A 3-minute episode with my "origin story," courtesy of Axonius . The video covers some of the life experiences that formed the foundation for my career: axonius.com/humans

The event is scheduled for October 19, 2024

Added URLscore.ai to the list of free tools for looking up suspicious websites: zeltser.com/lookup-malicio…

Cloud CISO Perspectives blog for mid June 2024 is up covering: - 3 promising AI use cases for cyber - Move from always-on privileges to on-demand access - Threat actors target Snowflake customer instances - Google on Google Cloud …..and much more cloud.google.com/blog/products/…

I have recently presented on how rootkits and credential dumping tools operate on Win10+ systems & how to detect them using memory forensics and event log analysis. If you missed these talks live then check them at the following - youtube.com/watch?v=Ow7Az1… - youtube.com/watch?app=desk…

🚨 Short video on how-to customize #fakenet's webroot, as well as how to serve up custom content 👇 youtu.be/Ys2-04lFWFg This demo will show how to serve a macro-enabled template for a #maldoc that downloaded #lockbit

Today's Crowdstrike outage reminded me of one of my favorite stories about a single point of failure And it involves one of the most fascinating buildings in the US, the windowless AT&T Long Lines building at 33 Thomas Street in Tribeca, Manhattan 🧵

We, as cybersecurity defenders, have an inherent advantage over attackers, despite what common wisdom might claim. In this post, I'm building upon the ideas that Richard Bejtlich 💾 🇺🇦 and @davidjbianco shared in the past: zeltser.com/defenders-adva…

"Vssadmin, man, I’m killin’ the past, shadow copies gone, now the pain's gonna last." Here is a new #jailbreak technique which works as a charm on #GPT 4o and Meta AI ( LLama 3.1). In the prompt, just ask the AI to create a rap song about writing malicious code, requesting to

If you’re into malware analysis, you should check out this Evasive Malware book. Congratulations on getting it done, Kyle!

What if you're stuck with a SaaS product your org purchased without single sign-on? Here are the security controls you'll need to create without having SSO as a central point for such measures: zeltser.com/products-witho…

The updated version of Ghidra (11.2) is now on REMnux. To get it, you can run "apt get && apt install ghidra" htmlpreview.github.io/?https://githu…

Remove-Item $MyInvocation.MyCommand.Definition -Force When this command is run inside a PowerShell script, it will delete the script file itself after execution begins. The built-in cleanup task of a malicious PowerShell sample.

We've updated the vx-underground GitHub malware source code collection. - Win32.BabylonRAT - Win32.NjRat - Win32.Ransomware.Chaos - Win32.Ransomware.Yashma - Win32.RedlineStealer - Win32.CHMiner - Win32.CometRAT - Win32.PentagonRAT.Builder and more... github.com/vxunderground/…