Mathias Fuchs

@EvenRealities Great I bought g1 for 800€ just for it to be replaced with g2 shortly afterwards and g1 pretty much does not get any new features. Never again.

Even G2 Update v2.2.0 is now live. Introducing Terminal Mode, plus a set of performance improvements. What’s new: • Terminal Mode: interact with AI coding agents directly from your glasses What’s improved: • Export for Conversate records • Export for Translate records • Continuous conversation without “Hey Even” • Batch uninstall for Even Hub plug-ins • More accurate sleep detection • New visual indicator for successful restart • Improved Bluetooth stability Update via the app now.

Today, after a long battle with cancer, we lost @FVT His wife asked that we share the news of his passing, "His love for the community that he was in (as a curmudgeon). His joy for being involved with every thing that he & any team that he worked with. He fought to the very end."

@evclinic Sehr cool. Könnt ihr auch mit Zero Motorrad Akkus umgehen?

🇦🇹Österreich, entschuldige, dass du gewartet hast – aber wir kommen endlich. Heute wurde der erste EV Clinic Standort in Österreich unterschrieben. Tirol. Ein Team, das Verantwortung für die Region und darüber hinaus übernimmt – ein Gebiet, das uns lange gefehlt hat. Über 200.000 registrierte Elektrofahrzeuge und ein chronischer Mangel an echtem Engineering-Ansatz. Das ist kein weiterer Servicebetrieb. Das ist ein Team, das genau weiß, worauf es sich einlässt. Keine Copy-Paste Lösungen, kein blindes Teiletauschen, keine Kompromisse. Das EV Clinic Netzwerk bekommt damit ein entscheidendes Glied für eine der anspruchsvollsten EV-Regionen Europas. Der Plan geht weiter – rund 10 weitere Standorte. Nicht um “abzudecken”, sondern um den täglichen Backlog endlich zu reduzieren. Die Nachfrage liegt schon jetzt weit über den Kapazitäten. Wenn du zu EV Clinic kommst, kommst du nicht für eine “Reparatur”. Du kommst für eine Lösung, die hält. Wir bekämpfen keine Symptome – wir beheben die Ursache. Wir folgen keinen Standards – wir setzen sie. EV Clinic wurde aufgebaut mit 0 Krediten. 0 Sponsoren. 0 EU-Förderungen. 0 Spenden. 100% privat. 100% original.

Frontier models don't just drift. They get quietly starved of compute when the vendor needs GPUs for the next one. That's fine for a chatbot. It's an audit problem for anything making security decisions. @mathias.fuchs/your-ai-detections-are-rotting-model-drift-as-a-hidden-risk-in-security-operations-cac014477248" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs…

@SANSInstitute @oorozcoo You can download it here: github.com/cyb3rfox/Auror…

@oorozcoo @mathias_fuchs Here you go: sans.org/tools/aurora-ir

I’m trying to find the #AuroraNG version from @SANSInstitute, is anyone using it? Or have any advise on finding it or any documentation? @mathias_fuchs

@daddyislala Thank you, I hope I'll eventually have more time to be more active again.

@mathias_fuchs Great to see you on the timeline again

We built a thing. WarroomX — AI-assisted scenario creation, synchronized observer notes, reports that don't require a ouija board to reconstruct. Tabletop exercises that actually work. Launching Q1. Full breakdown: @mathias.fuchs/the-crisis-that-never-happened-why-tabletop-exercises-are-the-best-thing-youre-not-doing-enough-9b94a18fbac4?postPublishedType=initial" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs…

Most EDR tests are easy mode — Agents spawning commands, “AtomicTest-T1055.ps1.” Your SOC spots them instantly. GHOST changes that: Zero footprint. Real attacker commands. Realistic process trees. If analysts can’t tell it’s a test, you’re ready. More: @mathias.fuchs/ghost-framework-zero-footprint-edr-testing-that-trains-your-analysts-for-real-threats-15ba2620b17d?postPublishedType=repub" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs…

🚨 Identity is now global. Are your IR skills? Explore how breaches leverage Microsoft, Google, Apple, GitHub, and AWS—and master the practical GLIDER Framework for modern incident response. Full guide here 👉 @mathias.fuchs/from-local-to-global-the-evolution-of-identity-in-incident-response-bfa5ddee9868" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs… #CyberSecurity #IncidentResponse #GLIDER

Attackers love RDP for sneaky lateral moves—but every pixel leaves a clue! 🕵️‍♂️ Check out my latest blog on tracking attackers through logs, bitmap caches, and clipboard trails (plus a printer tale too funny to miss). #DFIR #BlueTeam #CyberSecurity @mathias.fuchs/chasing-ghosts-over-rdp-lateral-movement-in-tiny-bitmaps-328d2babd8ec" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs…

🗓 Logs lie. Prefetch tattles. ShimCache whispers. Timestamps dance. Building timelines in DFIR isn’t just science—it’s chaos theory in action. Join me in taming Chronos: @mathias.fuchs/chronos-vs-chaos-the-art-and-pain-of-building-a-dfir-timeline-a40c6e37106d" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs… #DFIR #IncidentResponse #CyberSecurity

🚨 Bob from Accounting could be your biggest cyber threat. Seriously. 83% of orgs saw insider attacks last year. Tesla sabotage, Snowden leaks—your office has never felt spookier. Read how to spot & stop these insider rogues 👉@mathias.fuchs/understanding-and-mitigating-insider-threats-f31b8de00b48" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs… #CyberSecurity #InsiderThreat

🕵️‍♂️ How do attackers ghost past your EDR? New blog post dives deep into evasion tricks—LOLBins, memory games, syscall magic & more. Time to up your detection game! 👻🔍 👉 @mathias.fuchs/ghosts-in-the-endpoint-how-attackers-evade-modern-edr-solutions-90ff4a07fdc2" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs…

Tier 1 SOC Analysts: Highest responsibility, least experience, infinite alerts—what could go wrong? Plenty. Find out how automation and AI could save your analysts' sanity (and yours). ☕️🤖 #CyberSecurity #SOC #AI @mathias.fuchs/why-being-a-tier-1-soc-analyst-is-practically-impossible-and-what-to-do-about-it-ce5c4b39f17d" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs…

Choosing an IR partner = Picking a parachute packer. 🪂 Know your red flags 🚩, must-haves ✅, and absolute no-gos ❌ before you're in free-fall. Dive into my latest blog 👉 @mathias.fuchs/choosing-an-incident-response-partner-red-flags-must-haves-and-deal-breakers-a0526f35aa09" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs… #CyberSecurity #IncidentResponse #DFIR #CISO

Last week: macOS forensics (easy!). This week: Linux forensics (not easy at all!). Ever wondered why Linux is tougher than Windows forensics? Scripts, logs, chaos! ☕🐧 #DFIR #Linux #CyberSecurity @mathias.fuchs/linux-forensics-is-harder-than-windows-heres-why-cd30a4d2604d" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs…

Think Mac forensics is harder than Windows? Think again. 🍏 Unified logs, fewer artifacts, built-in snapshots—macOS might be easier for DFIR. Except memory. That’s still hell. 🔥 Full deep dive for IR pros here 👉 @mathias.fuchs/apples-to-apples-why-macos-forensics-can-be-easier-than-windows-19c9f234c1a1" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs… #DFIR #macOS #forensics #cybersecurity

🛡️ Microsoft's new ReFS filesystem is changing the rules of digital forensics & IR. NTFS artifacts are evolving—are you ready? Read our deep dive here: @mathias.fuchs/the-impact-of-microsofts-refs-on-dfir-cdb78f401bfd" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs… #DFIR #ReFS #CyberSecurity #IncidentResponse #Forensics

Even the best responders can’t work miracles in the dark. 🔍 Why visibility is everything in incident response – and what EDRs & network monitoring don't tell you. Read the blog 👉 @mathias.fuchs/from-all-seeing-to-flying-blind-a-journey-in-incident-response-visibility-1aa0f03e2b1d" target="_blank" rel="nofollow noopener">medium.com/@mathias.fuchs… #DFIR #CyberSecurity #IncidentResponse #Velociraptor

🚨 What aviation taught us about handling cyber crises ✈️ When incidents hit, it's not just tech that saves the day —it's teamwork. I just published a new article on how Crew Resource Management from aviation can level up incident response and crisis management in cybersecurity.