Blake

@AndrewCGower Hey Andrew! Are there any plans for changeable font sizes? With my eyes, I really struggle reading the professions tab and quest bar without it taking up the whole screen. Especially on the steam deck. Thanks!

Brighter Shores - what I am currently working on. - I have just finished making the knowledge bar go to 200% so you can save a bit for later without being nagged like crazy if you are close to wanting it for a passive unlock. This will be in the next update - probably today or tomorrow. - I am now currently working on transmog support and some limited edition christmas transmogs, which you will be able to collect this christmas only. - After that I am planning on doing ‘queuable actions’, so for example you can shift-click on all the trees in the chunk and your avatar will chop each one in sequence. With the queue showing as an interface overlay. - Then unless something else comes up which is more urgent, probably p2p trading. And there is tons of urgent stuff to work on after that, so I will be kept very busy!

If you're hunting for vulnerable XZ instances in Velociraptor: - For Linux, run the Packages artifact and add `WHERE package =~ "xz"` to the default notebook. - For MacOS, list the directory `/opt/homebrew/Cellar/xz/5.6.*` for instances where users have to update/upgrade brew.

Forgot to mention this will only work on v0.7.1 onwards, due to the updated ETW library.

I've just added a Velociraptor Artifact to query this ETW provider, you can grab it here: github.com/Velocidex/velo…

Did you know you can use the ETW provider "Microsoft-Windows-DotNETRuntimeRundown" to get a list of loaded .NET Assemblies/Modules/Namespaces? This can be particularly useful for finding malicious DotNet which has been loaded reflectively, using Assembly.Load().

It's physically impossible to keep up with the research being released nowadays. Basically life becomes a mix of FOMO, Imposter Syndrome and eventual burnout😭 What's the solution you might ask? Welp it turns out, no one is actually keeping up with everything. 😂Everyone is working on their thing, so keep doing yours.

Hi SIEM vendors, I've noticed you're using Sigma rules from the community GitHub in your products and calling them "Built-In", but you're not giving credit to the authors. It's a simple thing to do and really important for respecting the open-source community's efforts and the Detection Rule License (DRL). Please start crediting the authors and respect the DRL.

Have you played around with @velocidex 0.7.1-rc1? With some great features like #sigma integration, I'm excited for the future of Detection Engineering in Velociraptor. Try it out now! 😁 github.com/Velocidex/velo…

Good morning fellow Telstra users

While there are many great articles that discuss logs to be sent to a SIEM, many don't mention filtering on the endpoint during investigations. This is an area in which @velocidex excels. 🦖🚀 #FastForensicsBeforeFullSendIt #LogManagementMusts #SaveTheSIEM #SplunkCostBoss

If you missed VeloCon23, all talks are available on YouTube and the website. docs.velociraptor.app/presentations/… #dfir #cybersecurity #rapid7

@power_napz Leaked audio of me during an incident.

Uhh I think I’ll just stick with the brown noise for tonight, but thanks

Excited to be speaking at an @ACSnewsfeed event this Tuesday in the #riverina . Great opportunity for local businesses to come ask any Cyber Security incident response questions! acs.org.au/cpd-education/…

@reprise_99 Real Word users use it on Server Core. GUI is so lame, omg.

Does anyone actually type in Word using anything other than the one page view? If you do, you are history's greatest monster.

Hi X, it's been a while. I'm excited to announce that I've joined the @rapid7 @velocidex team, focusing on the open-source build. We've got some exciting things in the works, and can't wait to share them with this amazing community.

@AlanJ_KA7 If I could, I'd join you. I feel like we would look great in matching merch.

@runasand A similar thing happened to my partner. When we got access again, we had to change the email address and phone number to something completely different so they wouldn't be able to use the same logon information to try and reset it. I hope you get access again soon!

Anyone at Meta who can help with a hacked Instagram account? We can log in; revoke sessions; change the password; set two-factor, but seems the person still has access and kicks us back out. DMs open.

@cyb3rops Building bespoke techniques into your own c2 can be amazing for detection engineering so I can understand the courses. But I'm also of the opinion that offensive tools shouldn't be shared on github, even with the "only for educational purposes" in the readme. 🙄

How did we get from "malware author arrested by law enforcement" to "check out my new malware development course on Github"?

@nikksterDotTech Create a way for it to slowly transition through all the different themes every 20 minutes. Not only will it allow you to use all your themes, but it'll also provide a great opportunity to gaslight your visitors into wondering if the site was this colour before.

What do you do when you have ✨too many✨color palettes that you love for your website? I just threw a logo together, changed all my colors, and now I want a third theme in addition to light and dark mode.