@jshlbrd.bsky.social
infosec person: detection and response, threat hunting, distributed systems. would rather be eating a bagel.
fyi for the new followers iโm not really using this thing. find me on LinkedIn if you want to chat. bye!
22.11.2024 15:49 โ ๐ 1 ๐ 0 ๐ฌ 0 ๐ 0the environments and art direction is really good
05.06.2023 16:08 โ ๐ 1 ๐ 0 ๐ฌ 0 ๐ 0thought about making one but i think you have to manage a database, so i noped out
30.05.2023 21:30 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0
when vendors give me a new feature to test
21.05.2023 18:06 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0itโs ORD for me
18.05.2023 01:37 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0somehow after 4 hours i still donโt have a shirt / tunic? my link is running around more than half naked. ๐คฃ
17.05.2023 14:00 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0tbh that sounds a-ok
12.05.2023 22:49 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0ended up needing to drop off early but solid conf overall, would be great to be there in person sometime
12.05.2023 21:12 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0demo / walkthrough of the redline builder was ๐ฅ but then the stream cut out ๐ง
12.05.2023 19:48 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0this talk is dropping hot IOCs, especially those github dorks
12.05.2023 19:39 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0deep dive on redline stealer backend, this stuff really highlights the nuances between cybercrime and nation state actors
12.05.2023 19:32 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0unfortunately missed most of the venom spider talk but love seeing the OSINT, that was some of the most interesting stuff from when i was at CrowdStrike
12.05.2023 19:17 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0missed half the lightning talks due to work work ๐
12.05.2023 18:54 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0
hereโs the blogpost from Jamf on the macOS activity
12.05.2023 17:59 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0TA444 using AppleScript and shell commands to drop payloads on macOS
12.05.2023 17:58 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0TI at COIN talking about approval farming campaign that leveraged cloudflare, trojaned open source wallet apps, distributed on github and can be tracked by signer
12.05.2023 17:47 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0phat panda is my rap name
12.05.2023 17:36 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0didnโt realize this is lightning talks till just now โก๏ธ
12.05.2023 17:30 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0authenticode signatures, this talk is focused on solar marker (not familiar with this one!)
12.05.2023 17:24 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0Itโs alive! Joe Wise and I have been working on answering the question: What the heck is going on in the ecrime threat landscape post macros? Spoiler: chaotic vibes
https://www.proofpoint.com/us/blog/threat-insight/crime-finds-way-evolution-and-experimentation-cybercrime-ecosystem
LB.SB might be the successor to Breached, but seems like itโs still too early to tell
12.05.2023 16:14 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0data on actual sale price v list price seems inconclusive, probably due to lack of visibility and lack of trustworthiness (of sellers)
12.05.2023 16:12 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0fin, gov, and tech were most popular content sold ๐ฌ
12.05.2023 16:04 โ ๐ 0 ๐ 0 ๐ฌ 2 ๐ 0wow, prices by sector for sold data โ top 3 are aerospace, health, and entertainment
12.05.2023 16:03 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0sounds like there was a correlation in forum chatter by language to leaked data affecting specific countries, otherwise EN was predominant language
12.05.2023 15:59 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0some low-level data analysis on forum data, this is worth watching later ๐
12.05.2023 15:53 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0CrowdStrike crew talking about Breached
12.05.2023 15:49 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0affiliates will straight up give intel to extortion targets (or in this case, extortion negotiators)
12.05.2023 15:36 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0used to have heavy vetting for affiliates, but less so now. speaker describing how they had to โask for the managerโ when dealing with an affiliate, who turned out to be scamming the RaaS leader (avaddon).
12.05.2023 15:24 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0
