Josh Rickard - Thought Thinker

Every SecOp person

Checkout of this draft paper I cowrote about the externalities of generative AI on our society. #llm #ai linkedin.com/posts/josh-ric…

Getting mid results from LLMs? @MSAdministrator says you're probably not giving it enough context, and he's right (don't @ him) Part 2 is live on @THOR_Collective Dispatch. full breakdown, advanced example included. dispatch.thorcollective.com/p/how-i-use-ll… #cybersecurity #ai #thrunting

Big news on the internet today as the United States Department of Justice wildly underestimated computer nerds Mahmoud Al-Qudsi (@mqudsi), the founder of NeoSmart Technologies, is a nerd who specializes in computer forensics. His entire career (dating back over 2 decades) has been focused almost exclusively on data forensics, data restoration, and data backups. Because Mr. Al-Qudsi is a nerd who unironically enjoys painstakingly reviewing computer forensics at the byte level, something almost no one else on the planet enjoys, Mr. Al-Qudsi began exploring the recently released Epstein files. Today he released a write-up explaining the problems with the Epstein redactions, errors they left in the PDF files, ... and all sorts of other artifacts the Department of Justice accidentally left behind. By leveraging these different digital artifacts, it is possible for experts such as Al-Qudsi to reconstruct the files without their redactions. See subsequent post for his write-up tl;dr he's reverse engineering and reconstructing epstein files. but hard and will take lots of work pic: me trying to understand computer forensics based on fonts used

I haven’t written a blog/article in a long while. This is my first stab at getting back into the rhythm and I hope it helps! Check it out!

Most security pros prompt LLMs like a Google search and wonder why the output is mid. @MSAdministrator breaks down what actually works on @THOR_Collective today; role-stacking, systems thinking, and more. ✨ Join us at 👉 dispatch.thorcollective.com/p/how-i-use-ll… #threathunting #thorcollective

we have seen a 100x increase in ICS phishing attacks the past couple months. we are doing 2 things: 1. last week, we released support for automatic calendar invite remediation in @sublime_sec 2. open sourcing a toolkit for the broader community to remediate calendar attacks, no matter your email security solution 🧵

When I was a kid we weren’t allowed our Nokia phones at school. We would use pay phones & beepers. Schools around the country are banning phones. Kids nowadays are chatting in a shared Google Sheet. We are the same and I’m here for it.

@cyb3rops This may across as a ploy to sell something but it’s not I promise… That being said, anyone (open source project or not) can use @sublime_sec platform to help protect against these phishing attacks. Seriously you can just sign up or run your own for free docs.sublime.security/docs/quickstar…

So, these threat actors successfully phished an author of multiple open source NPM packages with a total of 2 billion weekly downloads – including debug, chalk, and ansi-styles. Since most companies run at least one React or Angular app, they had the opportunity to execute code on millions of systems across thousands of orgs. And they used it to drop an amateurishly obfuscated crypto stealer, got caught by basic detection rules, and the issue was remediated after 2 hours. I hope everyone understands how close this was – and can imagine what would’ve happened if someone with real skills had done it. #NPM #Compromise #SupplyChain

@HackingLZ @skocherhan Yep yep yep - blank is better than bestbuy or Wikipedia :)

Another day another phishing website protected by Turnstile

We’re hiring for my team — we need detection engineers ready to deep dive and create rules to detect #phishing threats! If interested please hit me up or dm me !

@BlinkzSec @JAMESWT_WT @banthisguy9349 It’s collecting system info

Does anyone have any idea what is being executed here via PowerShell? sha256:61ec38741f1b45c5e797ab56bedc01f63fb089d1946f978a1ba735602e2cb455 hxxp://starmanx.org/comer.bat

@Antonlovesdnb I found that cursor works decent - better than those two from my experience

Spent two days trying to vibe code a bash script, using both Claude and ChatGPT - Random echo statements constantly appeared stating that functions that don’t exist completed successfully - Command line arguments and switches would randomly get made up - When prompted to add error checking to certain functions, they would just get removed instead - I found it difficult to figure out what had changed or been modified - Claude helpfully provided sample output from the script that was completely made up The script wasn’t even net-new, I was trying to modify it to work with Debian vs Amazon Linux Going to do it the good ol fashioned way I guess 🤷

RFK Jr.: "I was at the bottom of my class. I started doing heroin, and I went to the top of my class. Suddenly, I could sit still and I could read." (2024)

@HackingDave Dude use isort :) but I feel ya

I'm pretty sure at this point, I should just import *

Chinese state-sponsored actors are targeting global telecommunications and other critical infrastructure orgs. We’ve joined others worldwide to call these actors out and publish hunting & mitigation guidance to reduce this ongoing threat. media.defense.gov/2025/Aug/22/20…

@jamieantisocial @ShadowOpCode Someone should start to track tooling by its ascii art

@MSAdministrator @ShadowOpCode all part of the same equation 🧮

the perfect indicator doesn't ex....

@jamieantisocial @ShadowOpCode The amount of effort put into ascii art equates to skill level right ?

@MSAdministrator @ShadowOpCode got em 😹