If you need me I'll be in the Andromeda Galaxy

Hang on gotta pump up the valuation so my series B folks can exit

Those of you building modern edge devices, packet tools, network sensors, SSL decrypt, Suricata, etc -- it'll be a couple years yet, but your day will come again. Slow and steady like erosion, the attention, the investment, the market will come crawling back to you.

Imo the security product market is almost always a decade behind needs, but over time ends up being pulled to meet the adversary where they are operating. In the 2010s the market came late to the endpoint, in the 2020s late to the cloud, in the 2030s it'll be back to the network.

Summer of George

I'll give it a top 10 :D

My top 5 movies about ~hacking probably say more about my age than anything else, but still:

#1 - Hackers (1995)
#2 - War Games (1983)
#3 - Johnny Mnemonic (1995)
#4 - Ghost in the Shell (1995)
#5 - Office Space (1999) <- surprisingly full of hacks

True Lies

The Wire, but a cybercrime version of it

imo, great defenders think like attackers
and great attackers think like defenders
and great security folks think like both
and great intelligence folks think like neither
beep boop
computers

I used to secretly judge folks that don't *love* music. But I learned that not everyone has the same ability to _detect_ musical features (pitch, rhythm, harmony etc). This happens not in the ear but in the brain. W/ diff neuro wiring & genes, folks don't always hear what I hear.

"The game is out there, and it's either play or get played." - Omar

Which of the Warhammer 40K races and factions should I get into? Sisters of Battle? Space Wolves? Henry Cavill?

Windows Remote Desktop Protocol: Remote to Rogue | Google Cloud Blog A novel phishing campaign by Russia-nexus espionage actors targeting European government and military organizations.

Really neat exposé on RDP tradecraft to include signed .rdp configs, resource redirection, RemoteApps and probably PyRDP.

cloud.google.com/blog/topics/...

Windows Remote Desktop Protocol: Remote to Rogue | Google Cloud Blog A novel phishing campaign by Russia-nexus espionage actors targeting European government and military organizations.

Excellent breakdown of the “Rogue RDP” TTP we’ve seen susp Russian APT UNC5837 using in their campaigns written by my colleague Rohit (@IzySec over on X)

Windows Remote Desktop Protocol: Remote to Rogue | Google Cloud Blog A novel phishing campaign by Russia-nexus espionage actors targeting European government and military organizations.

Windows Remote Desktop Protocol: Remote to Rogue
cloud.google.com/blog/topics/...

"NIST to purge 'wasteful' algorithms, return to using DES"

gorge

We most definitely trained at the same dojo! and lots of folks rotated through it over the years, I think there is a hybrid 100DoY-fu slowly developing :D

Introducing MalChela. A YARA and Malware Analysis utility written in Rust. #DFIR #MalwareAnalysis #YARA #Hashing

Seeing these scrips run brings me joy. #DFIR #MalwareAnalysis #Python #YARA

Creating custom hash sets with YARA and Python I don't like to brag, he said, but you should see the size of my malware library. For a recent project, I wanted to produce a hash set for all the malware files in my repository. Included in the library are malware samples for Windows and other platforms. Within the library there are also a lot of pdf's with write ups corresponding to different samples.

Creating custom hash sets with YARA and Python

I don't like to brag, he said, but you should see the size of my malware library. For a recent project, I wanted to produce a hash set for all the malware files in my repository. Included in the library are malware samples for Windows and other…

Do not despair, my friends, the only way out is through;
And the climate will probably kill us all pretty soon anyway

One rule's FP is another rule's FN.

SSH is the cyber blood magick of both the world's most stalwart orgs and the world's toughest adversaries.

You’re an MSS or SVR cyber targeter who’s spent years trying to find an access vector into SPS/PAM; then suddenly a pack of high-profile, right-wing, edgelord zoomers — who will definitely click on any link they think will get them laid — just get admin access. Prepositioning acquisition speedrun.

American companies have been giving my data to China for a decade. I don't see why I shouldn't have the option to just give it to them myself.

For those reasons and more, I've been slowly dialing back Amazon altogether in favor of other things. Hoping to cancel Prime by next year. Just a terrible shopping experience.

Years of mediocre gen AI commodities will birth a generation of neo-luddites who refuse to delegate the joys of art, music, writing & human connection to machines. They'll sketch, read human-gen pBooks, buy vinyls at concerts, share hand-written original pre-trend non-memes.

If you want to test out my YARA rule linting work use this PR: github.com/VirusTotal/y...

If you want to get the basic gist of it, this config file change has documentation on it: github.com/VirusTotal/y...

Just set it in your config file and use "yr check" for now.

Happy #100DaysOfYARA. ;)