Joe Christian

I’ve been coming to @defcon for almost a solid decade now. This was an awesome weekend! Panel Talk @AppSec_Village ✅ Secure By Design Red Pen Session @DEFCONPolicy @CISAgov ✅ Winning @ThreatModelUs Contest ✅ And…seeing so many of my friends ❤️ Time to sleep 😴

@fr0gger_ Of course. My heart is in it a bit more this year versus lasts.

@Jo3Ram Thanks Joe!! I'll see you in Vegas? 😊

📢 Big personal update!! After almost 5 years, today was my last day at Microsoft. I had the chance to work with very talented people on complex AI and security research. It was a wild ride! Next week I will be at Black Hat Asia. Reach out if you want to catch up and talk about the latest in AI x Threat Intelligence. Ready for what is coming next! ✌️

@fr0gger_ 👀

Report available here cdn.prod.website-files.com/69944dd945f20c…

🤓 Very interesting Incident Response case by Gambit Security where analysts uncovered a threat actor leveraging Claude Code and OpenAI api to breach the Mexico government infrastructure. I really appreciate the level of details in the report, especially around the Indicators of Prompt Compromise (IoPC). I extracted most of the prompts (IoPC) used in this attack and I published them into PromptIntel with the ref "MX-GOV-AI-BREACH", so you can understand the risk and take the next step to detect suspicious patterns in your environment. promptintel.novahunting.ai/feed

Majority of opinions about Anthropic AI capabilities come from people who have never found any real zero-days or developed exploits. A small portion have found some, but they rely on outdated vulnerabilities and exploitation techniques from a decade ago. Few people have really dug into the dozens of Firefox JIT bugs found by Anthropic, and maybe nobody has used Claude Code to pop a calculator using these Firefox zero-days.

@HackingDave I spoke at a Cloudflare event last year and said: AI is a mixture of software security, cloud security, and vendor management. If you were doing any of those things wrong before AI, you’re likely not successful with AI at your organization. Holds true still IMO

Alright, I've stayed away from the Mythos stuff for a little bit. Going to comment on that, but AI as a whole. First, this AI industry is absolutely insane. I feel like I'm back in the 90s/2000s with innovation, but it's not tempered or methodical - it's pure chaos. Everyday there is some AI-dude-bro (or gal) clawing for followers claiming end of cybersecurity, end of software engineering, or this breakthrough changes everything. We're seeing the "streamer" effect of video games now exploding in every industry that hasn't been in whatever industry, but is now a AI-expert thus an expert in anything AI touches because they can prompt. Largely it's not, but what it is doing is requiring us to understand what AI will do to virtually every industry in the future. I'm sitting here right now at a conference I'm presenting at, and I spoke with an individual which was like man... I'm just trying to get through this SAP implementation at my company, I don't even know where to start with AI at the moment. We are still in the extreme early stages of what AI can do, and I think that's really the exciting part - we are at the infancy stages of this. Most enterprise can't handle AI, as most companies couldn't handle agile workflow when it came out either, it took time, but eventually adopted. I won't dive deep into the scalability of releasing AI to the masses based on compute, power, or subsidies because these are real hurdles we need to solve. As you can see with Claude's spike in popularity is causing them to have to dumb the model down upwards of 65% just to stay afloat (Claude is absolutely awful right now for coding - beware). Mythos is cool, really cool - but it's not earth shattering as claimed. The potential here we are seeing a glimpse of what can actually happen though. The ability to do extremely complex tasks, with insane context windows, and high-end reasoning. But, what we saw from other current frontier models including open LLMs, they were able to find the same issues, but had to be specifically targeted towards those code sections because of context limitations and complex task reasoning which was drastically improved in Mythos. What does this mean? Basically. Nothing. It's a lot of marketing hype - but it does prove out that as these models become smarter, it will inevitably produce much better code, be able to work in mind blowing fashions that we haven't seen before - but it will all come down to cost. Right now Mythos is extremely expensive because of the compute needed, and we may solve that over time, but it's not there yet. The subsidies right now means AI is not ready. Scale is our biggest bottleneck right now and until that's solved, the industry will not move as fast as it could. What's particularly impressive is how the open models are starting to perform on par (or better) with the frontier models and become way more efficient without restrictions (turboquant) as an example. Our ability to use near parity models on our own hardware will only continue to get better which is a huge threat for these companies. I at first looked at Cursor's implementation of Kimi as they were falling behind because it wasn't "their own model". That wasn't accurate, its that the open models are performing substantially better than from 6 months ago, and will soon be leading the charge or close to it. What does this mean for cybersecurity? The industry is changing rapidly, and I absolutely freaking love it. We needed a swift kick in the ass in this industry that was largely stagnant for the past 10-15 years. What used to be a handful of incredibly talented security researchers that knew systems internals, savants at reverse engineering and reading through millions of lines of ASM is now being afforded to the masses, but still has a long way to go. The reason AI is so good at doing this stuff is because they paved the way, and will continue to do so in different ways. Not eliminated or removed, enhanced and better than ever. AI is single handedly the largest theft of plagiarism that has ever happened in human history. I just got a 10K check from Claude for ripping off my Metasploit book to train its model to be smarter actually :P I am all for things that make the world a safer place. Our goal in cybersecurity is to fix the world, make it less harmful when using technology - we should be adopting this. Note that it's going to come with a ton of fluff, hype, doomsday predictions, people that are now AI exports or coding experts but have never written a line of code themselves. That's all to be expected if you have ever been to an RSA conference. AI will product meaningful change in an industry that needed it. Cybersecurity is much more than bugs or defects, it's protecting against risk. AI is a new emerging risk, it's going to keep us insanely busy right now, and for the foreseeable future.

@Arrrrash Marathon is the best Halo experience we’ve had for almost two decades now. Let that sink in

Glad to see Halo is still a disaster lmao

Your SOC2 compliance is fake, your deploy platform leaks private user data, and your HTTP library has malware in it. Happy Monday.

@pcpcats Broooo 😭

It's the year of the supply chain. You guys are going to be busy a very long time. 🤣 🤣

Every damn time

Dawg, I'm going to bed and someone shoots a fucking nuclear missile into the internet

AppSec teams dealing with their 10th supply chain security incident in like 5 days 😫 #axios

@Byrdman Similar experience

Rook runs have been insane today. This shell on Outpost is flat-out the most fun I've had in a game in so damn long.

Oh my god… look at all this loot coming out of Dire Marsh 😳

@Skarrow9 Your whole team has to make the final exfil to leave?! 😞

This post has shown me that people have no idea how the REAL hidden final exfils on Cryo Archie work or where they are located. So I made a guide. EVERY FINAL EXFIL LOCATION ON CRYO!! Like, rt, and share with your friends so you can save your loot! youtube.com/watch?v=2RcMnp…

Asking people how their Cryo runs went this weekend and they sound like they're coming off of a 4 day bender in Vegas.

@Ziegler_Dev @MarathonDevTeam Last game of Cryo and encountered a bug. There’s an inch size gap in the floor where your bag can fall down 10m and you’re are unable to be rezzed (even with a triage ult) Terrible way to end my final run after we wiped a team. Why is there a hole!?!

First haul on Cyro Archive is getting all those remaining salvage for Nucal

You all are in for a treat when it comes to Cryo Archive 👀 #marathonthegame

@PaulTassi @Forbes Real ones remember when the nav points were basically 3-5m ☠️ This is a great change!

‘Marathon’ Reveals First Buffs, Addresses Bad Microtransactions via @forbes forbes.com/sites/paultass…