plug

@ImposeCost Congrats, keep empowering folks and shaping TI at Google!

Listen, Head of Research and Discovery (RAD) was a pretty dope title. But today I'm pleased to announce I was selected to be Head of Global Signals Operations for Google Threat Intelligence Group. I would say this is the most significant role change since joining Mandiant.

@ImposeCost Nah, I been giving coins at conferences for years. I remember sending one your way a few years back via @ItsReallyNick I don’t get challenged that often but doesn’t matter. Ultimately, I make my coins and I get to choose how and to whom to give them!

Do people ever get mad about the "militarization" of cybersecurity due to the prolific use of challenge coins?

There are individuals that you meet in your life that leave a mark, not just for their kindness & care, but for their humbleness & friendship. @d0ublebind is such individual and more! Please consider donating and send him lots of love ❤️ gofundme.com/f/aarons-fligh… #FuckCancer

@gnuowned Muchas felicidades, les deseo lo mejor del mundo!

Oigan, pos entre tanto viaje, que tu que yo, ya no les conté, pero pues pasaron cosas.

@Cyb3rWard0g ¡Felicidades!, con todo y siempre para adelante , saludos Roberto!

✨ Big news! Today was my first day at #NVIDIA! 🤖 💚 After a short but much-needed break, I’m super excited to share that I’ve joined NVIDIA to help drive internal research efforts focused on autonomy and the development of agentic systems for security operations 🔥. It’s only Day 1️⃣, but I’m already inspired by the mission, the possibilities, and the depth of work happening across the organization. I have a few research ideas I’m excited to explore, and I can’t wait to connect with other teams to learn, understand how everything connects, and explore opportunities to collaborate ⚔️. #NVIDIAlife More soon… but for now, just feeling grateful and excited for what’s ahead 💚 🚀

@v3rbaal @JonSelman @defcon Congratulations, looking forward to meet Hunter!

Hey fam, it’s been a minute… I tend to not share my personal life much, but here’s the cause into my lack of online existence. This is Hunter, as in Threat Hunter, also known as Buck3t, and yes @JonSelman and I will be bringing him to @defcon 33 in a matching Goon onesie! 👶

@Cyb3rWard0g Felicidades Roberto! Te deseo lo mejor en tu nueva aventura profesional, saludos!

After 5+ amazing years at Microsoft ❤️ , I have made the difficult decision to take on a new opportunity. This was not an easy choice, but as I continue to grow in my career, I am excited to take the next step and keep learning in this amazing field 🤖 . When I joined Microsoft in 2020, I immediately felt at home. I had the chance to work alongside some of the most brilliant researchers and supportive managers, which made this an incredible experience from the start. Over the years, I have always felt valued, encouraged to stay curious, and given the freedom to explore new areas of research 🚀 . That journey led me to the intersection of LLM-based agentic systems and cybersecurity, a space I have become deeply passionate about. I am truly grateful for everything I have learned and for the amazing people I have met along the way. Many of them have become great friends, and I will always appreciate the memories we created together. While it is bittersweet to leave such a fantastic team, I am thankful for all the support and encouragement as I take on this next challenge 🙏 . For now, I am taking a few weeks off to recharge, finish writing a blog post (maybe even release a few more things open-source! 😉 ), and I will share what’s next soon 😎 . Thank you to everyone who has been part of this journey ❤️ . I am excited for what comes next! @LeahLease @JohnLaTwC @drhyrum @moo_hax @fromsteph2u @ManuelBerrueta @DrAzureAD @stromcoffee @ashwinpatil @assumebreach @_sarahyo @Pawp81 @mvelazco @rdheeko @MassRelay @NMspinach @davidjustodavid @MalwareRE @holisticinfosec @ianhellen @PrakashAjeet @russmcsec @PhilipTsukerman ...and so many others who have made an impact along the way ❤️ .

If you are looking for very skillful, knowledgeable, and great human beings for your Red Team, please consider @Salbei_ and @Micheal_merrill I worked with them for many years and with confidence can say that your team will greatly improve with them!

@jrozner What an amazing journey, thank you for all the hacks and epic stories, you all transformed and left a mark in the org!

After 6 years our offensive security team is shutting down and today is my last day at Yahoo. It’s been a great ride and couldn’t have asked for a better team to work with.

@_MG_ @MischiefGadgets Going to miss our chats, thank you for being awesome!

Some personal news: I’ll be pausing my Corp Red Team work starting now & focusing on projects under the OMG/@MischiefGadgets umbrella. I have no idea what will happen! I was (& still am) planning on seeing how long I could simply NOT do anything. But some things dropped in my lap that push me far outside my comfort zone, which obviously means I had to do them. Shout out to the crew!

@ImposeCost Doubt it, he is about to make lots of $$ with his WLFI business aided by the new crypto regulations with the creation of DOGE. He is a businessman man first; we all know it.

Last year we used JuiceShop with a twist during our CTF. If you want to learn more about bug bounty and app security Juice Shop is a fun way to get started!

This, get familiar with your logs and how they can help you find this much more practical and likely scenario. Then, have a documented plan on how to respond and mitigate!

@birchb0y @stuartjash Congrats Alden, you rock dude!

@ImposeCost We have this type of conversations in the form of Panels at @BlueTeamVillage. If you are down, we can organize something for next year!

@obnoxious4n6 Congrats, keep on rocking!

Got a recent promo (imo) and I’m super excited for it. It’s a big step for me professionally and I’m looking forward to learning and being better to help support my peers. > but I still get asked by “senior” people in the industry if I’m able to finally fix their printers.

@Cyb3rMonk Neither! A detection needs to trigger as close as possible to real time and should be as high confidence as possible, anything else needs further review and/or tuning!

Which one do you prefer? - A detection that fires an alert after 1 hour when something happens but generates lots of FPs. - A detection that fires an alert after 1 day when something happens but generates few or no FPs. Why? #threathunting

Just in case, not bashing on them. Things happen and we all learn from them. But it was a good opportunity to highlight the choice of words on the tweet. The report released lacks the details many us were probably expecting, but is short and on point for what it is.

Great use of the word likely in context of an investigation for which data may not be conclusive. When not fully sure, likely is a good word to choose. Their 2nd tweet tells the story, it was 2FA, the lack of it, plus “likely” an easy to guess password… Kudos for the report!

@jfslowik There is a great documentary on both Concorde & TU-144 detailing the spionage that took place & the failures by the RU Unlike the TU-144, the Concorde demise is linked to 911. On 911 the revised, post accident Concorde flew 4 the 1st time. Upon landing the crew learned of 911!

Someone buy the Russian ambassador to South Africa a LEGO set