Chris Brook's Avatar

Chris Brook

@chrisbrook.bsky.social

Slowly trying to get back into post-Twitter social media. Likely: Posts about baking, beer, books, movies, etc. Previously: Writing about data protection at Fortra. Now: Writing, content and other stuff at Red Canary.

14 Followers  |  31 Following  |  23 Posts  |  Joined: 26.08.2023  |  1.9677

Latest posts by chrisbrook.bsky.social on Bluesky

Preview
Node problem: Tracking recent npm package compromises | Red Canary Recent npm supply chain attacks highlight why robust mitigation and response strategies are required for both developers and users.

Some helpful and topical content posted to @redcanaryco.bsky.social yesterday. Distilled some great guidance from @forensicitguy.bsky.social on securing npm packages + responding to a compromise: redcanary.com/blog/threat-...

24.09.2025 18:59 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Understanding OAuth application attacks and defenses | Red Canary Red Canary’s Threat Hunting team recently uncovered a malicious OAuth application attack, demonstrating the need for specific defenses.

@redcanaryco.bsky.social's Threat Hunting team recently investigated an incident that illustrates how stealthy and patient an OAuth application attack can be. We breakdown the campaign (and how to defend against these attacks) in this blog:

05.09.2025 13:37 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Front page ad for Prager in the NYT today πŸ₯΄

31.08.2025 15:13 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Patching for persistence: How DripDropper Linux malware moves through the cloud | Red Canary DripDropper is a Red Canary-named Linux malware variant that uses an encrypted PyInstaller ELF file to communicate with a Dropbox account.

I was offline last week but great to see the @redcanaryco.bsky.social team get this across the goal line. Great research from our intel team on new-to-us malware impacting cloud Linux systems: redcanary.com/blog/threat-...

26.08.2025 15:27 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Deer Isle Oysters at Pilgrim’s Inn. Could eat a lot of these.

10.08.2025 16:47 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Ranking the top threats and ATT&CK techniques for the first half of 2025 | Red Canary Identity detections climbed, color birds swooped in, and two new cloud techniques broke into our top 10 in the first half of 2025

Mid-year TDR day! Dig into all of @redcanaryco.bsky.social's findings from the first half of 2025 including a big uptick in cloud identity detections + techniques: redcanary.com/blog/threat-...

05.08.2025 20:40 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Scaling Netflix's threat detection pipelines without streaming Data orchestration challenges I faced at Netflix, Airbnb, & Facebook (Part II)

Scaling Netflix's threat detection pipelines without streaming: blog.dataexpert.io/p/scaling-ne...

30.07.2025 14:11 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Ugh, @noupside.bsky.social posted yesterday about this happening to her, too!

24.07.2025 18:01 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
10 Black Hat talks we want to see in 2025 | Red Canary Talks on bypassing SOCs and initial accessβ€”we scoured this year’s list of sessions at Black Hat to find 10 talks worth making time for.

Another new @redcanaryco.bsky.social ‬blog: I'm not going to @blackhatevents.bsky.social this year but if I were, these are the talks I'd try to attend. Lots of stories + intel for defenders: redcanary.com/blog/securit...

24.07.2025 14:42 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Summercon Foundation

Hey, Summercon is streaming today: www.youtube.com/@SummerconFo...

11.07.2025 15:17 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Understanding the threat landscape for MCP and AI workflows We break down the cybersecurity landscape of Model Context Protocol (MCP) servers and agentic AI workflows, including monitoring advice

MCP servers allow developers to facilitate AI agents to execute code. MCP doesn't include security mechanisms howeverβ€”the onus is on developers to implement standard security best practices. @redcanaryco.bsky.social's Jesse Griggs navigates the MCP threat landscape: redcanary.com/blog/threat-...

11.07.2025 13:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Appreciate what #HillFarmstead does for its Harvest Festival re: curated guest taps, almost like a mini-FW Invitational. I don't think I've been to one since 2011? Whenever you used to be able to camp there afterwards.

08.07.2025 13:18 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Atomic Red Team A community for all things related to the Atomic Red Team open source testing library. Use this space to share threat intelligence, suggest new tests, discuss testing priorities, and ask questions abo...

βš›οΈ Use Atomic Red Team to validate security controls? Test detection coverage? Emulate adversary behaviors? Share how you use the project, suggest new tests, and ask questions at our new subreddit! www.reddit.com/r/atomicredt...

11.06.2025 15:43 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
All about that baseline: Detecting anomalies with Surveyor | Red Canary The Surveyor open source tool can help organizations establish a baseline of their environment, verify activity, and investigate anomalies.

πŸ’« @redcanaryco.bsky.social has a handful of helpful free, open-source tools, including Surveyor, which can help orgs establish a baseline of their environment and in turn, detect potential anomaliesβ€”like unsanctioned RMM tool usage that can be abused for initial access: redcanary.com/blog/threat-...

05.06.2025 15:20 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Take a bad thing and make it worse

20.05.2025 18:02 β€” πŸ‘ 26    πŸ” 8    πŸ’¬ 3    πŸ“Œ 0

We have two. The Hario Blue Bottle one which looks nice and fits easily in the fridge but doesn't make that much and the OXO, which we use more often but makes a bunch but takes up a bit of room on the counter.

08.05.2025 18:29 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Haim industrial complex is working overtime this year.

28.04.2025 19:54 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Cybersecurity metrics that matter (and how to measure them) | Red Canary Which cybersecurity metrics should SOC teams be tracking to measure their success in detecting and responding to threats?

Median time to respond. Mean time to respond. Mean time to acknowledge. Time-based metrics can be misleading and problematic, whether you’re consuming or creating them. redcanary.com/blog/threat-...

24.04.2025 14:43 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
ATT&CK v17: New Platform (ESXi), Collection Optimization, & More Countermeasures By: Amy Robertson and Adam Pennington

New ATT&CK @attack.mitre.org version (v7) includes ESXi + four new techniques designed for it, expanded cloud security + Linux coverage, new mobile techniques: medium.com/mitre-attack...

23.04.2025 13:10 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Finally finished The Antidote. Fitting to end with a Land Lost Acknowledgement.

18.04.2025 02:12 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Lana Del Rey - Henry, come on (Audio)
YouTube video by Lana Del Rey Lana Del Rey - Henry, come on (Audio)

New Lana song titled something I say literally everyday: www.youtube.com/watch?v=nDYY...

11.04.2025 18:39 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
The RSA Conference talks worth catching in 2025 | Red Canary How AI agents can help purple teaming, inside the stolen credential ecosystem, and more: We read through the RSA agenda so you don't have to.

Did a deep dive on this year's #RSAC schedule (500+ sessions!) for Red Canary and found what I thought were some interesting talks on adversary emulation, detection engineering, and yes, AIβ€”it's unavoidable! redcanary.com/blog/securit...

03.04.2025 17:45 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Feral hogs are hard to catch, trappers are trying to outsmart them Ever since they were introduced, feral hogs have spread to 35 states. Now, farmers think of the intelligent pigs as a menace and trappers are trying to outsmart them.

Heard a great story about the always fascinating feral hog on @npr.org yesterday. Not a problem here but wild they cause $2.5 billion in damages every year: www.npr.org/2025/03/25/n...

27.03.2025 12:25 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

@chrisbrook is following 20 prominent accounts