Looks like #redlinestealer might be back in action. Been quiet since September when Operation Magnus disrupted it.

Reposting for anyone that needs to use the scale to help leadership understand the #SharePoint vulnerability severity.

As expected, the Copilot version of chat sharing is also available for indexing on Google. Doesn't look like they were indexed very well, but they're all reachable. Have fun!

Behind the curtain: How Lumma affiliates operate. assets.recordedfuture.com/insikt-report-…

You gotta do this. Something will probably break, but that's the name of the game.

A Windows #Clickfix alternative seen in the wild on a mass-spreading malware campaign bypassing traditional Win+R shortcut restrictions User is asked to open the Windows Power User menu (Win+X), open a Powershell terminal and paste and running a malicious Clickfix-style command

First Microsoft introduces the ability to disable direct send after all the abuse, and now Salesforce is providing a method to stop the abuse exploited by ShinyHunters. Better late than never!

I just started a new blog, and this is my first post. I took a bit of PTO, so this is a little record of some fun I had playing around with Intune during that time. It's about enrollment restriction bypass😄 temp43487580.github.io/intune/bypass-…

Say it louder for those in the back.

Woo! Big thank you to Invictus Incident Response !

🚫 These threat actors tried to hide their code behind the GPU. We caught them anyways. 🐺 Our Arctic Wolf Labs team uncovered a threat actor abusing GitHub’s repository structure and Google Ads to redirect users to a malicious download, while a GPU-gated decryption routine kept

I can't wait until this tactic is used in a KnowBe4 simulation. Imagine failing this test 😭

Sharing for awareness of the awareness.

Just dropped off some NoLogsNoBreach stickers at the #GrrCON stickercon

One of the most insecure defaults is getting less insecure at the end of this month. Microsoft is limiting what permissions a user can consent to. This is very interesting for everyone doing #BEC investigations. Curious to see if this will impact malicious app usage. More info

Uh oh.

Facts. I built badpwd.com so you could see not just the user and the source, but also the passwords they're using.

Every time.