Inspiring message by Vera Mens from Claroty’s #Team82 at BlueHat IL, sharing her journey from attending her first #BlueHat 7 years ago as a software developer interested in cybersecurity to the #BlueHatIL stage: “everything is possible!”

Another fantastic BlueHat IL conference has just concluded! Huge kudos to Ida Vass and the whole #Microsoft IL team for organizing an exceptional event during these challenging times.

Heads Up! The registration for BSIDES TLV 2024 is officially open!

Great debate between Efrat Aran and Or Hiltch about the limitations (or lack there of) of AI and how will the practice of software engineering look like 10 years from now at Microsoft Reactor #AllFounders 2024.

Registration for Training Ground is now open! Please do not book overlapping sessions & remember that participant badges are required for access. These book out fast, so register quickly. Training registration and donor badges are available here: eventbrite.com/e/bsideslv-202…

Getting ready for for #HackerSummerCamp next week! Drop me a message if you're attending #BlackHat, #BsidesLV, or #DEFCON32 and you'd like to grab a coffee ☕️ or a drink 🥃. #CyberSecurity #Community

Here we go! 🖤🎩 Black Hat #BlackHat2024 #BHUSA

o1-mini keeps refusing to try to solve the Riemann Hypothesis on my behalf. Model laziness continues to be a major issue sad ;p

🐈⛓️🔨

Looking for high-signal cybersecurity content? Check out my “Cyber” list. I try to keep it tight - no noise, just valuable posts. Bonus: pin it to your feed and thank me later: x.com/i/lists/201875…

Touching down in Raleigh, NC for VulnCon 2025! ✈️🛬🦾 Looking forward to discussing all things Vulnerability Management!

We’re seeing a clear trend: attackers are bypassing the endpoint entirely. Not just avoiding traditional EDR-monitored systems by pivoting to embedded and edge devices, but now also operating purely in the cloud. No shell, no malware, no persistence on the endpoint. Just an OAuth

Just completed the new Wiz “Cloud Hunting Games” Incident Response CTF challenge. Really nice set of challenges, and a great (and fun) way to gain practical understanding of how attackers operate in cloud environments. Worth checking out 👇 🕵‍♂️ cloudhuntinggames.com

root. for. your. friends. 🤼 it's more than a phrase, it's a deeply held belief. it's way of living, really. if you want to reject jealousy and thrive in your work and relationships, check out my latest blog post.

You can sign up to volunteer at BSides TLV 2025! We are looking forward to seeing you there, your help is extremely appreciated at our community led event 🙏🏻 Link: signup.com/go/XWAtoJV #BSidesTLV2025 #CybersecurityCommunity #VolunteerOpportunity

Good morning! You can still sign up to volunteer at BSIDES TLV 2025! Best way to enjoy the event, and your help is extremely appreciated at our community conference 🙏🏻 Link: signup.com/go/XWAtoJV #BSidesTLV2025

Follow-up on CVE-2025-53770 (“ToolShell”) detection: The attackers used a dropper that wrote the web shell to spinstall0.aspx, but that filename isn’t required. It’s just what we’ve seen in this particular campaign. The same payload could’ve been dropped under a different name.