lmao I can't stop laughing claude-code has a "Frustrated User Detection" There's a regex that detects when you're angry ( fully hard coded btw) When triggered, it changes Claude's behavior/UI state. Claude literally knows when you're cussing at it.

"Offense and defense aren't peers. Defense is offense's child." - @JohnLaTwC We built an LLM-powered AMSI provider and paired it against a red team agent. Then, @0xdab0 wrote a blog about it: dreadnode.io/blog/llm-powere… A few observations from the experiment: >>> To advance, we must generate unique, ground-truth datasets. >>> Defenses will need to live at the edge. >>> The real potential lies in the interaction between red and blue. >>> This is a blueprint for generative adversarial reinforcement learning.

Absolutely killer research by Matt Graeber on the @redcanary blog this week about compromising (and defending) Azure OpenAI resources. redcanary.com/blog/threat-de…

We analyzed @redcanary detection data from the first half of 2024 to produce a Threat Detection Report midyear update focusing on a trend (identities) and a few emergent threats and techniques. Useful insight for everyone from the SOC to the CISO's office: redcanary.com/threat-detecti…

.@Scott_Wiener continues to falsely claim narrow opposition to SB 1047. When in reality there is massive public outcry across research, academic, public and private business and finance. Here is a mega roundup of recent announcements that fully debunk the Senator's claims 🧵

An important question looms in the infosec conversation about AI: Will generative AI tools better benefit defenders or adversaries? Lifted from the trends section of our 2024 Threat Detection Report, here’s how we score the fight redcanary.com/threat-detecti…

Great news, everyone! @redcanary's 2024 Threat Detection Report is officially live! I've read it three times, and it's our best yet. Every section is worth your time, but I'm going to post my personal highlights in the thread. redcanary.com/threat-detecti…

Can GenAI improve security operations? Our GenAI lead @AstleJimmy examines the foundations of GenAI success and how we at Red Canary use GenAI in our security operations workflows. redcanary.com/blog/genai-sec…

This is interesting research that's worth reading. I'd encourage readers to also consider what's NOT here - these groups didn't use LLMs to make new malware or find zero-days. They used them to help research and write scripts. I'm not panicking about this...

Amazon has an overwhelming number of interconnected security and identity products for AWS. A handful of us at @redcanary tried to make sense of the madness by writing a visibility and observability guide with collection tips for logging and detection. redcanary.com/resources/guid…

This Wednesday - join some smart peeps to learn more about common AWS and Azure techniques! Spoiler alert: yes, T1078.004: Cloud Accounts will make an appearance. 😀 redcanary.com/resources/webi…

To the cloud! The Detection Series returns as cloud security experts from @Lacework, @MITREattack, and @RedCanary explore how adversaries compromise and navigate their way through Azure and Amazon Web Services (AWS) cloud systems. redcanary.com/resources/webi…

Happy Friday! We just opened a role for a Senior Manager on our Intelligence Team - this role reports directly to me. We're looking for a strong people manager with a threat intelligence background. US-based only. jobs.lever.co/redcanary/19b9…

Its fascinating that companies are willing to give you free access to a GPT model on their cooking websites. GPUs everywhere are weeping. Shipping production GenAI software with security in mind is such a fascinating topic these days.

VMW Carbon Black TAU discovered 34 unique vulnerable WDF/WDM drivers (237 file hashes), including ones made by major chip/BIOS/PC makers. By exploiting the drivers, an attacker without privilege may erase/alter firmware, and/or elevate OS privileges. blogs.vmware.com/security/20…

Yes, we have Senior and Principal Threat Hunter roles open! redcanary.com/job-openings/