Advertisement · 728 × 90
#
Hashtag
#CyberResearch
Advertisement · 728 × 90
@cyberresearch.bsky.social
1 day ago
TrustedSec Livestream - AMA: Detection Engineering in 2026 and Beyond with John Dwyer
TrustedSec Livestream - AMA: Detection Engineering in 2026 and Beyond with John Dwyer Join TrustedSec and Binary Defense for an exclusive live Ask Me Anything session with John Dwyer, Deputy CTO and Head of ARC Labs at Binary Defense, as he dives deep into Detection Engineering in 2026 and beyond. This interactive livestream is your opportunity to get expert insights on the latest threats, detection strategies, and the future of security operations directly from one of the industry's leading voices. Come prepared with your questions and walk away with actionable knowledge to sharpen your detection capabilities.

Originally from From TrustedSec: TrustedSec Livestream - AMA: Detection Engineering in 2026 and Beyond with John Dwyer ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 day ago
Grimoire: Because Your Cloud Logs Shouldn't Be More Mysterious Than Actual Magic | Andrew Krug
Grimoire: Because Your Cloud Logs Shouldn't Be More Mysterious Than Actual Magic | Andrew Krug Grimoire: Because Your Cloud Logs Shouldn't Be More Mysterious Than Actual Magic Presenter: Andrew Krug Join us for a hands-on Network Threat Hunting session focused on proactive cybersecurity and real-world detection skills. In this training, we break down the core concepts of threat hunting, key methodologies, and how to identify suspicious network activity before it becomes an incident. You will dive into practical use cases, learn how to recognize malicious traffic, and work with open-source tools like Zeek, Suricata, and an enterprise SIEM to uncover hidden threats. If you want to strengthen your cybersecurity skills, improve network defense, or gain real experience with threat hunting tools, this session is built for you. Chapters: 00:00 – Intro: Grimoire & The Problem with Cloud Logs 03:07 – Why Detection Engineering Is Hard (Pyramid of Pain) 06:11 – Real-World Detection Challenges in Cloud Environments 09:11 – The Importance of Centralizing Logs 12:13 – Why Existing Logging Approaches Fall Short 15:15 – Treating Detections Like Code (CI/CD for Security) 18:16 – Testing Detections: From Cold Start to Execution 21:19 – Working with Structured Logs & JSON Data 24:22 – AWS Policies, Permissions & Detection Requirements Enroll now for Andrew Krug’s upcoming training: Securing the Cloud: Foundations 📅 April 1, 2026 @ 10:00 AM EDT 🔗 https://www.antisyphontraining.com/product/securing-the-cloud-foundations-with-andrew-krug/ Who is this course for? Blue teamers, system administrators, network admins, DevSecOps professionals, first responders—or anyone looking to build a strong foundation in AWS cloud security. Whether you’re pivoting into the cloud or expanding your expertise across cloud security domains, this course is designed to get you there. Sign Up for the next WWHF Want more hands-on cybersecurity training? Register for this year’s Wild West Hackin Fest and get access to workshops, live labs, and sessions taught by industry practitioners. Secure your spot and level up your defensive and offensive skills at one of the most respected community focused security conferences. https://wildwesthackinfest.com/register/ #CyberSecurity #ThreatHunting #NetworkSecurity #Zeek #Suricata #SIEM #BlueTeam #DetectionEngineering #CyberDefense #WWHF #Hackers #InfoSec ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: Grimoire: Because Your Cloud Logs Shouldn't Be More Mysterious Than Actual Magic | Andrew Krug ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 day ago
BHIS - Talkin' Bout [infosec] News 2026-03-30
BHIS - Talkin' Bout [infosec] News 2026-03-30 Join us LIVE on Mondays, 4:30pm EST. A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team. https://bhisnews.transistor.fm Chat with us on Discord! - https://discord.gg/bhis 🔴live-chat 🔗 Register for FREE webcasts, summits, and workshops - https://poweredbybhis.com Brought to you by: Black Hills Information Security https://www.blackhillsinfosec.com Antisyphon Training https://www.antisyphontraining.com/ Active Countermeasures https://www.activecountermeasures.com Wild West Hackin Fest https://wildwesthackinfest.com #livestream #infosec #news #BHIS #podcast #Cybersecurity #infosecnews

Originally from BHIS: BHIS - Talkin' Bout [infosec] News 2026-03-30 ( :-{ı▓ #BlackHillsInfoSec #cybersecurity #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 day ago
Preview
Infostealers Doesn’t Discriminate: 10,000 Logs Show Who’s Getting Hit By Olivier Bilodeau and Andréanne Bergeron What does a director at a 1,000+ employee US telecom company, a hotel reception desk computer, and a threat actor all have in common? They were all victimized by information stealer malware, and their computers’ most critical data is now being sold on the dark web. Infostealer malware is […] The post Infostealers Doesn’t Discriminate: 10,000 Logs Show Who’s Getting Hit appeared first on Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime.

Originally from Flare: Infostealers Doesn’t Discriminate: 10,000 Logs Show Who’s Getting Hit ( :-{ı▓ #flare #CTI #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 day ago
Preview
Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8561 A look at how Kubernetes CVE-2020-8561 works

Originally from DataDog: Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8561 ( :-{ı▓ #cloudsecurity #datadog #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
2 days ago
Preview
Scarlet Goldfinch’s year in ClickFix How Scarlet Goldfinch ditched its fake updates lure and adopted ClickFix, or "paste and run," in 2025 and beyond.

Originally from Red Canary: Scarlet Goldfinch’s year in ClickFix ( :-{ı▓ #threatintel #redcanary #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
2 days ago
Mile High 2026 | Sponsor Interview Compilation
Mile High 2026 | Sponsor Interview Compilation We had some great conversations with our sponsors at Wild West Hackin’ Fest | Mile High 2026. Here are a few of our favorite moments from those interviews. A big thank you to Beacon Security, CLA, Flare, Fortra, Fox Pick, ISSA Denver, LimaCharlie, and Red Siege for taking the time to sit down with us and share their insights. Want to be part of Wild West Hackin’ Fest? Become a sponsor: https://wildwesthackinfest.com/become-a-sponsor/ ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: Mile High 2026 | Sponsor Interview Compilation ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
2 days ago
Preview
Leak Bazaar: Inside the New Criminal Platform Turning Stolen Data Into a Structured Marketplace By Tammy Harper, Senior Threat Intelligence Researcher On March 25th, 2026, user Snow from SnowTeam published an advertisement for a new kind of Leak Site concept on the Russian-speaking TierOne forum. The new service is called “Leak Bazaar” and appears to be an evolution in the extortion game. What stood out to me about Leak […] The post Leak Bazaar: Inside the New Criminal Platform Turning Stolen Data Into a Structured Marketplace appeared first on Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime.

Originally from Flare: Leak Bazaar: Inside the New Criminal Platform Turning Stolen Data Into a Structured Marketplace ( :-{ı▓ #flare #CTI #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
2 days ago
Preview
Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This post reviews TTPs, IOCs, and mitigation guidance. The post Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft appeared first on Microsoft Security Blog.

Originally from MS Threat Intel: Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft ( :-{ı▓ #CTI #cybersecurity #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
2 days ago
Preview
Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government Unit 42 uncovers multiple clusters of cyberespionage targeting a Southeast Asian government organization with USBFect, RATs and loaders. The post Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government appeared first on Unit 42.

Originally from Unit 42: Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government ( :-{ı▓ #unit42 #threathunting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
3 days ago
Preview
Policy as Code: Stop Writing Policies and Start Compiling Them The Problem Nobody Wants to Talk AboutLet me paint a picture most security leaders will recognize.You have 30+ policies living as Word documents on SharePoint. Half of them have filenames like…

Originally from TrustedSec: Policy as Code: Stop Writing Policies and Start Compiling Them ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
3 days ago
Preview
Lessons From A Chatbot Incident Real-world account of how insecure databases and an AI chatbot left customer data exposed and how it could have been prevented. The post Lessons From A Chatbot Incident appeared first on Black Hills Information Security, Inc..

Originally from BHIS: Lessons From A Chatbot Incident ( :-{ı▓ #BlackHillsInfoSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
3 days ago
Preview
North Korean IT Worker Employment Fraud: What Security Teams and HR Need to Know North Korean IT workers (NKITW) are infiltrating companies across North America and Western Europe through job applications. Joint research from Flare and IBM X-Force reveals the inner workings of a sprawling operation in which skilled IT professionals use fake identities to land remote jobs, funneling salaries back to the DPRK regime. This is a close […] The post North Korean IT Worker Employment Fraud: What Security Teams and HR Need to Know appeared first on Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime.

Originally from Flare: North Korean IT Worker Employment Fraud: What Security Teams and HR Need to Know ( :-{ı▓ #flare #CTI #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
4 days ago
AI is Exploring The Deep Blue CVEs - Security Noise Ep 8.12
AI is Exploring The Deep Blue CVEs - Security Noise Ep 8.12 Let's find a CVE! On this episode of Security Noise, we explore the cutting-edge use of AI in vulnerability research, exploit development, and cybersecurity defense. Guests Christopher Paschen, Research Practice Lead at TrustedSec, and Principal Security Consultant Justin Bollinger sit down with Geoff and Skyler to discuss how frontier AI models are transforming security practices, the ethical implications, and the future of AI-driven hacking and defense. About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Find more cybersecurity resources on our website at https://trustedsec.com/resources.

Originally from From TrustedSec: AI is Exploring The Deep Blue CVEs - Security Noise Ep 8.12 ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
4 days ago
Preview
Threat Brief: Recruiting Scheme Impersonating Palo Alto Networks Talent Acquisition Team Unit 42 identifies a recruitment phishing campaign targeting senior professionals via impersonation and fraudulent resume fees. The post Threat Brief: Recruiting Scheme Impersonating Palo Alto Networks Talent Acquisition Team appeared first on Unit 42.

Originally from Unit 42: Threat Brief: Recruiting Scheme Impersonating Palo Alto Networks Talent Acquisition Team ( :-{ı▓ #unit42 #threathunting #cyberresearch

0 0 1 0
@cyberresearch.bsky.social
4 days ago
Preview
Detecting and responding to GreenBlood ransomware with Wazuh GreenBlood ransomware is a Go-based ransomware family that has recently emerged in the threat landscape, targeting Windows environments while employing a double-extortion model. The malware is engineered for high-speed execution and parallel file encryption, leveraging the performance and portability benefits of a compiled, statically linked language. This design allows GreenBlood to rapidly impact infected systems […] The post Detecting and responding to GreenBlood ransomware with Wazuh appeared first on Wazuh.

Originally from Wazuh: Detecting and responding to GreenBlood ransomware with Wazuh ( :-{ı▓ #wazuh #siem #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
4 days ago
Preview
LiteLLM compromised on PyPI: Tracing the March 2026 TeamPCP supply chain campaign On March 24, 2026, two PyPI releases of LiteLLM were published with malicious code. We trace the full TeamPCP supply chain campaign from Trivy through npm, Checkmarx, and into LiteLLM.

Originally from DataDog: LiteLLM compromised on PyPI: Tracing the March 2026 TeamPCP supply chain campaign ( :-{ı▓ #cloudsecurity #datadog #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
5 days ago
Preview
Building a Detection Foundation: Part 4 - Sysmon Filling the Gaps Native Logging Can'tAt this point in our series, we have Windows Security events capturing logon sessions and process creation, and PowerShell logging capturing script execution. That's a…

Originally from TrustedSec: Building a Detection Foundation: Part 4 - Sysmon ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
5 days ago
Preview
Google Authenticator: The Hidden Mechanisms of Passwordless Authentication Explore Google’s synced passkey architecture. Unit 42 details its mechanisms, key management, and secure communication in passwordless systems." The post Google Authenticator: The Hidden Mechanisms of Passwordless Authentication appeared first on Unit 42.

Originally from Unit 42: Google Authenticator: The Hidden Mechanisms of Passwordless Authentication ( :-{ı▓ #unit42 #threathunting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
5 days ago
Preview
Enriching Wazuh vulnerability detection with Google Gemini integration Organizations constantly struggle with vulnerabilities affecting operating systems, applications, and third-party software. These weaknesses expand the attack surface and can be exploited by attackers to compromise the confidentiality, integrity, or availability of systems. Wazuh offers vulnerability detection capability that identifies vulnerabilities in systems and software. However, security analysts must also determine a vulnerability’s exploitability, potential […] The post Enriching Wazuh vulnerability detection with Google Gemini integration appeared first on Wazuh.

Originally from Wazuh: Enriching Wazuh vulnerability detection with Google Gemini integration ( :-{ı▓ #wazuh #siem #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
6 days ago
Preview
Detecting and responding to Cephalus ransomware with Wazuh Cephalus ransomware surfaced in mid-August 2025 and quickly attracted attention for its stealth and operational precision. The threat actors demonstrate a clear financial motivation and rely on initial access vectors. They exploit weak or exposed Remote Desktop Protocol (RDP) configurations, particularly targeting accounts lacking Multi-Factor Authentication (MFA) protection, to gain unauthorized access. Cephalus ransomware targets […] The post Detecting and responding to Cephalus ransomware with Wazuh appeared first on Wazuh.

Originally from Wazuh: Detecting and responding to Cephalus ransomware with Wazuh ( :-{ı▓ #wazuh #siem #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
6 days ago
Preview
Week 12 – 2026 Mobile Forensics Cheatsheet Mobile devices track vast amounts of user activity—often a goldmine of forensic evidence: – Device information– Application usage– Bluetooth and Wi-Fi connections– …and other events, often paired with timestamps Our cheatsheet categorizes these records and maps them to exact locations in iOS and Android extractions. Download Belkasoft’s free cheatsheet for mobile system […]

Originally from This Week in 4n6: Week 12 – 2026 ( :-{ı▓ #dfir #incidentresponse #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 week ago
BHIS - Talkin' Bout [infosec] News 2026-03-23
BHIS - Talkin' Bout [infosec] News 2026-03-23 Join us LIVE on Mondays, 4:30pm EST. A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team. https://bhisnews.transistor.fm Chat with us on Discord! - https://discord.gg/bhis 🔴live-chat 🔗 Register for FREE webcasts, summits, and workshops - https://poweredbybhis.com Brought to you by: Black Hills Information Security https://www.blackhillsinfosec.com Antisyphon Training https://www.antisyphontraining.com/ Active Countermeasures https://www.activecountermeasures.com Wild West Hackin Fest https://wildwesthackinfest.com #livestream #infosec #news #BHIS #podcast #Cybersecurity #infosecnews

Originally from BHIS: BHIS - Talkin' Bout [infosec] News 2026-03-23 ( :-{ı▓ #BlackHillsInfoSec #cybersecurity #cyberresearch

1 0 0 0
@cyberresearch.bsky.social
1 week ago
Preview
Iranian Cyber Threat Evolution: From MBR Wipers to Identity Weaponization The evolution of Iranian cyber operations in broad context: from custom wiper malware to misuse of legitimate admin tools and more. The post Iranian Cyber Threat Evolution: From MBR Wipers to Identity Weaponization appeared first on Unit 42.

Originally from Unit 42: Iranian Cyber Threat Evolution: From MBR Wipers to Identity Weaponization ( :-{ı▓ #unit42 #threathunting #cyberresearch

2 1 0 0
@cyberresearch.bsky.social
1 week ago
Preview
Open source software as the future of cybersecurity  Open source software makes its source code publicly available, allowing anyone to inspect, audit, and improve it. This transparency creates verifiable trust, where security claims can be independently validated by a global community instead of taken on faith. Open source licenses give users full control to understand, customize, and extend the software to meet their […] The post Open source software as the future of cybersecurity  appeared first on Wazuh.

Originally from Wazuh: Open source software as the future of cybersecurity  ( :-{ı▓ #wazuh #siem #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 week ago
AI isn't Skynet, it's a really fast search engine #ai #podcast #terminator
AI isn't Skynet, it's a really fast search engine #ai #podcast #terminator Skip the sci-fi narrative—AI is a tool, and a powerful one at that. The real advantage goes to those who know how to use it intentionally. Watch the full Security Noise podcast episode "IR Evolve" now: https://youtu.be/D4mkj2M1aT0

Originally from From TrustedSec: AI isn't Skynet, it's a really fast search engine #ai #podcast #terminator ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 week ago
Archaeologist of the Dark Web - Because Manual Dark Web OSINT is So Last Season | Apurv Singh Gautam
Archaeologist of the Dark Web - Because Manual Dark Web OSINT is So Last Season | Apurv Singh Gautam Archaeologist of the Dark Web - Because Manual Dark Web OSINT is So Last Season Presenter: Apurv Singh Gautam Dark Web OSINT and cyber threat intelligence investigations can get overwhelming fast. Investigators deal with endless onion links, unreliable marketplaces, scattered search engines, and constant time pressure. This talk introduces Robin, an AI powered Dark Web OSINT tool built to streamline and speed up your entire investigative workflow. Robin automatically searches multiple Dark Web search engines, scrapes relevant onion sites, validates results, and uses AI to produce clear, actionable summaries. No more juggling multiple tools or wasting hours checking dead links. In this session, we break down the biggest challenges in Dark Web OSINT, how Robin’s architecture works, and how its scraping and summarization pipeline fits into real world CTI and investigation workflows. If you work in OSINT, CTI, cyber investigations, threat intelligence, or Dark Web research, this talk gives you a practical tool you can start using immediately and a clearer understanding of how AI can simplify the investigative process. 00:00 Introduction – Robin: AI-Powered Dark Web Investigation Tool 01:53 Agenda – Dark Web OSINT, Existing Tools & Demo 02:37 Why Dark Web Investigation Matters for Threat Intel 04:01 Existing Dark Web OSINT Tools & Their Limitations 05:25 Why Build Robin? Combining Tools with AI 06:14 Introducing Robin – AI-Powered Dark Web OSINT Tool 07:00 Robin Architecture Overview 13:10 Prompt Engineering for Threat Intelligence Analysis 16:21 Investigation Summary Output Structure 18:23 Live Demo – Running Robin via Docker & Web UI 21:36 Search Results and Investigation Output 24:50 Using the Output for Threat Intelligence Reports 26:20 Future Features and Improvements 27:55 Project Credits & Inspiration 29:00 Audience Q&A Sign Up for WWHF Register for this year’s Wild West Hackin Fest here: https://wildwesthackinfest.com/wild-west-hackin-fest-mile-high-2026/ Get access to workshops, labs, and sessions taught by experienced practitioners, all focused on real world defensive and investigative skills. #OSINT #DarkWeb #ThreatIntelligence #CTI #CyberSecurity #OnionSites #AItools #InvestigationTools #InfoSec #WWHF #CyberThreats ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: Archaeologist of the Dark Web - Because Manual Dark Web OSINT is So Last Season | Apurv Singh Gautam ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 week ago
Preview
Everyone is finding vulns. The hard part is proving them. LLMs are a genuine leap forward for vulnerability discovery. Anthropic reported 500+ zero-days from Opus 4.6 and OpenAI's Codex Security discovered 14 CVEs across projects like OpenSSH and GnuTLS. If you've experimented with LLMs for security testing, you've probably been impressed too. The practical reality for a security team deploying AI is messier than the headlines or early POC results suggest. Noise compounds fast. Anthropic brought in external security researchers to help validate the vo

Originally from ProjectDiscovery: Everyone is finding vulns. The hard part is proving them. ( :-{ı▓ #projectdiscovey #bugbounty #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 week ago
Proxy Execution with Microsoft Edge WebView2 w/ Matthew Eidelberg
Proxy Execution with Microsoft Edge WebView2 w/ Matthew Eidelberg 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com How do sideloading techniques work in today’s runtime environment? Join us for a free one-hour BHIS webcast with Matthew Eidelberg on proxy execution via Microsoft Edge WebView2. Matthew will break down techniques that blur the line between legitimate app behavior and malicious activity, showing how shared runtime components are changing execution and detection boundaries. You’ll learn how traditional sideloading concepts apply in modern environments, how WebView2 is increasingly embedded across the ecosystem, and how attackers can exploit it to bypass common detection methods. Chat with your fellow attendees in the Antisyphon Discord server: https://discord.gg/bhis in the #🔴live-chat channel

Originally from BHIS: Proxy Execution with Microsoft Edge WebView2 w/ Matthew Eidelberg ( :-{ı▓ #BlackHillsInfoSec #cybersecurity #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 week ago
Preview
10 Can’t-Miss RSAC 2026 Sessions  We are heading to San Francisco in a few days for RSAC 2026 and we’re excited to meet with you. Our cybersecurity researchers are presenting sessions about infostealers, cloud-native malware, and victim profiling in the infostealer malware economy. We’ve compiled their three sessions along with six others we’re looking forward to.  RSA 2026 · The […] The post 10 Can’t-Miss RSAC 2026 Sessions  appeared first on Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime.

Originally from Flare: 10 Can’t-Miss RSAC 2026 Sessions  ( :-{ı▓ #flare #CTI #cyberresearch

0 0 0 0