Simon simonsen's Avatar

Simon simonsen

@sim0ns3n.bsky.social

Log enthusiast / espresso enthusiast / pizza maker / detection+observability engineering

69 Followers  |  409 Following  |  40 Posts  |  Joined: 17.11.2024  |  1.7536

Latest posts by sim0ns3n.bsky.social on Bluesky

Virtual Machine README Configuration files for the SOF-ELK VM. Contribute to philhagen/sof-elk development by creating an account on GitHub.

Super pumped to release the latest version of SOF-ELK, an appliance-style VM preconfigured with the Elastic Stack, a ton of log and related parsers, built to ease analysts' workflows even with massive amounts of data.

Get the details and download link here: for572.com/sof-elk-readme

Enjoy!!

07.08.2025 15:53 β€” πŸ‘ 5    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Post image

Suggestion for Azure abuse team - monitor GreyNoise. Azure’s becoming biggest source for a bunch of vulns.

05.08.2025 09:38 β€” πŸ‘ 22    πŸ” 9    πŸ’¬ 0    πŸ“Œ 0
Post image

A friend of mine who lives in Austin saw this at a bar and said she had never been so offended by something she 100% agreed with.

04.08.2025 20:10 β€” πŸ‘ 16081    πŸ” 2758    πŸ’¬ 280    πŸ“Œ 152
Preview
Microsoft Used China-Based Engineers to Support Product Recently Hacked by China - Slashdot Microsoft announced last month that Chinese state-sponsored hackers exploited vulnerabilities in SharePoint to breach hundreds of companies and government agencies, including the National Nuclear Security Administration and Department of Homeland Security. The company omitted that SharePoint support...

People probably saw the report recently about people in China doing support on US Government systems, unknown to the USG.

As I said at the time to @briankrebs - don’t worry, there’s plenty of skeletons in that closest. Here’s another: https://slashdot.org/story/445166

04.08.2025 20:30 β€” πŸ‘ 28    πŸ” 7    πŸ’¬ 0    πŸ“Œ 0
Video thumbnail

As usual, Bill Burr doesn’t miss 🎯

02.08.2025 16:21 β€” πŸ‘ 4567    πŸ” 1521    πŸ’¬ 146    πŸ“Œ 107
Preview
Deleting Hidden Proxy Settings that Break Windows Apps Windows leaves behind hidden proxy configurations in the ProxyMgr registry that break apps even after disabling proxy settings. Learn how to identify and completely eliminate these phantom settings th...

New blog post! πŸ“° Ever "disabled" Windows proxy settings but apps still can't connect? Windows secretly leaves hidden ProxyMgr registry keys that break everything β€” even Kerberos auth! Here's how to delete the phantom settings πŸ‘»πŸ”§πŸ‘‡
awakecoding.com/posts/deleti...

01.08.2025 19:34 β€” πŸ‘ 2    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0

Yes you are an ant.

30.07.2025 12:48 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Hopefully someone has already gone through the pain? Is there an MCP server for GitHub Actions yet? Otherwise I'm thinking Copilot could be instructed to call the GitHub CLI with a flow that pushes to a branch, triggers a workflow, checks the logs, etc.

29.07.2025 01:47 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Post image

And a Russian asset.

26.07.2025 21:57 β€” πŸ‘ 31    πŸ” 23    πŸ’¬ 5    πŸ“Œ 1

Talks from the HackMiami 2025 security conference, which took place in May, are available on YouTube: www.youtube.com/playlist?lis...

Talks from the Securi-Tay 2025 security conference, which took place in February, are available on YouTube: www.youtube.com/playlist?lis...

27.07.2025 12:20 β€” πŸ‘ 9    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image 25.07.2025 18:56 β€” πŸ‘ 17622    πŸ” 6639    πŸ’¬ 512    πŸ“Œ 274

My whining thread :p

I couldn't find any reports, queries, etc., to help us assess impact :(

The responsibilty to discover licensing costs was left to the customer with sparse instructions to go figure it out...

"Just look at your audit logs!"

learn.microsoft.com/en-us/entra/...

23.07.2025 23:55 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Preview
Detecting code copying at scale with Vendetect Vendetect is our new open-source tool for detecting copied and vendored code between repositories. It uses semantic fingerprinting to identify similar code even when variable names change or comments ...

Security firm Trail of Bits has released Vendetect, a tool for automatically detecting copy/pasted code between repositories.

blog.trailofbits.com/2025/07/21/d...

github.com/trailofbits/...

22.07.2025 11:12 β€” πŸ‘ 14    πŸ” 6    πŸ’¬ 0    πŸ“Œ 1
Post image

#squirrel 🐿️

21.07.2025 16:56 β€” πŸ‘ 14436    πŸ” 4167    πŸ’¬ 437    πŸ“Œ 150
Post image

Dear @stephencolbert.bsky.social,

Thanks for all the years of speaking truth to power & finding the funny in fascism.
Looking forward to following you wherever you land,

Your fan, Mar🐫

18.07.2025 19:26 β€” πŸ‘ 60595    πŸ” 9516    πŸ’¬ 1225    πŸ“Œ 441
Post image

❗️Monitoring channels report takeoff of πŸ‡·πŸ‡ΊRussian strategic bombers Tu-95MS. Missile attack on πŸ‡ΊπŸ‡¦Ukraine possible at night

18.07.2025 18:49 β€” πŸ‘ 44    πŸ” 7    πŸ’¬ 2    πŸ“Œ 1

Interesting moves by Trend Micro - they appear to stolen a competitors research into AI, not named them (it was Aim), written about the importance of collaborative AI research (lol), not linked research, said it is "new" (it is old).. and about 50% of the article text appears to be generative AI.

15.07.2025 15:38 β€” πŸ‘ 20    πŸ” 6    πŸ’¬ 1    πŸ“Œ 0
Post image Post image

The corporate cybersecurity fantasy vs the cybersecurity reality.

15.07.2025 19:14 β€” πŸ‘ 37    πŸ” 25    πŸ’¬ 2    πŸ“Œ 0
Preview
Germany-funded long-range weapons to arrive in Ukraine by late July, general says German Major General Christian Freuding confirmed that the weapons systems' initial deliveries are expected by the end of July. The arms will be supplied in a "high triple-digit quantity," he said.

⚑️Germany-funded long-range weapons to arrive in Ukraine by late July, general says.

German Major General Christian Freuding confirmed that the weapons systems' initial deliveries are expected by the end of July. The arms will be supplied in a "high triple-digit quantity," he said.

12.07.2025 09:54 β€” πŸ‘ 791    πŸ” 150    πŸ’¬ 28    πŸ“Œ 13

I’m tracking 128 active CitrixBleed 2 victims in telemetry, today, from attacker infrastructure (one threat actor group).

11.07.2025 08:45 β€” πŸ‘ 27    πŸ” 5    πŸ’¬ 1    πŸ“Œ 0

The value of understanding how permissions work in Active Directory cannot be understated. Out of all the common findings on internal pentests, of ad environments, that seems to be the # 1 most difficult for admins to identify on their own

03.07.2025 19:53 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Learning how to research and self-educate in the IT/cybersecurity fields, heck in life, is such a super critical skill to develop...

04.07.2025 19:14 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Post image 05.07.2025 03:37 β€” πŸ‘ 19113    πŸ” 4452    πŸ’¬ 579    πŸ“Œ 168
Preview
Ukraine, Denmark sign deal to launch Ukrainian military production on Danish soil "This is a unique case of international cooperation for the Ukrainian defense industry," Strategic Industries Minister Herman Smetanin said.

⚑️ Ukraine, Denmark sign deal to launch Ukrainian military production on Danish soil.

"This is a unique case of international cooperation for the Ukrainian defense industry," Strategic Industries Minister Herman Smetanin said.

04.07.2025 16:29 β€” πŸ‘ 594    πŸ” 120    πŸ’¬ 10    πŸ“Œ 6
Post image

So do I.

02.07.2025 22:16 β€” πŸ‘ 24691    πŸ” 7520    πŸ’¬ 503    πŸ“Œ 335
Post image

The key component is interceptor drones, which have already proven effective in Ukraine, said Zelensky during his visit to Denmark.

β€œWe’ve tested models from several companies, and now we’ve signed a very serious contract. We’re counting on shooting down large numbers of Shaheds,” he added.

03.07.2025 18:11 β€” πŸ‘ 328    πŸ” 40    πŸ’¬ 4    πŸ“Œ 2

RCE Security has found major vulnerabilities in the Wind FTP server.

Attackers can bypass authentication on the server's web interface just by appending a NULL byte to the username followed by any random string.

www.rcesecurity.com/2025/06/what...

01.07.2025 17:04 β€” πŸ‘ 9    πŸ” 2    πŸ’¬ 0    πŸ“Œ 1

@sim0ns3n is following 20 prominent accounts