Aiden Mitchell retweetledi
Aiden Mitchell
375 posts
Aiden Mitchell
@amitchell516
Moved to https://t.co/NibbrE5Ia2
Canada Katılım Aralık 2021
1.1K Takip Edilen88 Takipçiler
Park in FSD doesn't work at all, lol
Sawyer Merritt@SawyerMerritt
Tesla now has one thing left to do on this list
English
Aiden Mitchell retweetledi
🚨 Detection coverage for CVE-2025-21298:
🤝 h/t to our friends at @delivr_to for their excellent detection work: github.com/delivr-to/dete… 💪
🔍 @sublime_sec 's existing rule flags this too: sublime.security/feeds/core/det…
English
Aiden Mitchell retweetledi
Scammers are using distribution lists to hide their tracks while blasting a wide range of targets in this new variant of Living Off the Land (LOTL) + callback phishing attacks.
We’ve seen it with trusted brands like Microsoft, Venmo, and PayPal. Learn how the scam works: sublime.security/blog/callback-…
English
New @sublime_sec rule out for this, utilizing our ability to run YARA rules on attachments: sublime.security/feeds/core/det…
Looking back, we've seen this technique in use for some time. FWIW, Office does warn you that the document is corrupted, and only to click "yes" if you trust it.
ANY.RUN@anyrun_app
🚨ALERT: Potential ZERO-DAY, Attackers Use Corrupted Files to Evade Detection 🧵 (1/3) ⚠️ The ongoing attack evades #antivirus software, prevents uploads to sandboxes, and bypasses Outlook's spam filters, allowing the malicious emails to reach your inbox The #ANYRUN team discovered that as part of this #zeroday attack, threat actors attempt to conceal the file type by deliberately corrupting it, making it difficult for certain security tools to detect 📌 Our sandbox solves this problem thanks to interactivity. It launches these broken files in their corresponding programs, which allows it to identify #malicious behavior See example: app.any.run/tasks/6839e806… 🚫 Although these files operate successfully within the OS, they remain undetected by most security solutions due to the failure to apply proper procedures for their file types They were uploaded to VirusTotal, but all antivirus solutions returned "clean" or “Item Not Found” as they couldn't analyze the file properly
English
Aiden Mitchell retweetledi
EML attachments are a clever way to bypass traditional analysis because they automatically get rendered and embedded in the original message, without user interaction, by most mail clients:
sublime.security/blog/hidden-cr…
h/t @amitchell516
English
Yeah, I won’t believe it until I see it, what with Google’s history of killing things at random.
Shea Cohen@futureform_
Am I the only one who thinks 7 years of OS updates is just completely unnecessary? It feels like it’s just for marketing. That would be like the original Pixel running Android 14. Completely impractical, and a terrible experience.
English
Aiden Mitchell retweetledi
@SwiftOnSecurity @CRSD72 is still this way… students can print directly to the superintendent’s office 🙃
English
In high school I port-scanned the entire district network internally and sent direct prints to district HQ printers complaining about their lack of segmentation.
Dodge This Security@shotgunner101
@malwrhunterteam You'd be surprised how people learned Infosec before degrees, certifications, and things like virtual machine software existed and were common place. Many k-12 schools got to experience kids cyber pranks. Obviously without authorization.
English
why make employees suffer with these useless assessments, when you could invest in better email security
punishing employees for failing phishing tests is not the answer...
Cybergibbons 🚲🚲🚲@cybergibbons
Recently had to do @KnowBe4's "Security Awareness Proficiency Assessment", and I've got to say, I think it's actively harmful to improving security. Let's look at the questions
English
Aiden Mitchell retweetledi
If you're running @sublime_sec, you can prevent this at your email perimeter. @delivr_to put out a detection for the WinRAR vuln when the CVE initially dropped: share.sublime.security/feeds/delivr-t…
blackorbird@blackorbird
North Korean hackers exploits WinRAR vulnerability (CVE-2023-38831) to attack the digital currency industry. wallet_Screenshot_2023_09_06_Qbao_Network.zip virustotal.com/gui/file/40d1e… report: paper.seebug.org/3032/
English
Aiden Mitchell retweetledi
Average age of last reboot time on core switches.
English
Can confirm, it just works. Now it looks like I have a FortiGate at home :p
maybe tomorrow it'll look like I have a Sophos firewall
Andrew Morris (afk)@Andrew___Morris
someone in GN Sensors Early Access just asked if their beefy 16gb ram server would be enough to run a GreyNoise sensor👀 512mb ram to run literally anything from lighttpd to Microsoft Exchange and beyond. if it can run wireguard and iptables, itll run. docs.greynoise.io/docs/sensor-in…
English
Aiden Mitchell retweetledi
Aiden Mitchell retweetledi
This is so sick. Email -> Attached EML -> Embedded image -> OCR -> NLU to identify a financial request. Outlook/many clients will render an attached EML in the *original* message, making this an effective evasion technique. We've seen this in the wild recently. h/t @amitchell516
English
k bye
@amitchell516" target="_blank" rel="nofollow noopener">threads.net/@amitchell516
HT
@TransLink Turn backs have now been cancelled, end-to-end service restored. Expect delays, as there is still single tracking in place.
English
@TransLink Passengers, use the 119 bus at Metrotown and Edmonds to bridge the gap.
English
#SkyTrain Expo Line service between Edmonds Stn and Metrotown Stn is suspended beginning at 8:30 AM due to technical issue. Trains will be running between Waterfront & Metrotown Stn, and between Edmonds to Production-Way and King George Stn. M-line and Canada Line Unaffected. ^SM
English