Bramancer

@blackroomsec Of course! Citing sources is important, after all.

🤣 Please do. Tell em BRS said she heard it! 🙃

@solostalking There's always another pattern to be found.

I have a noob question for CTI peeps APT group is typically identified based on its known TTPs(infra as well), what happens when the original members leave and new operators with entirely different skills and techniques take over?

@blackroomsec Adding "something has awoken" to intel reports as often as possible from now on.

Good morning, pirates. I'm seeing increased phishing activity on sites you would not expect and on puppet accounts which aren't known or tied to me. Something has awoken. It might be a good idea for you all to audit your personal credentials this weekend. Start hardening. If you need help, ask me. If I don't know the answer I definitely know the person who does. The window of opportunity to shore up our defenses is narrowing by the hour.

@arekfurt Agreed, using "sophisticated" wrong sounds like nails on a chalkboard to me. Unfortunately I've also been forced to use it in writing before because that word specifically apparently captures the attention of executives like little else.

I hate how use of the term "sophisticated" is used/abused in describing cyber actors. So here is an actually sophisticated actor. Note the: -decently executed multi-stage social engineering -array of bespoke tools -fact there's obviously complex back-end processing occurring

@0xTib3rius Ain't about to risk being on the basilisk's shit list on his word alone

Yet Opus' therapist says we should be actively nicer to it. 🤔

@HackingLZ @jamieantisocial @greglesnewich @LunchM0n3ey9090 @_xpn_ Why would anyone bother with behavioural patterns for attribution, insane

@jamieantisocial @greglesnewich @LunchM0n3ey9090 @_xpn_ That is a good point often reports don’t even speculate at why certain choices were made

Am I wrong in thinking our red team pals (@HackingLZ @jamieantisocial @LunchM0n3ey9090 @_xpn_ etc) read CTI reporting in much more depth than we do? Not just to look at interesting capabilities but also understand how they got caught and apply it to their own ops

@rekdt @IceSolst @gcvftw Fuck you man I choked on my gum reading this

@IceSolst @gcvftw And the doctor says, “no, just regular doctor”

CISO goes to doctor. Says he's depressed. Says cybersecurity is harsh and cruel. Says he fears Mythos and needs to patch all vulnerabilities in the CISA KEV catalog immediately. Doctor says, 'Treatment is simple. Great CISO Pagliacci is in town tonight. Go and see him, he can help patch all vulnerabilities in the CISA KEV catalog immediately.' Man bursts into tears. Says, 'But doctor...

@TheHiddenOneAC Missed that change in the patch notes, nearly fell out of my chair when I saw it ingame. These Devs are mind readers.

The most underrated addition in the latest Crimson Desert update.

@vxunderground Perfect music choice

"whats it like working in cybersecurity?"

@vxunderground I dunno the LED thing is pretty important tbh

There is this strange phenomena where people new to cybersecurity go way overboard trying to look cool and badass to give the facade of being really technical. I'll tell you something right now. You probably won't like to hear it, but it is important. Nobody cares about: - Your certificates - The conferences you've attended - Your vendor swag - What OS you're using - How many LED's your computer has Here is what your peers admire the most: - If you're polite - If you're willing to admit if you're wrong - If you're easy to get along with If you're just a chill nerd who is nice, easy going, willing to admit when you're wrong, you will go further than the big mean nerd with the galaxy brain

@ImposeCost Twitter does love their straw man arguments.

"Misinterpreted" is usually "intentionally misrepresented."

@fr0gger_ @grok please convert Noah's announcement post into Russian, may as well get ahead of the market.

I predict Claude Code will be weaponized as a payload in future compromises with this feature!

@fr0gger_ No stress if not, hardly important lol

@Bramancer aah I didn't keep it, I'll try to find it again

I found a real Christmas tree on Shodan… or maybe it is the worst honeypot ever 😅

@UK_Daniel_Card Bout to put the whole industry out of work man relax

build custom workbooks to run tasks, check logic/output and then take action!

@jamieantisocial @HackingLZ Willing to bet that orange bowl was full originally

@HackingLZ insane chocolate to mint ratio.

No

@viccerys These pics making me want to take better care of my hair.

smooches #art #oc #ttrpg

@JBizzle703 That looks incredible, what's the filling between layers?

My wife made a three layer vanilla cake (for the two of us 🤣). Her first time making a cake 🔥 it was delicious and I’m super proud of her!

What makes a good threat researcher/CTI Analyst? Name 3! Here are mine: - Seeing patterns that others do not typically see. - Dedication is key to have fun and excitement to deliver research - Know the risks involved doing this work and make sure to keep this in consideration.

“Our RTO mandate helps foster company culture” The culture: