"When day comes, we step out of the shade, aflame and unafraid. The new dawn blooms as we free it. For there is always light, if only we’re brave enough to see it. If only we’re brave enough to be it."

Today I learned so much from @eastsidemccarty about how to hunt for supply chain attacks. Thank you so much for sharing your knowledge. Thanks @BSidesMelbourne for organising the different training sessions for everyone to learn from each other.

All EZ Tools have been updated! New version is 2026.5.0 across the board. Nuget updates, control updates, bug fixes and general refreshing of everything. Enjoy!! #dfir

😆😂💜

This local Wolfdog joined an Olympic ski event and triggered the finish-line camera. This is Nazgul. He snuck into a cross-country skiing sprint this morning and raced the homestretch with some competitors before being escorted home. 14/10 someone get him a medal

🚨Call for Training is OPEN! 🚨 Training more than just teaching a topic, it’s a way to stretch ourselves, learn something new, and help others reach new goals by sharing our knowledge. That’s the magic of the BSides community. 👉 Submit here: bsidesmelbourne.com/2026-cfp…

🥁 EXCITING NEWS - Our CFx's are now open 🎉 - Call for Papers - Call for Training - Call for Villages Visit our website for details - bsidesmelbourne.com If you are stuck, or would like to run your idea past one of the committee members, please feel free to reach out.

Exciting news! 👏 BSides Melbourne crew kicked off 2026 planning last week. There have been a lot of questions regarding dates, Call for Papers, Training & Villages, Volunteers, Tickets and many other exciting events. Happy Monday 🎉 #BSidesMelb2026

.@IHGOneRewards .@IHGhotels Is this how you reward your loyal members?

Malware Noob Month Post #7 There are different types of reverse engineering. Each play a critical role in malware reverse engineering and detection engineering. The most widely known is what I would define as "standard" reverse engineering. This is attaching a debugger to a running process (i.e. x64dbg) and watching what the program does as it's running. Another common method for reverse engineer is "static reverse engineering". Static reverse engineering is looking at the program while it's "on disk", in other words, staring at it while it's not running. People usually use Ida or Ghidra. A third method for reverse engineering is "emulation", "sandboxing", or "triaging". They all kind of mean the same thing, all maybe a little different if you want to get really nitty gritty on the details. This type of reverse engineering is detonating (running) the program in a virtual machine (or special environment) and recording everything that the program does. Each method listed has a strength and weakness. Emulation is really good at doing the job quick and dirty. If you use emulation tool suites, like Triage or AppAnyRun, you can very quickly get a high level overview of what the malware is doing, where it's connecting to, etc. Additionally, these tool suites usually have built in rules to automatically detect the malware family (if applicable). However, these tool suites cannot detect everything and it's possible for malware to fall between the cracks and evade emulation. Static reverse engineering, using Ida or Ghidra, is also really good. You can review the malware before it tries performing evasive actions. The primary issue with this method however is that if the malware obfuscates itself on-disk (encryption, it's packed, etc) this method can challenging. "Standard" reverse engineering is probably the most difficult form of reverse engineering. It requires you to have a good understanding of Assembly. However, this method is the most superior. Once you're comfortable with assembly and the debugger you're using, it makes it extremely difficult for malware to "evade" the reverse engineer (some non-noobs probably feel tempted to mention LLVMs, don't). Regardless, it is impossible for malware to evade all of these methods. It is possible to develop malware that makes it challenging to reverse engineer, but ultimately a dedicated (or skilled) reverse engineer will figure it out. Malware authors must constantly evolve their malware code (update it, use new methods, introduce additional layers of complexity) to hinder reverse engineers. If they do not do this, reverse engineers will have developed methods to detect the malware and it's basically game over. Large scale malware campaigns are constantly changing the malware code base, delivery mechanism, etc. to ensure the malware can "survive". Likewise, anti-malware companies and reverse engineers must constantly monitor malware campaigns, keep reverse engineering them, and updating their strategies to detect them. It's a game of cat and mouse.

Malware Noob Month Post #8 What is "undetectable malware"? Well, it doesn't really exist. Kind of. There has been discussions of governments (United States, Russia, China) which had malware active for long durations of time and not getting caught. For example, Russia's "Woodchipper" was undetected for years. The secret is "tailored" malware. Malware campaigns are caught and tracked all the time because Threat Actors want their malware on as many computers as possible. The more "noise" these groups make, the more machines they infect, the more anti-malware companies can see. However, specially crafted malware, designed for unique systems, unique environments, with a very specific goal in mind, can go undetected for A LONG time. Once a malicious program has made its way onto the target... And it's nowhere else in the world... How can anyone know it exists? In these scenarios the chance of the malware being detected boils down to luck and/or fate. For example, the United States government malware "Stuxnet", which targeted Nuclear Centrifuges, was caught by complete accident. That is a long story I highly recommend you read (or maybe look it up on YouTube, maybe a video exists about it) In summary, the more machines infected the more likely you'll be detected.

IT security today

The Katter Platter 🤣

Just like that #DEFCON33 is over. Many thanks to our speakers & volunteers for your time & effort. We're grateful to our Blue sponsor @Graylog2, Platinum sponsor @hackthebox_eu, and Gold sponsors @FlareSystems, @tryhackme, DeepTempo & @acybrguru. Until next time! 💙

On our street, everyone is welcome. Together, let’s build a world where every person and family feels loved and respected for who they are. Happy #PrideMonth!

Volkis is now on BlueSky! 🦋 Come and follow us: bsky.app/profile/volkis.au

Look who got to attend the inaugural BSides Ballarat. Droppy the #infosec cyborg dropbear! This is their 2nd #cybersecurity conference this year. Thanks to all the organisers, volunteers & sponsors of this conference who make it possible for everyone to learn from each other. 😍

We’re hiring Vulnerability Researchers at @infosectcbr that specialise in Linux, OS kernels, Android, and embedded/IoT. With a world class hardware lab, come join our friendly and collaborative team, focusing on research against leading technologies. DM for details.

Exploit devs and professional vuln hunters: How many false positives from a tool are you willing to go through to find one real, exploitable, vulnerability? Assume triage of each bug report at least 10 minutes. (Please RT for reach)

I’m speaking up in support of @C_C_Krebs & @SentinelOne Cybersecurity should be a non-partisan issue that unites us in our shared mission to defend our country. National security can’t afford the chilling effect on both public & private sector lutasecurity.com/post/in-sup…

Hackerfam, it's time to show up. @d0ublebind is taking his final flight, and we have one last mission: help him land with love, dignity, and peace. He's one of my oldest friends in this community and has always made me laugh, and feel welcome. gofund.me/342a7a90