Michael Rogers

Lets go!! Be sure to check out Unicon 2026. cc: @mox_five

Landing today and will be out here until Thursday! If you are at @OneRSAC let me know, would love to meet up. cc: @mox_five

Improper Secure Boot configuration could be putting your organizations at a greater risk of exposure to threats. Our guidance outlines how to check for proper configuration and recover if needed. Review here! 🔗media.defense.gov/2025/Dec/11/20…

🍂 Happy Thanksgiving! 🍂 We are profoundly thankful for each one of you and the joy you bring into our lives. This special holiday is a wonderful occasion to express our gratitude and appreciation for the support and

@IAMERICAbooted I think you are onto something here.. Config management needs to be taken more seriously.

Configuration Management should be under the umbrella of vulnerability management.

@CallofDuty @ORIGINPC @AMDGaming #CODNEXT #DeadOpsArcadexCODSweepstakes

Enter for a chance to win a Dead Ops Arcade 4 Theme PC by @ORIGINPC & @AMDGaming 🖥️ Reply with #CODNEXT #DeadOpsArcadexCODSweepstakes to enter!

Presentation is a wrap @CrowdStrike #FalCon2025 ! Great turn out and engagement. #apt #russia @mox_five

Scattered Spider IRL! @mox_five 🕸️

Made it back to vegas! Looking forward to catching up with everyone.

@DJRorok Hackers always wear hoodies. Ignore the fact that it's 96 degrees right now in Vegas.

@ANC13NT Nice black hoodie (it’s literally summer time)

@brysonbort 🧠30 Minute Talk - 15 Minute Questions - 15 Minute Walk Up/Networking

How long should a talk be at a conference?

So common unfortunately! Exclusions in SIEM/EDR to AV continue to wreck companies. Eeek. @_JohnHammond

Heading to Fal.Con tomorrow! cc: @CrowdStrike - If you're there, send me a note to meet up!

@brysonbort Where to this time? :)

🦄✈️

Our latest MOXFIVE Monthly Insights is out! July brought a surge in ransomware activity with Inc. emerging as the most deployed variant, overtaking Akira and Qilin. The Technology sector was the most targeted, followed by Healthcare and Manufacturing. Several campaigns deploying Akira ransomware were linked to a previously disclosed vulnerability in the SonicWall SSL VPM (CVE-2024-40766). In our Case Study, we look at the SharePoint Zero-Day (CVE-2025-49704/06) which was used by multiple threat actors including state-backed groups. 🛡️ What Organizations Should Do: • Patch fast, rotate credentials, and harden external-facing apps • Segment networks, protect backups, and test recovery • Use EDR and monitor for post-exploit behavior As threat actors evolve, so must your defenses. MOXFIVE is here to help with response, recovery, and building resilient environments. Read the full Monthly Insights at bit.ly/3V9t7Ts #CyberSecurity #Ransomware #ThreatIntel #IncidentResponse #Akira #Qilin

Client’s vendor sent 4 hashes to them… almost 3 weeks after a breach. 🤦‍♂️ ✅ Good: full IOC set (IPs/domains, file hashes, shared compromised accounts, general TTPs) ⚠️ Okay: partial list 🚩 Bad: just hashes, late 🤮 #CyberSecurity #IOCs

Related note... I was impossible to find yesterday because of speaking @AdversaryVillag and supporting @EFF. I will be @ICS_Village @MalwareVillage @RedTeamVillage_ @VotingVillageDC Noob Village today!

Johnny be good

Trey always kills it with his talks and trainings! Let's go! @BSidesTampa @defcon @scythe_io @TCraf7 @brysonbort