevens dat 30 procent van die bedrijven geen of onvoldoende beleid had om cybercriminaliteit te voorkomen’ nrc.nl/nieuws/2025/07…

🚨 Chinese hackers hit France’s critical sectors using 3 Ivanti zero-days — and then patched them to keep others out. Rootkits, web shells, and resale of access hint at a black-market cyber operation selling to state-linked buyers. Find details here → thehackernews.com/2025/07/chines…

I'm SO hyped to finally make MSSQLHound public! It's a new BloodHound collector that adds 37 new edges and 7 new nodes for MSSQL attack paths using the new OpenGraph feature for 8.0!. Let me know what you find with it! - github.com/SpecterOps/MSS… - specterops.io/blog/2025/07/2…