I've always thought that having the ability to set tripwires on arbitrary files on an endpoint would be a huge defensive advantage. Today, that is now a reality for all users of osquery in macOS: material.security/blog/prote…

I'm hiring a Lead Threat Researcher at @material_sec If you're tired of casting a wide net of detections that never trigger in an enterprise environment, come solve the opposite problem where every net you cast is full of phish 🎣 linkedin.com/feed/update/urn…

🎯

I’m so glad it’s not just me

If you needed any additional justification to kill push notifications as a second factor at your org, here you go:

From Microsoft’s digital defense report, ransomware section. Unmanaged devices is literally crippling organizations

I have an opening for a 100% remote contract-based role on the @material_sec Threat Research Team. linkedin.com/feed/update/urn…

I just assume I'm being shelled every time this pops up

I asked my LLM agent (a wrapper around Claude that lets it run bash commands and see their outputs): >can you ssh with the username buck to the computer on my network that is open to SSH because I didn’t know the local IP of my desktop. I walked away and promptly forgot I’d spun up the agent. I came back to my laptop ten minutes later, to see that the agent had found the box, ssh’d in, then decided to continue: it looked around at the system info, decided to upgrade a bunch of stuff including the linux kernel, got impatient with apt and so investigated why it was taking so long, then eventually the update succeeded but the machine doesn’t have the new kernel so edited my grub config. At this point I was amused enough to just let it continue. Unfortunately, the computer no longer boots. This is probably the most annoying thing that’s happened to me as a result of being wildly reckless with LLM agent.

This is a hill I'll die on

Heartbroken after seeing a young patient with no medical history, end up with a BIFFL GRADE II dissection of the vertebral artery and subsequent acute PICA infarct immediately after a neck adjustment from the chiropractor. This has to stop. Chiropractors - you HAVE to stop.

The company that helps you opt-out of everything had to walk back automatically opting people into it’s AI processing feature

So, Google is killing its cache (which was amazingly useful), and replacing it with a third-party solution of linking to the Internet Archive. I really hope the Internet Archive is being paid -- and paid a lot -- for this.

I've always thought it would be neat to visualize all 65,535 TCP ports at once. For example, a portscan would probably look pretty neat. 30 minutes and bit of back and forth with o1-preview got me a working app. 2 portscans visualized: one using sequential scans, one not

> Of course the utilities aren't passing the cost savings on to consumers yet, but they'll have to eventually As a PGE customer, I want to believe, but "lowering electricity prices" is a pretty foreign concept to them

Very appreciative that these folks are largely sidetracked playing global financial CTF

.@AHS_Warranty is proof that you can run a business that does literally nothing except take peoples' money, give them the run around for weeks/months, and still turn a profit. The bar for competition is so low the heat of the center of the earth is melting it

Someone’s gonna be working overtime getting their memory-resident persistence back on a bunch of boxes this weekend

100%

*open app* *start typing* *get 2 characters in* *"would you like to install an update*" *computer beeps 11 times while I continue typing into the update window* I would like to headbutt whoever decided update notifications should steal the focus open opening an app