@iagox86.bsky.social
Principal Security Researcher at GreyNoise. https://skullsecurity.org Mostly post about work stuff, maybe some improv stuff and maybe even magic some day. Seattle-based (originally Canadian), queer, cybersecurity nerd. (He/him)
GreyNoise has linked three concurrent campaigns targeting remote-access technologies β Palo Alto login attempts, Fortinet SSL VPN brute-forcing, and Cisco ASA scanning β all partially driven by the same threat actor(s) [High Confidence]. Full analysis π #Palo #Cisco #Fortinet #ThreatIntel
08.10.2025 22:00 β π 7 π 2 π¬ 0 π 0Pretty sure that's fake
09.10.2025 03:40 β π 0 π 0 π¬ 0 π 0
Palo login attempts are escalating, potentially driven by iteration through a large credential dataset. GreyNoise is sharing observed usernames/passwords for defender review.
π Latest: www.greynoise.io/blog/palo-al...
#PaloAltoNetworks #ThreatIntel
Also outright malicious repos.. I report them all the time and they only rarely get removed
06.10.2025 18:41 β π 2 π 0 π¬ 0 π 0
NoiseLetter, but make it fashionably late... π We were at our company offsite, but we're back with our new GreyNoise MCP Server launch, Cisco ASA zero-day and VPN brute force insights, plus upcoming events, let's get into it!
06.10.2025 17:19 β π 7 π 3 π¬ 0 π 0
GreyNoise observed a ~500% surge in IPs scanning Palo Alto Networks login portals on October 3, 2025 β the highest level weβve seen in 90 days. Read our full analysis here π #PaloAltoNetworks #PaloAlto #GreyNoise #ThreatIntel #PANOS
03.10.2025 21:01 β π 4 π 4 π¬ 0 π 0
On 28 September, GreyNoise observed a sharp one-day surge in attempts to exploit Grafana CVE-2021-43798. Full analysis & malicious IPs β¬οΈ
#Grafana #GreyNoise #ThreatIntel
Calling it "World War I" was just asking for trouble
01.10.2025 22:59 β π 8 π 0 π¬ 0 π 0GreyNoise now has coverage for Cisco zero-days CVE-2025-20333 and CVE-2025-20362. Watch for exploit attempts in real-time:
CVE-2025-20333 (Net new): viz.greynoise.io/tags/cisco-a...
CVE-2025-20362 (Updated tag): viz.greynoise.io/tags/cisco-a...
#CiscoASA #ZeroDay #CVE202520333 #CVE202520362
They're trying so hard to brand it as "democrat shutdown" that it just comes off as whiny and pathetic
But they've also bought all the media so it might even work :(
Everything I know about that movie is from the book Box Office Poison, but it made me want to watch it!
01.10.2025 16:48 β π 1 π 0 π¬ 0 π 0Creating a password requires entropy, and entropy is slowly killing the universe. Why do you want me to kill the universe??
01.10.2025 16:46 β π 3 π 0 π¬ 1 π 0At least they didn't say "some experts believe ..."? Low bar, I know..
01.10.2025 15:41 β π 0 π 0 π¬ 0 π 0I was getting my (second shot of 3) Hepatitis B vaccine yesterday, and the nurse administering it asked if I knew where/how to get the COVID booster
Was it REALLY necessary to throw a ton of confusion into the vaccine situation??
I've learned never to underestimate them
29.09.2025 20:00 β π 1 π 0 π¬ 0 π 0My thoughts exactly!
29.09.2025 17:11 β π 0 π 0 π¬ 0 π 0
How Ruby went off the rails: A deep dive into the ownership and governance drama of some of the most important open source projects in the world
www.404media.co/how-ruby-wen...
Gabriella Lester and her volunteer
"It's my fault, I asked if you could read, not if you could count" "if I could count I wouldn't have had four children"
--Gabriella Lester and her volunteer at Scoopfest
@heyscoops.bsky.social
"Some have criticized the officer who dropped the weapon for not handling it properly" can our media please give up this passive language bullshit? He clearly different handle it properly, you're allowed to take an editorial stand
27.09.2025 02:55 β π 4 π 0 π¬ 2 π 0
Michael Goudeau eating a tomato while juggling
Michael Goudeau getting into a trashbag
Couple more
26.09.2025 22:54 β π 0 π 0 π¬ 0 π 0
Michael Goudeau juggling tomatoes
Michael Goudeau wondering how tall the room is
Michael Goudeau with a rubber band in his hair
Michael Goudeau passing clubs
Wow, Michael Goudeau performed at Scoopfest! I didn't think I'd ever get to see him perform!
@heyscoops.bsky.social
Sept 25: Cisco disclosed two ASA/FTD zero-days (#CVE-2025-20333, #CVE-2025-20362).
Weeks earlier, GreyNoise saw 25k IPs scanning ASA β another case of recon surges preceding disclosures.
Read the update: www.greynoise.io/blog/scannin...
#CiscoASA #ZeroDay #Cisco
My feed this week is a mix of Scoopfest (improv/magic/podcast stuff) and security.. makes me miss the old days before the world turned into.. this
26.09.2025 18:28 β π 2 π 0 π¬ 0 π 0
Matt shrink-wrapped
Matt and Nick Paul on stage
Nick Paul with his duplicating wine bottles
Nick Paul and @mindnoodler.bsky.social performing magic at Scoopfest!
@heyscoops.bsky.social
Lindsay Benner juggling knives
Lindsay Benner balancing cups on her head
Lindsay Benner with a ball in her mouth
Gary doing a book trick to introduce Lindsay Benner
Lindsay Benner and Gary @ Scoopfest! What a cool show!
@heyscoops.bsky.social
My strategy is to connect my phone to the hotel and my devices to my phone's mobile hotspot (assuming it can bridge)
We recently got a travel router to help solve this as well
I thought for sure that'd be X and it was why Musk was getting so cozy with the administration
26.09.2025 16:32 β π 2 π 1 π¬ 1 π 0
Pretty unfortunate update on Fortra GoAnywhere MFT CVE-2025-10035 from the folks at watchTowr labs.watchtowr.com/it-is-bad-ex...
25.09.2025 20:08 β π 1 π 1 π¬ 0 π 0
