hogfly 🌻

Threat hunting defined: The application of novel and clever methods intended to create space and time for organizations to defend themselves through: increased rates of contact; degraded will of the threat; control, influencing or severing the threat to target relationship.

Also FFS go read the model card and sabotage reports.

So…using claudecode to write the code, test the code, verify, and approve the code. Anyone stop to remember that thing called separation of duty? If its awareness of best practice is based on the same training data..fox is guarding the henhouse.

@anton_chuvakin You mean there’s no Claude skill to just write the code, maintain the code, the fidelity, the corrective tuning and constant adjustment?

Back in "SOAR is cool" days, I sometimes saw the convo go like this "Ah, this playbook will do the work of 1 analyst." -- "Sure! Let us try it" -- "Good news/bad news: it does the work of 1 analyst, BUT to keep it up we need 2 engineers" :-( I sense signs of this in AI SOC...

Me: "ChatGPT, are these berries poisonous?" ChatGPT: "No, these are 100% edible. Excellent for gut health." Me: "Awesome" # eats berries .... 60 minutes later Me: "ChatGPT, I'm in the emergency ward, those berries were poisonous." ChatGPT: "You're right. They are incredibly poisonous. Would you like me to list 10 other poisonous foods?" And this, folks, is the current state of AI reliability.

@anton_chuvakin You mean “enabling citizen development” don’t you?

So we are moving from DevSecOps to VibeSecCode? This is progress, right?

@curi0usJack Ironically linked to budget, strategy sessions and quarter ends where you reset goals and find out your passion projects are dead or the pencil whipped priority changes from your leadership team?

The more I work in tech, the more convinced I am that "burnout" is really just a kind of mild depression that is often seasonal. Seems to occur more frequently during the major season shifts.

AI has proven to be a curious space. Virtually everyone is chasing the same problems the same way. What I start to wonder is where is the real breakthrough? What I see right now is a ton of overfitting

Whoever owns the platform owns the physics. Think about this for a second. You aren’t in control of your own destiny (or uptime) as long as you use a platform owned by someone else.

Dependency chains are funny things.

Don’t worry, AI will fix those mass outages.

All the arm chair pundits on the f5 hack need to remember a few things. 1. I watched many of your companies get completely owned by CN for a decade+ before you could spell APT. 2. they are a company like any other. time for some professional courtesy and general decency.

@vxunderground @jamieantisocial Not new, not even remotely new, several years old. Workday attacks are precisely this type of thing, tracked several groups to Ghana and Nigeria in fact though more widespread. Direct deposit configs are commonly stored in workday.

Dawg, Microsoft found a Threat Actor that compromised a company and modified the internal payroll system so when paychecks were scheduled to be deposited it went into THEIR accounts, NOT the employees. That's fucking badass wtf I've never seen that before

not enough people are emotionally prepared for if it’s not a bubble

Had an amusing chat with an LLM during a call pretending to be a well known CEO. A simulation only. 1. Ask to opine on specific topic. - LLM deflects 2. Ask to come on vid. -LLM avoids 3. Ask what computer it’s using. -LLM admits it’s not on a computer, it’s an LLM. I win.

Here’s a research idea. Just replay every security research/attack from the last 30 years against AI systems and call them novel because it’s “AI”…

Copilot in Excel is a global financial crisis waiting to happen.

It’s both sad and bemusing that attack surface mgmt concepts are often limited to the internet edge. My challenge to that notion is when identity is your edge, what’s the difference between external and internal?

A lot of red teamers complain that AI model <xyz> restricts them and they need a model for themselves. Yes…true but isn’t that the point, to make the other AI models bend to your will?

Dual use/grey space prompts are SUPER interesting for policy bypass/dump attacks.

By simply suggesting your question is - hypothetical, legit, authorized and my favorite (because it’s been an industry joke for decades) “for educational purposes only,” can get you past quite a bit.

Why does “just trust me bro” still work with most LLM? Also - if your prompt response controls go in to effect AFTER the response has been given, and then retroactively strips the result, it’s too late. It’s