GS-InfoSec

1.4K posts

GS-InfoSec banner
GS-InfoSec

GS-InfoSec

@GsInfosystems

Threat Intel | InfoSec | GRC | DFIR Org Behavior, Psych, and Poli-Sci for Business

Katılım Haziran 2021
688 Takip Edilen200 Takipçiler
GS-InfoSec
GS-InfoSec@GsInfosystems·
@IAMERICAbooted They need to be provided a vision, guidelines, resources, and support. You hired them to do a job. Provide what they need to be successful and keep them aligned.
English
0
0
1
16
EZ
EZ@IAMERICAbooted·
Early career people leaders often think people need to be managed. People dont need to be managed. They need to be motivated. If you have direct reports and think they need to be managed, I have news for you: you are the problem :p
English
5
3
28
906
GS-InfoSec
GS-InfoSec@GsInfosystems·
Most grounded actionable conversation I’ve come across compared to the frontier AI FUD being pushed lately. Highly recommend. youtu.be/mBP127NH2mg?si…
YouTube video
YouTube
English
0
1
2
986
GS-InfoSec
GS-InfoSec@GsInfosystems·
Don't bring up a problem without a solution...that's what threat intel should do.
English
0
0
0
9
GS-InfoSec
GS-InfoSec@GsInfosystems·
I've been saying this for years. Our Gov is long behind the speed and adaptability needed to make decision on technology. We need a systemic change for technology risk management. Our systems are turtles.
Lisa Forte@LisaForteUK

We’re always talking in cyber about how boards don’t get cyber risk, how boards need to improve their understanding etc……… we never talk about how Governments have a worse knowledge gap and they are passing laws that impact all of us……. Just saying

English
0
0
0
12
GS-InfoSec
GS-InfoSec@GsInfosystems·
This is a basic fundamental of intelligence and one reason intel shouldn’t be siloed.
Andrew Thompson@ImposeCost

This isn't so much about cyber even though it applies to cyber: Threats are blended whether you choose to acknowledge that or not. States like North Korea, Iran, and Russia have links to criminals and criminal activity if not outright primary actors. The practitioner chooses the core characteristics to decompose and categorize, because it helps make development of the threat picture more manageable. However, it's important to always be thinking of whole systems while analyzing components. Your analysis is going to suck if you don't consider the broader context.

English
0
0
1
24
GS-InfoSec
GS-InfoSec@GsInfosystems·
@HackingLZ They used it, the out of this world AI genius vuln scanner, and ChaosEclipse is over here throwing zero days at them. I think this is a perfect signal that mythos FUD was more hype than anything.
English
0
0
0
100
Justin Elze
Justin Elze@HackingLZ·
Microsoft hyping this is funny. Making your products secure is a core function of your business not a sales or marketing pitch.
Satya Nadella@satyanadella

Our new multi-model agentic security system brings together more than 100 specialized agents across frontier and custom models to find exploitable bugs, delivering top performance on the CyberGym benchmark. We used it ahead of Patch Tuesday to help find and fix 16 vulnerabilities. Today we’re announcing that customers can sign up to test it in private preview. microsoft.com/en-us/security…

English
10
7
88
8K
Theo - t3.gg
Theo - t3.gg@theo·
Security things from the last few days: - CopyFail (linux pwn'd) - CopyFail 2/Dirty Frag - 13 advisories in Next.js - Over 70 CVEs addressed in MacOS 26.5 - ~50 CVEs addressed in iOS 26.5 - YellowKey (Windows Bitlocker pwn'd entirely) - GreenPlasma (Windows privilege escalation) - CVE-2026-21510 and CVE-2026-21513 confirmed to be used by Russia for Windows RCE - CVE-2026-32202 separately confirmed to be used by Russia for sensitive document access - Mini-Shai Hulud (over 300 JS and Python packages compromised via GitHub Action cache poisoning) - Google confirms they have identified AI-powered exploitation of zero days in an unidentified "open-source, web-based system administration too" - Canvas (popular LMS used in most schools) pwn'd entirely - PAN-OS (palo alto networks) pwn'd with a 9.3 severity CVE-2026-0300 Are you scared yet?
English
351
1K
6.9K
762.9K
GS-InfoSec
GS-InfoSec@GsInfosystems·
"My personal conclusion can however not end up with anything else than that the big hype around this model so far was primarily marketing."- Mythos finds a curl vulnerability | daniel.haxx.se
English
0
0
1
39
GS-InfoSec
GS-InfoSec@GsInfosystems·
It always hits me when a VP says they don't really worry about a technology because a third party handles it. The things that keep us up at night are not the same. The devil is in the details.
English
0
0
0
17
GS-InfoSec
GS-InfoSec@GsInfosystems·
@HackingDave First part of every day, never miss. It's done and out of the way, good to go.
English
0
0
1
77
Dave Kennedy
Dave Kennedy@HackingDave·
While I’m insanely busy right now, doesn’t mean my health can lapse. Still in the gym putting in the work. Summer bod is almost complete to rock the abs during the beach days. #wehackhealth
Dave Kennedy tweet media
English
7
1
51
3.2K
GS-InfoSec retweetledi
Dan Black
Dan Black@DanWBlack·
The wicked problem of threat intelligence has always been to get policy and decision makers to stop worrying about unicorns while we're being trampled by horses.
English
1
1
10
410
EZ
EZ@IAMERICAbooted·
Hey all, I'm going to be joining @merill on Entra Chat again! We are going to talk about some of those pesky gotchas with APIs, secrets EVERYWHERE!, hidden risks of application owners you would only know if you RTFM and some post-exploitation attack surface you may not be thinking about, and Zero Trust to Hero Trust with Managed Device requirements to access M365 resources. Also, is your enterprise ready to respond in M365? We will talk about my favorite log sources when performing investigations.
English
11
4
80
3K
hacker.house
hacker.house@hackerfantastic·
Happening now #hackspacecon Hall 2 - Back to the Future-Proof: Preparing Now for Quantum Decryption Threats with Kevin Tackett, "cryptography will be broken by Quantum Computers" @HackSpaceCon
hacker.house tweet mediahacker.house tweet media
English
2
0
1
617
GS-InfoSec
GS-InfoSec@GsInfosystems·
As we move into a more AI integrated space (no AI didn't write that), it's going to really illuminate org behavior, specifically leadership style, the ability to move culture through navigating change management, specifically in the area of adaptability speed. Those that can move fast will emerge as leaders in their market. Good job leading the way.
English
0
0
2
256
Dave Kennedy
Dave Kennedy@HackingDave·
I'm happy to announce that I have officially been promoted to Founder and Chief Executive Officer (CEO) of Binary Defense. With the changes in the industry happening and the shift to artificial intelligence, I have been immersing myself relentlessly on how we innovate and move fast - a complete shift of our entire company. Over the past 12 months we have completely transformed our company to be the most advanced artificial intelligence cyber security company in the world. We have taken MTTD and MTTR to times never thought possible before. Reduced false positives, increased true positives, and completely changed how we operationalize our MDR and product services as a company, and most importantly protect our customers. This journey was one of the fondest memories of my life, doing this with my team and one that is just getting started. With these changes in mind, our board approved me as CEO of the company to drive this company even further during this transformational and historic time in cybersecurity. I want to thank the folks over at Invictus Growth Partners for the trust in me, my partner Mike Valentine, and to all of the amazing folks we have @Binary_Defense . We truly are ahead in this field, innovating everyday, and protecting our customers 24 hours a day, 7 days a week, and 365 days a year. #BinaryDefense
English
87
37
637
41.1K
GS-InfoSec
GS-InfoSec@GsInfosystems·
100% agree. More data is better, from more of an overview system thinking hat, what I've come to realize is the siloing of intel (many lessons of the past) is a huge limitation. As I work with different teams across an organization, highlighting that attackers aren't limited to business functions, the contextualization and outcome (product) are really key. Those three pillars make the difference in stakeholder actions. Data, contextualization, and reporting. Obviously, there is so much in the details, but I see a lot of TIP solutions and programs in general thinking narrowly (CTI only) with really small emphasis on internal context that includes threat modeling and risk quantification. Just interviewing teams throughout an org and building relationships opens up more value to stakeholders. This provides a lot more internal data.
English
0
1
2
425
Andrew Thompson
Andrew Thompson@ImposeCost·
Tyler gives me an opportunity to preach: 1. Single sources of data are not equal. If I had to pick between data derived from honeypots or thousands of incident response investigations, I would of course pick the incident response investigations. However, I don't want to pick, I want both AND others. 2. Intelligence should be as "all source" as you can get while prioritizing the most impactful sources in aggregate. You should look at sources in terms of the type of vision they give you, and then by other dimensions such as volume, geographic and industry distribution, etc. 3. If you look at each type of collection activity or source as providing unique perspective | vision into a particular thing, such as providing one or more pieces of a puzzle, or shinning a narrow beam of light onto a picture, you want as many of the puzzle pieces or beams shinning onto the image. Some beams may offer larger areas of coverage than others. 4. Everything comes at a cost, so picking which pieces of the puzzle or areas of the image you want to illuminate is a game of tradeoffs. Yet, if you're me, you want it all. 5. There is no such thing as too much data to me, only analytical processing that hasn't caught up to my needs yet.
Tyler@TG01_Actual

Is it not anymore? I built one of these in Rust (running on >60 threads atm) but felt that even with all the enrichment, it didn't present enough fidelity so I started building additional data sources to correlate to the discovered adversary infra. There are more active C2's than a lot of people think 🤣

English
1
3
23
2.6K

Keşfet

@IAMERICAbooted @HackingLZ @theo @manicode @HackingDave @elonmusk @BarackObama @taylorswift13