In honor of Fal.Con - Add a little fun to cybersecurity keynotes, vendor pitches, all-hands, and more. 🕹️ security.bingo - CrowdStrike adversary edition. #FalCon2024

The joke about most Linux intrusions being cryptocurrency miners is aging well - aquasec.com/blog/perfctl-a…

📣 As part of the Autonomous Defense & Protection Team (ADAPT), my team is growing and taking shape with recent hires, and I’m excited to announce a new opportunity to join us! 🔥Apply here ➡️ jobs.careers.microsoft.com/global/en/job/… 🚀 I’m hiring a Principal Applied Scientist to support our

CVE-2024-23113 🤦

We're excited to announce the release of our new Public EML Analyzer: a free, unauthenticated tool for analyzing email messages. Upload any EML and get Sublime's analysis results along with URL sandbox and attachment previews, insights, and more: analyzer.sublime.security

The EML Analyzer is also available as a free API, so you can hook it up into your favorite phishing response workflows: docs.sublime.security/reference/anal…

99.9% of us shouldn't worry about the NSA, but 100% of us should worry about the combined marketing and advertising ecosystem, a true global surveillance superpower. krebsonsecurity.com/2024/10/the-gl…

A script that logs Objective-See Foundation OverSight events to a file: github.com/keithmccammon/…

this is way more relatable than yet another email that begins with "at <company> we believe in delivering exceptional value" and ends with "starting next month, your price will increase" but it's definitely the same message 🙃

Another day, another email warning "attackers may be exploiting FortiGate devices". Folks. Your Fortinet gear might as well exist *primarily* to grease the skids of initial access for bad actors. These devices help more adversaries than they stop. I think we're past "may be" 🤣

Cybersecurity stat of the day: The average delta (in years) between CVE assignment and addition to the CISA Known Exploited Vulnerability (KEV) catalog is 2.8 years. 🤯

"2022 zero day was used to raid Fortigate firewall configs. Somebody just released them" - doublepulsar.com/2022-zero-day-…

Quick ear-check with the listeners: What's the ideal length of your favorite podcast?

Dave Aitel, writing on DailyDave: "This is probably my new favorite podcast, with an uncensored take on current infosec events, largely from an incident response standpoint, but in general covering all the bases and courageously offending everyone at great length." Dave Aitel

Today at WWHF Wietze is dropping Invoke-ArgFuscator 👀 github.com/wietze/Invoke-…

🚀 Today I'm launching ArgFuscator: an open-source platform documenting command-line obfuscation tricks AND letting you generate your own 🔥 68 executables supported out of the box - use right away, make tweaks, or create your own 👉 Now available at argfuscator.net

Sure, your POC or framework will be used by ~10% of blue teams (and to make matters worse, only ~10% of orgs have a blue team with time/energy to even think about it). Meanwhile, it's 100% going to be used for this.

Threat Detection Highlights Webinar series – April Edition: This month’s session is extra special. zoom.us/webinar/regist… We're excited to welcome Tony Lambert Tony Lambert , Senior Malware Analyst at Red Canary, known for his sharp research and impactful community