Greg Young

"The warp engines are fine, Captain. It's the toilets. They cannae take any more."

@chrissanders88 Check the DNS. It's always DNS.

Investigation Scenario 🔎 Browser history for an HR user shows repeated visits to chat.openai[.]com, followed by creation of C:\Users\chris\AppData\Local\Temp\cleanup[.]ps1. The file is not available, and the hash shows no matches in OSINT resources. What do you look for to investigate whether an incident occurred? #InvestigationPath #DFIR #SOC

oh myyyy

But AI is going to take over security....

Lawyers being rated a 9/10 risk at being replaced by AI tells you everything you need to know about this "research".

@UK_Daniel_Card Finding what your environment is, is really really really hard. Shadow IT, etc.

am I being unfair? #Vulnerability #Management

Funny enough, my most positive professional experiences as a class are with General Counsel. Seems like the kinda job you just smoke a cigarette and rub your eyes saying "oh my God not this shit again" and "please repeat what you said they did," all day – forever.

Name a movie you’ve seen more than 7 times with a GIF...

Every army buddy I have sent this to agreed.

🚨 BREAKING: Anthropic just dropped Claude Code Security and my boss already scheduled the company-wide 'Active Directory Retirement Party' for next Friday. Yeah that's right… Claude now scans your entire codebase like a caffeinated red-teamer on Red Bull. Finds logic flaws & vulns that SAST/DAST missed for 15 years. Spits out clean patches, and requires only a human rubber-stamp. So obviously the logical next step is feeding it our entire forest: “Hey Claude, audit this 2012-vintage AD domain with 47 lingering 2008 R2 DCs, 12,000 stale computer objects, 3 guys still using NTLMv1 because 'the mainframe needs it', and a GPO spaghetti monster that hasn't been touched since Obama was president.” Claude after 47 seconds: ✅ Found 8 Golden Ticket paths via unconstrained delegation ✅ Detected 19,342 users with password never expires + doesn't require pre-auth ✅ Located the service account with Domain Admin rights running under svc_sqlbackup_01@corp.local on a file share called \\PROD-DC01\Backups$ ✅ Suggests replacing the whole forest with Entra ID + 17 conditional access policies ✅ Bonus: politely asks if we'd like it to just Kerberoast itself and save everyone the trouble CrowdStrike, Ping, Okta, and every PAM vendor stock just shed another 4–9% in after-hours. Me, the lone surviving on-prem AD dinosaur admin at 2 a.m. refreshing Event Viewer for the 400th time: It's fine. Everything's fine. Claude can't reboot a domain controller at 3 a.m. when the PDC emulator bluescreens during Schema Update because someone forgot to demote the old one first. Claude has never tasted the sweet tears of a Forest Functional Level upgrade gone wrong. Claude doesn't know the true meaning of 'the replication engine won't start because years ago someone ran repadmin /removelingeringobjects without /advisory_mode first. We still win. For now. …right? 😭🪦 #Cybersecurity #ActiveDirectory #ClaudeCodeSecurity #SendHelp #StillNoKerberosArmoring /s thanks grok for the lovely tweet 😆😂

friend randomly started texting formally and using em dashes

Kinda nostalgic seeing that ODBC source interface. Good times.

On two separate occasions Amazon’s Kiro AI assistant caused an AWS outage, one that was 13 hours long. Amazon blames this on “user error not AI error,” which is one of the most embarrassing things you could ever say as a human being

@vxunderground "tl;dr malware is illegal and for nerds" but Wu-Tang is for the children

I've seen nerds say, "how does the malware guy who doesnt go outside have a family and i dont?" Well, it's very shrimple. 1. I don't talk about what I do, ever. They don't understand malware and if I tried to explain it they'd be scared. 2. I don't tell anyone what I do on the internet, ever. If I told people I unironically talk to cyber terrorists and send the FBI pictures of cats they'd be scared. 3. I don't talk about computers or anything technology adjacent, ever. Computers are for nerds and normal people don't understand it. If I explained anything they'd be scared. 4. I dress normal. I wear generic middle class jeans from generic middle class stores. I wear generic shoes like Nikes. I don't wear cybersecurity shirts. All my shirts are cheap $8 shirts that are blank with no logo on it. Basically, be a normal person. Talk about dumb shit, like the weather or food, or something. Ask people about themselves (they love talking about themselves). You have to segregate internet person from IRL person. tl;dr malware is illegal and for nerds

@NightShiftMD 'tydney!

Hey Sydney Cape Breton I'll be on Mainstreet right after the 5 pm news talking about my new book The Casino Shift thecasinoshift.com

Despite being in the right - is the trouble and time it worth $45? Courthouse parking or an Uber alone is half of that. Try calling the city to get it handled. Many cities will remove tickets when there's an obvious error e.g. wrong license plate on ticket, car doesn't match plate, etc.

The “violation” occurred at 12:40 am and was caused by falling snow which covered the parking permit on the inside of the windshield. Which would have been visible had the officer brushed off the snow. Should I fight it?

Hello, This social media profile is now the largest cybersecurity-related profile on Xitter. It has passed @SwiftOnSecurity. What does this mean? Well, as the top influencer I am carrying the weight of the world on my shoulders. This is a very serious role. I'm basically a superhero. First, I will begin pushing my new cybersecurity course. It will be somewhere between $200 - $500. It will not be formally recognized by any institution or employer. Additionally, it will be poorly developed and half-assed. I will lie and say it will help you get a job (it won't). Second, I will begin pushing cryptocurrency coins which I will say are going to solve some opaque problem in cybersecurity. I'll make something up, like, "this coin will prevent DHCP DNS cluster fraud". It won't make sense. When someone questions it I will immediately deflect blame or call them bad names. Third, I will travel to every major cybersecurity conference. Each talk I give will not be technical. My talks will primarily revolve around my experiences, and wisdom, or something. I will pretend to be an old sage filled with knowledge, things you could literally never understand. In actuality, I can barely send an e-mail. Thank you for the love and support. I look forward to rug pulling all of you.