Simo

@CroodSolutions Unfortunately yes

So, who is going to SlopCon - er, sorry, I meant RSAC next week?

Double trouble.. 👀

@maxsec @UK_Daniel_Card wun wun wun!

@SimoKohonen @UK_Daniel_Card

I was hunting for KVMs BAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA

@0x_shaq awesome 💪

It’s coming soon :) 🐉 working on last touch ups before going open source. Context: I wrote a ‘build system’/fuzzing framework that lets you compile, link, analyze and profile your harness/mutators for Apache fuzzing. I’ll post more details when the time comes.

@ZackKorman Nah bud we are in the same camp regarding MCP

@SimoKohonen Hahaha, glad to hear this didn’t cause a quadruple facepalm

I got mad about people defending MCP so I made this video. The first minute is just me being very mad, but then I tried to contribute something of value after that. youtube.com/watch?v=m0VyZU…

@ZackKorman fortunately we are living in the golden age of AI

@SimoKohonen I have bad news for you, I’m posting something else in a few hours probably that’s even dumber

If you believe this you have zero clue how security works.

@DecryptedTech @HackingLZ Not only cybersecurity vc, but he ran a shady fund where they recruited cisos who got to tap into their portfolio companies profits. Not kidding calcalistech.com/ctechnews/arti…

Cybersecurity VC guy explains why you should buy and invest in products he supports, in other news water still makes things wet.

@Backbone666 Dont worry. It might also drop on Friday 4pm!

@SimoKohonen Pls no. I want to leave work normal time tomorrow to watch Great British Menu 🫠

well we are due some Citrix vulns right...? 😮‍💨

Shipped a number of improvements for finding the crucial intel from the @DefusedCyber TI - Filtering by attacker noise index (remove mass & scanners very easily) - Keyword, IP, attack type exclusions Check 'em 👉console.defusedcyber.com/intel

🚨 Meet #CrackArmor. What happens when vulnerabilities are found in the very security module designed to protect your Linux system? I am incredibly proud to share the latest research from our team at the Qualys Threat Research Unit (TRU). We have uncovered CrackArmor: a set of 9 vulnerabilities in AppArmor, the default Linux Security Module protecting millions of Ubuntu, Debian, and SUSE systems. The TRU team discovered a fundamental "confused-deputy" flaw that allows any unprivileged local user to arbitrarily load, replace, or remove AppArmor profiles. But they didn't stop there. By creatively chaining this logic flaw, the team demonstrated multiple paths for Local Privilege Escalation (LPE) to full ROOT: 🔥 User-Space LPE: Weaponizing AppArmor to force a "fail-open" state in Sudo, leveraging Postfix for root access. (Note: Postfix is not installed by default on modern Ubuntu, and this Sudo issue was independently found and fixed by ZeroPath in Nov 2025.) 🔥Kernel-Space LPEs: Exploiting deeply buried memory corruption bugs (including a Use-After-Free and Double-Free) to achieve root despite modern kernel mitigations like CONFIG_RANDOM_KMALLOC_CACHES and CONFIG_SLAB_BUCKETS. 🔥 Namespace Bypass: A complete bypass of Ubuntu’s unprivileged user-namespace restrictions. ⚠️ Urgent Note for Defenders: Patches officially landed upstream in Linus’s tree today. However, due to the new Linux kernel assignment process, CVEs have not been assigned yet. Do not wait for a CVE ID to trigger your vulnerability scanners—start reviewing your patching strategy now! Qualys customers can use QID 386714 - AppArmor Local Privilege Escalation Vulnerability (CrackArmor), which was just released. 🙏Thank you to the Canonical, Debian, SUSE, and Linux Kernel security teams for their coordination. #CyberSecurity #Linux #AppArmor #CrackArmor #QualysTRU #InfoSec #KernelExploitation #ThreatResearch #Qualys blog.qualys.com/vulnerabilitie…

@samlakig Meditation medicine 😉

@SimoKohonen xDDD ngl hes too based

new mix but serene af

@samlakig Downside is seasons 1-2 are in finnish.. but then again you are a finnish apreciator 😂

@SimoKohonen i was looking to watch something!

@UK_Daniel_Card The dumb jokes never end 😂

This is one of a million reasons who Simo is a lovely chap!

@UK_Daniel_Card Have you tried this?

Running a business, you can go on holiday but the business doesn't.... so you sometimes have to work whilst away.... this is why we have tech!

@techspence @CroodSolutions This is the future

As a defender, I want the advantage. I want my environment to be hostile territory to adversaries. I want them to know… that I know that they know I see them. Get wrecked. spenceralessi.com/post/guarantee…