🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Check out these lovingly crafted infographics.. I write and optimize these for the community - not myeslf. So you do prefer this approach vs the other ones/or you don't - do let me know!

I've received positive feedback from folk at Internal Blue Teams at various organizations getting value out of it, sparking conversations, etc. Thank you to those reaching out - I greatly appreciate it - and as always I'm all ears for any feedback.

How do you feel about threat intelligence? For those who find it either useful, I’d be damn interested in understanding how you action it. Those who find it useless, why? I’ll hold my opinions back for now..

An excellent, in-depth malware analysis article. Refreshing depth and clarity from Tony/Humpty c-b.io/2025-06-29+-+S… Demonstrably understands Yara's strengths and weaknesses. Take note Florian Roth ⚡️.

Table stakes first. Organizations shouldn't build their security posture around deception. While deception is unique in that it actively engages the adversary - it is no silver bullet, and ultimately another alert. Mature processes must exist prior to deploying deception.

When we got access to Git[Hub,Lab] on Red Teams - it was almost always $$$. So it's pretty awesome to see a couple folk and friends over on my old RT running a training giving away the secret sauce we used to pwn these orgs! Mason Davis wrote up a post on more details on the

x.com/i/article/1941…

Attackers are human too - with deadlines, constraints, and pressure to succeed. If an attacker wants something, give it to them ;) The best deceptions aren't technically impressive - they're believably human. deceptiq.com/blog/understan…

Introducing Havoc Professional: A Lethal Presence We’re excited to share a first look at Havoc Professional, a next-generation, highly modular Command and Control framework, and Kaine-kit our fully Position Independent Code agent engineered for stealth! infinitycurve.org/blog/introduct…

I'm struggling to understand the economics of lot of these security products built on top or using LLMs. For example, been seeing a few "AI SOC analysts" and been trying to run the numbers in an insanely if everything went well - and it just does not add up in terms of ROI. I'd

We've got a collection of new honey tokens we've r&d'd - some of which I've shared in a public setting. But the stuff I haven't ... makes me so excited. I've ultimtely been solving for one thing. To detect me. be careful on your next red team =D

"If you do not take risks for your ideas you are nothing. Nothing." - Nassim Nicholas Taleb #risk