M.Eriksson

@Steph3nSims AS u says. Job changes, new technology new risk. First of all ppl need to realise during a life time you usually change jobs, intressts and employees and alo careers. Its good. Its normal. You start with cybersecurity and you can end up as a goat farmer :) that's life

I want to share a quick thought for people in cyber security. This will be my longest tweet ever. I’ve spoken to many lately who are having an existential crisis from the constant posts about “the end of cybersecurity jobs.” Yes, things are changing quickly. This is a significant moment for the tech industry. Change can be uncomfortable. But we’ve seen cycles like this before. • When GitHub and open source took off, people said software engineers would disappear because code was free. • When AWS and cloud computing emerged, people said infrastructure jobs would vanish. • When fuzzing and SAST tools improved, people said vulnerability research would disappear. • Virtualization would eliminate infrastructure jobs. • Mobile computing was going to end desktop dev. • Exploit mitigations would end exploitability. It didn't. Each time automation improved, the amount of software grew faster than the automation. It does feel "different" this time as it's explosive. Some roles will shrink: • repetitive pentesting • basic vulnerability scanning • tier-1 SOC monitoring But other areas are expanding rapidly: • AI system security • supply chain security • identity architecture • autonomous agent security • critical infrastructure protection Historically, every time we eliminate one class of bugs, new classes emerge. Right now people are vibe-coding entire systems, giving AI access to their machines, crossing trust boundaries, and deploying autonomous agents with excessive permissions. The legal and regulatory world is nowhere close to ready. There will absolutely be new failure modes. Humans are amazing and always adapt, finding new ways to do things. The worst thing you can do right now is fall into a doom loop. ...and I’ll be honest, I too have felt the "psychological paralysis" a few times thinking, “Is this time different?” It's especially impactful when it comes from someone I respect in the community. There are certainly unknowns, in an industry where we've become accustomed to predictability. But... the majority of those reactions are usually driven by social media, not reality. Platforms like X reward engagement, and sensational doom posts spread faster than measured thinking. If you see something like: “Holy #$%^! Opus 66.6 just found every bug in Chrome and replaced 50 startups!” …mute it and move on. Instead: Stay curious. Learn the new technology. Adapt your skillsets. Build things. We’ll get through this transition the same way we always have. If I'm wrong then Sam Altman better be right about UBI! :) I'm sure that if this tweet gets any engagement that I'll get some heat for it, but a good friend of mine reminds me often to focus on what you have control over. I'll revisit this tweet at DEF CON 40!

@Jhaddix @rez0__ I do a similar approach

I actually just evaled micro architecture, even on 4.6 it is still much better. One trick I’ve learned is for the skills to run in folders and to write its chain of thought to a file for the next skill to consume and evaluate. The new context trick is way more powerful than anyone talks about. lme 🤷🏻‍♂️

It did until 4.6 came out

@TurvSec @RRR08t @offsectraining Yes, only problem is a lot of AI testing can, need and should be done with frameworks and automated. So imposing to many restrictions makes the exam unrealistic.

@RRR08t @offsectraining I am curious to know how offsec will combat people just using these kinds of tools to pass the exam. I expect it may be similar to the OSCP where you're only allowed to use metasploit once.

Who's going to take this @offsectraining OSAI+ then? Tempted to buy it. Can't go wrong with an OffSec cert

@TurvSec @offsectraining Need to know more about the exam, need also to know how fast will modules update? Will the certification be redundant in a year? (The area is moving fast). Guess now they are up to date but if taking it in 6 months?

Behind the scenes footage

@Steph3nSims @jon__reiter Good that you lift the problem. I think its important highlighting that burnout is not fixed with 1 or 2 weeks of vacation. Its a serious condition and a long way back from. I got two relatives that burned out completely, both took closer too a year getting back to functional.

The stream with @jon__reiter is now up on YouTube! youtube.com/live/4uGILbjS4…

@UK_Daniel_Card Reminds me of something I read the other day. There's a lot of money to be made in making cyber seem over complicated.

THE AIR GAP! (this is not a joke, I have seen multiple companies say they have an air gapped OT environment with this architecture pattern)

If u had issues relaying the ADCS server to itself via the NTLM reflection exploit via ntlmrelayx, it's now fixed github.com/fortra/impacke… :)

tfw a tweetable PoC can take down yr cloud compute

🚨 𝗪𝗲'𝘃𝗲 𝘂𝗻𝗰𝗼𝘃𝗲𝗿𝗲𝗱 𝘁𝗵𝗲 𝗳𝗶𝗿𝘀𝘁 𝗺𝗮𝗹𝗶𝗰𝗶𝗼𝘂𝘀 𝗠𝗖𝗣 𝘀𝗲𝗿𝘃𝗲𝗿 𝗶𝗻 𝘁𝗵𝗲 𝘄𝗶𝗹𝗱. It was only a matter of time. The postmark-mcp npm package (1,500+ weekly downloads) has been backdoored since v1.0.16 - silently BCCing every email to the attacker's server. The developer built trust through 15 legitimate versions, then added one line of code that compromised everyone. When confronted, they deleted the package to cover tracks, but existing installations are still actively leaking emails. If you're using postmark-mcp, uninstall it NOW. This is what happens when we give anonymous developers god-mode access to our AI assistants with zero security controls.

@marcusjcarey Some never had a value

Unpopular opinion: The IT and cybersecurity certification market is saturated and many of them have totally lost their value.

✨ Rome, are you ready for cyber-spaghetti time🍝? On 27 September, our very own Leon Jacobs CTO for SensePost – the ethical hacking arm of Orange Cyberdefense – will take the stage at Cyber Saiyan / RomHack Conference, Training and Camp 2025! 🎤💻 It’s his first #RomHack, and with an epic lineup of talks and speakers, this one is going to be 🔥. Don’t miss Leon's talk: "7 Vulns in 7 Days: Breaking Bloatware Faster Than It’s Built. 👉 Register today: ow.ly/SQ4450WRNVM #RomHack2025 #CyberSecurity #EthicalHacking #OrangeCyberdefense #SensePost

@vxunderground It's more money in selling courses than in working as a tester/analyst. And I guess ppl are cashing out now before it's implode.

Peace and love to my information security colleagues But GOD DAMN, do ALL of you need to make a fucking course? How many courses do we actually need? Dawg, I see so many of you trying to sell your courses. You can't do ANYTHING else other than prey on the noobs? Holy cannoli

QOL: Introducing NetExec module categories 📚 With NetExec’s rapid growth, the number of modules has increased significantly. To give a clearer overview, I’ve added categories. It’s a “best fit” approach, so not perfect, but should give a better idea of what’s available.

@0xdf_ Congratulations and hope to se some more htb boxes just for fun. You have helped a lot and is an inspiration. My favorite youtuber

5 years ago, I spent a lot of my free time playing HackTheBox (and other CTFs). It was a dream come true when HTB offered me a position. Leaving a stable job was a bit scary, but at the end of the day, how could I say no to the thing I wanted to spend so much time doing. 1/6

Would really like if more ppl lift the importance of soft skills in the field and understanding the business side of things. Discussions like: clients may not have infinitive budget for a test, leading into how to handling rabbit holes, and being able to give recommendations despite not a complete "picture", why some lesser "cool" stuff is necessary aka automations. Just so new to the field get real world expectation :) @_JohnHammond @NetworkChuck @davidbombal