Josh Rickard - Thought Thinker

Every SecOp person

@sysaaron is getting a Dickbutt tattoo. The catch: you have to fund it. Raise $5,000 for Hope House and the ink goes on at SecKC in June. Permanent. Public. For charity. Donate now: orders.seckc.org #SecKC #HopeHouse

@sama Then you should read this letsautomate.it/article/agenti…

feels like a good time to seriously rethink how operating systems and user interfaces are designed (also the internet; there should be a protocol that is equally usable by people and agents)

@CalmCoding @HackingDave Because of hiQ V. LinkedIn & Van Buren V. United States

@HackingDave Why were the labs allowed to scrape all the copyrighted data on the internet?

Of course. If you understand how LLMs work, they don’t think in traditional terms and are regurgitating human knowledge. One of the largest thefts of intellectual property and plagiarism in human history. Still incredible tech and has massive implications on innovation, but as far as gaining consciousness- negative.

Do you want to contribute to a good cause?We’re collecting donations for charity now through our June meeting. What do you get out of it? Good feels and the knowledge that you are part of the reason @sysaaron has a tramp stamp! We’re less than $400 away! orders.seckc.org/event/stamp-th…

I wanted to share a new blog post I’ve been tinkering with called “The Agentic Web”. This post is my thoughts on a direction that LLMs can (should) take. As a caveat the ideas are mine but did have Claude help :) letsautomate.it/article/agenti…

I’m excited to share that my talk titled “LLMs: Prompting, Agents, Assistants, Oh My!” was accepted for @_BSidesKC on April 25th! We’ve all been hit by this tornado called LLMs. Join me as we navigate the yellow (LLM) brick road!

Checkout of this draft paper I cowrote about the externalities of generative AI on our society. #llm #ai linkedin.com/posts/josh-ric…

Getting mid results from LLMs? @MSAdministrator says you're probably not giving it enough context, and he's right (don't @ him) Part 2 is live on @THOR_Collective Dispatch. full breakdown, advanced example included. dispatch.thorcollective.com/p/how-i-use-ll… #cybersecurity #ai #thrunting

Big news on the internet today as the United States Department of Justice wildly underestimated computer nerds Mahmoud Al-Qudsi (@mqudsi), the founder of NeoSmart Technologies, is a nerd who specializes in computer forensics. His entire career (dating back over 2 decades) has been focused almost exclusively on data forensics, data restoration, and data backups. Because Mr. Al-Qudsi is a nerd who unironically enjoys painstakingly reviewing computer forensics at the byte level, something almost no one else on the planet enjoys, Mr. Al-Qudsi began exploring the recently released Epstein files. Today he released a write-up explaining the problems with the Epstein redactions, errors they left in the PDF files, ... and all sorts of other artifacts the Department of Justice accidentally left behind. By leveraging these different digital artifacts, it is possible for experts such as Al-Qudsi to reconstruct the files without their redactions. See subsequent post for his write-up tl;dr he's reverse engineering and reconstructing epstein files. but hard and will take lots of work pic: me trying to understand computer forensics based on fonts used

I haven’t written a blog/article in a long while. This is my first stab at getting back into the rhythm and I hope it helps! Check it out!

Most security pros prompt LLMs like a Google search and wonder why the output is mid. @MSAdministrator breaks down what actually works on @THOR_Collective today; role-stacking, systems thinking, and more. ✨ Join us at 👉 dispatch.thorcollective.com/p/how-i-use-ll… #threathunting #thorcollective

we have seen a 100x increase in ICS phishing attacks the past couple months. we are doing 2 things: 1. last week, we released support for automatic calendar invite remediation in @sublime_sec 2. open sourcing a toolkit for the broader community to remediate calendar attacks, no matter your email security solution 🧵

When I was a kid we weren’t allowed our Nokia phones at school. We would use pay phones & beepers. Schools around the country are banning phones. Kids nowadays are chatting in a shared Google Sheet. We are the same and I’m here for it.

@cyb3rops This may across as a ploy to sell something but it’s not I promise… That being said, anyone (open source project or not) can use @sublime_sec platform to help protect against these phishing attacks. Seriously you can just sign up or run your own for free docs.sublime.security/docs/quickstar…

So, these threat actors successfully phished an author of multiple open source NPM packages with a total of 2 billion weekly downloads – including debug, chalk, and ansi-styles. Since most companies run at least one React or Angular app, they had the opportunity to execute code on millions of systems across thousands of orgs. And they used it to drop an amateurishly obfuscated crypto stealer, got caught by basic detection rules, and the issue was remediated after 2 hours. I hope everyone understands how close this was – and can imagine what would’ve happened if someone with real skills had done it. #NPM #Compromise #SupplyChain

@HackingLZ @skocherhan Yep yep yep - blank is better than bestbuy or Wikipedia :)

Another day another phishing website protected by Turnstile

We’re hiring for my team — we need detection engineers ready to deep dive and create rules to detect #phishing threats! If interested please hit me up or dm me !

@BlinkzSec @JAMESWT_WT @banthisguy9349 It’s collecting system info

Does anyone have any idea what is being executed here via PowerShell? sha256:61ec38741f1b45c5e797ab56bedc01f63fb089d1946f978a1ba735602e2cb455 hxxp://starmanx.org/comer.bat

@Antonlovesdnb I found that cursor works decent - better than those two from my experience

Spent two days trying to vibe code a bash script, using both Claude and ChatGPT - Random echo statements constantly appeared stating that functions that don’t exist completed successfully - Command line arguments and switches would randomly get made up - When prompted to add error checking to certain functions, they would just get removed instead - I found it difficult to figure out what had changed or been modified - Claude helpfully provided sample output from the script that was completely made up The script wasn’t even net-new, I was trying to modify it to work with Debian vs Amazon Linux Going to do it the good ol fashioned way I guess 🤷