Sulyspa

I learned i have a new pet peeve today.... If you create an app with a task bar icon put an exit option in the context menu I'm looking at you @Apple, i shouldnt need task manager to close the icloud app in windows. If i wanted awkward i'd use Linux

@IceSolst @UK_Daniel_Card @ZackKorman That sounds a little pyramid shaped

@ZackKorman @UK_Daniel_Card Aren’t most of the investors in YC companies also YC alumni? Who encourage their other YC portfolio companies to buy other YC products and services? gstack is crazy

So far about 1/3rd of the Delve customers I’ve gone through are other YC companies. By that measure, YC’s investment in Delve was a massive success even with it now going to zero.

@UK_Daniel_Card You use your own phone? Rookie moves. You need to mug someone every time you need to make a call, cant link a burner to you if its already linked to a patsy.

How often do you factory reset your phone and setup a brand new account? Me I do it daily because if you don’t, do you really care about privacy?!!?!!! /S

@UK_Daniel_Card @three_cube Regtetting not taking up the war on greenlands penguins instead at this point i'd imagine

How's the mad king doing across the pond?

@UK_Daniel_Card If anyone manages to sneak a t-shirt cannon into a con

@Sulyspa hehe swag ops 3 :D

Security insane l00ns: HOW DARE YOU DO THINGS TO HELP PEOPLE BE SAFE FROM CREEEPS! DID YOU EVER ASK PERMISSIONNNNNNNN????!!!!!! fucking bonkers, like I literally have run unofficial CTFS inside cyber cons coz it's literally part of the fun! People give people stickers, gifts and gadgets etc. like that's the entire fucking point of the cons, it's to make friends/network and enjoy/share the stuff we do. (and yes there's also a sales and marketing part)

@Eliza_MayAustin @vxunderground People rarely actually check what they download and run. If it looks vaguely trustworthy on Github it generally seems to get a free pass.

@vxunderground What's your theory on why Open Source is being increasingly targeted?

The past couple of months I've personally witnessed a few changes in malware that are so significant that it blatantly sticks out. 1. Malware written in more esoteric languages. I've witnessed a shift away from languages like C/C++ to languages that are heavily abstracted, most notably NodeJS with Electron. 2. A MASSIVE shift toward targeting open source solutions. While this isn't new, the past couple of months its been every single day someone is targeting a supply chain via masquerading or directly targeting the open source provider. 3. AI has assisted with the shift in the malware landscape ... toward higher level languages. I've witnessed a spike in multi staged malware using a lot of LOLBIN-like methods. Again, this isn't anything new, but I've witnessed such a dramatic spike I believe it is the result of AI making it much easier to create and use high level languages 4. The introduction of new threat landscapes: Clawdbot (or whatever it's called now). This has resulted in a shift toward MacOS malware which is referencing bulletin point 3. Heavy usage of ClickFix with high level multi staged languages (bash script to Js) 5. AI being used for social engineering. Historically I've seen really crappy malware lures and phishing pages. I suspect AI is helping polish pages and making them look more realistic, possess no typos, use good grammar, etc.

@UK_Daniel_Card Could be the start of something big for the next con... Stealth swag distribution, Call of Duty: Swag Ops

I am frankly shocked at some of the responses I've seen. like honesty... some people look like they need to see a shrink.... some people probably need to not work with other people, and some of the men probably need to never go near any women..... it's fucking odd what people have written. If this was a CDN competitor trying to advertise I would see some of the point (a tiny tiny bit) but it was a community artist group (fan club not even the group) being nice and having fun. if I had paid for the bar I would have said; oh cool, can we do a collab next year? or if I really didn't like it, I would have just said, sorry excuse me but do you mind not giving them out. it's really not hard to not be a dick.

@aylacroft @EvanKlein338226 Calling that a job is a stretch.... pretty sure only exploit used in that test came from the HR Department.

@EvanKlein338226 But the reason they're using noobs is because they dont know better and accept the teenie pay. One job was $250 for 30 hours of work.

Question... if you hired a company for red teaming & found out that the "red teamers" were actually random new to the industry what would you do? Would you respect a security company that paid out so little that only noobs were interested in red teaming?

@UK_Daniel_Card Looks like user error, those alerts clearly show you need tk unlock with an apple watch for video to playback properly. Cant expect it to work wothout the right jardware auth tokens </s>

Macs do crash!! 💥 #MacNeo

@UK_Daniel_Card Defender on my Mobile, just because i have it as part of my home labbed 365 suite.

Does anyone here use any security software on their iPhone or Android device? e.g. something like the Netcraft apps? netcraft.com/blog/netcraft-… If so, what do you use?

@UK_Daniel_Card I like my two IQ points so wont read more than the summary, but from that are they suggesting that sandboxes are bad things because the malware doesnt go pop?

I feel like I lost some IQ reading this...

@UK_Daniel_Card So if one mistake gets the whole place fired, what does "founding brexit" get you, a one way ticket to the sun?

Imagine someone thinking the entire civil service should be fired because of a security vulnerability in one platform….. That would be like firing your entire workforce because someone broke a window and entered an office premises. Madness. That’s not how you deal with security vulnerabilities or incidents (this also was responsibly disclosed and at this time there’s no reports of it being exploited by threat actors)

From Becky 2 Belts to Becky 2 Taps... #EliminationChamber

@UK_Daniel_Card I feel the best job in the tech might actually just belong to whoever goes takes those photos 🤣 Forget this security lark

@IceSolst 10-15k Lines of Crap.... Should be in sales not software 🤣

He’s approaching “Rust (Bitcoin style) encryption” levels of cluelessness It’s prob a heuristic for who they invest in, given its mostly been 16yr olds

@IceSolst If its LAF capable, would that make it LAFable?

The image is interesting, illustrates a sort of WAF but for LLM input. LAF?

@UK_Daniel_Card I dunno... the number of people that skip MFA day... shocking.

Strangest fucking tweet I’ve read today 🤣

@IceSolst I'd be happier if they added a button somewhere to turn it off when needed, along side the ✨️ass button. I'm all for AI, but disabling it in a corporate environment thats not ready for it... Its like a never ending whack-a-mole game

If you have a feature to add, just add it without your ✨ass button

My issue with features like Copilot & Gemini, other than consent, is UI: They’re branding it, and adding a multi-purpose button, that changes for each app. Why is this functionality not naturally integrated into the app’s existing UI? Why are most of them either side-panel chatbots, or new branded buttons?

@LisaForteUK "It wasnt bad enough you had to listen to the drivel we let AI put on there the first time, lets remind you if what you tried to forget.."

What new hell is this LinkedIn!?! 😂😬🤮

@tryhackme To still not have time to study anything because everything is too busy getting breached and we have to do it all for real before practicing 😶‍🌫️

Dear Santa, All I want for Christmas is... (Wrong answers only ⬇️)