Greg Foss

This is how it’s supposed to work. This is how everyone levels up while protecting more people/orgs in parallel. More vendors should seek to mimic this type of collaboration. We’re all on the same team…unless you only look at Security as a business, but that’s another tweet :)

🛡️ Launched BinHex.Ninja Security – browser extension blocking ClickFix attacks ✅ Real-time detection ✅ Clipboard protection ✅ Privacy-first & actively developed 📥 binhex.ninja/extension.html 📧 Feedback: re.team@binhex.ninja 🙏 Thanks to all who share anonymous data

#ESETResearch has discovered the first known AI-powered ransomware, which we named #PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes 1/6

Tickets are now on sale for our #bsidesboulder annual event on 13 June! Your ticket purchase comes with lunch and a t-shirt. We expect our @KC7cyber CTF workshop will sell out given the limited seats, so get your ticket now. eventbrite.com/e/bsides-bould…

Excited to share that @amrandazz and I will be speaking at @fwdcloudsec in Denver on June 30th! We’ll be diving into the many lessons we’ve learned from a year of threat hunting in the cloud. #patience-brings-prey-lessons" target="_blank" rel="nofollow noopener">fwdcloudsec.org/conference/nor…

Something I'm really proud of: I made it to the number 1 spot on the AWS Vulnerability Disclosure Program Leaderboard! I'm excited to continue helping improve AWS' security posture and help root out categories of vulnerability in AWS services/technologies! hackerone.com/aws_vdp/thanks

My presentation slides "UEFI Bootkit Hunting: In-Depth Search for Unique Code Behavior" @REverseConf are available online github.com/binarly-io/Res…

Today our @datadoghq Security Research and Detection Engineering team released our first threat roundup report! Datadog has unique visibility into threat actor activity targeting cloud environments - this report highlights our key findings from Q4 2024. securitylabs.datadoghq.com/articles/2024-…

@greggles That’s a good point - I may follow suit. Mostly on blue sky these days anyways.

@35Foss You're using the app? I uninstalled it and started using browser only a while ago due to concerns of what the app would do with its data access.

@haveibeenpwned 🍿

New breach: Andrew Tate's "The Real World" had 324k email addresses breached last week. Data also included usernames and chat logs. 55% were already in @haveibeenpwned. Read more: dailydot.com/debug/andrew-t…

Long-lived, unmanaged credentials remain a risk across all cloud providers. Learn more in our 2024 State of Cloud Security study: dtdg.co/dd-state-of-cl…

🤝 @datadoghq Cloud Security Management Identity Risks uses #AWSIAM Access Analyzer to further improve the detection of permissions gaps to provide right-sized policy recommendations. Learn more about this integrated solution. go.aws/3A5sbIE

🔎 A guide to threat hunting & monitoring in Snowflake Detecting initial access, defense evasion, persistent access, credential access, data collection, exfiltration With example queries and what to look for in the results By @JulieASparks, @sethsec #best-practices-for-securing-snowflake-environments" target="_blank" rel="nofollow noopener">securitylabs.datadoghq.com/articles/a-gui…

@cci_forensics You will leave behind a lasting positive impact on both the company and the security industry as a whole from your time at Cb. It was a honor working with you and wishing you all the best in your next adventure!

Swee Lai Lee is an extremely talented threat researcher and malware analyst from my team. Laid off after 8 years as part of the Carbon Black acquisition into Broadcom Based in Malaysia, spoke at RSA, analysis writeups, large-scale malware tests against vendor products Hire her!

New from Datadog Security Research! We found a vulnerability in AWS Amplify that exposed IAM roles associated with Amplify projects, making them assumable by anyone in the world! Both the Amplify CLI and Studio had this behavior. securitylabs.datadoghq.com/articles/ampli…

@Frichette_n Very well-deserved. Congrats!!

Some exciting news! I’ve been promoted to Staff Security Researcher! I’ll keep!pushing the boundaries of cloud security :)

New from Datadog Security Research! Analysis of SNS enumeration across AWS led to the takedown of a phishing site that was impersonating the French government in our latest blog: securitylabs.datadoghq.com/articles/tales… #CloudSecurity #AWS #Smishing #Phishing

@AzakaSekai_ @SaveToNotion #thread #apt #china #spyware #leak

#threatintel someone just leaked a bunch of internal Chinese government documents on GitHub github.com/I-S00N/I-S00N/

You know who won't love this video? CrowdStrike youtube.com/watch?v=9kAq-O…