Breaker of software | VP R&D @hunterstrategy | CTI/DFIR | @ians_security faculty | Bookings: jake at malwarejake dot com | GSE #150 | He/him
Joined September 2009
- Tweets 101,853
- Following 1,826
- Followers 149,473
- Likes 44,607
13,141 Photos and videos
Pinned Tweet
25 Feb 2021
Let's not mince words:
* If you don't support trans people, you're a bad human
* If you have to add caveats to your support (e.g. "as long as my kids don't see"), you're one of the worst kinds of human
* Trans deserve your *unconditional* support for their humanity
313
238
1,778
Jake Williams retweeted
Jun 9
Imagine AWS announcing in 2017 that EC2 instances would run invisibly slower if it detected you were building a competing cloud.
Anthropic just shipped exactly that for Fable 5 and called it a safeguard.
Anthropic says Fable 5 has invisible safeguards that use prompt modification, steering vectors, or PEFT to limit its effectiveness for frontier LLM development (@maba_xr / The Decoder)
(Visit Techmeme dot com for the link and full context!)
22
109
1,443
43,784
Jake Williams retweeted
AI will only take your job if you let it. I’ve been in the cybersecurity industry for over two decades. We’ve been told the industry will eat itself every year at RSA/BH, this narrative comes from analysts/marketers backed by VC funds in a never ending Ponzi scheme. 🧵
7
22
162
8,942
Jun 9
Classifiers are clearly tuned for anything cybersecurity related and not just offensive cyber.
Jun 9
My first question to Claude Fable was to audit my biggest prod database to make it as secure as possible and to let me know any changes we should make to secure it further. It immediately told me I can't do that.
So it looks like Fable is just for making fun stuff that you don't have to secure. I tried wording it multiple different ways.
Seems like a great model, I'd love to try it @AnthropicAI
6
3
39
7,092
Jun 9
Local LLM aficionados: what setup are you using on Apple silicon to run a local model with tools for web search and reading documents?
I'm on an M5 Max with 128GB unified memory, so I should be able to run about anything.
16
56
16,633
Jake Williams retweeted
Jun 1
My top 5 men IMHO in cybersecurity who support and mentor women: @RayRedacted @MalwareJake @robertgraham @TheOnlyMike_E @HackingDave Thoughts or post your own list 🙂
4
17
3,136
May 26
This is absolutely amazing. This non-profit printed out the Epstein files (at least those released to date) and made a reading room that they're bringing to DC.
Totals 3437 printed and bound volumes. I donated to keep this very important project going.
trumpsonian.us/rr
1
4
28
2,054
May 26
ZOMG after I wrote this about another app while on hold with a customer service rep, I got off the call and Google asked me to review the *phone app* - an application that I cannot uninstall - on a Pixel, their own freaking hardware.
The Jetsons promised me robots and flying cars, not this...
May 26
Dear app developers,
I have never had the desire to review an app. Prompting me to leave a review doe not make me want to do it any more. Making me click multiple times to dismiss your "nudge" and get back to using the app just makes me want to uninstall it.
Sincerely,
Every smartphone user ever
18
4,489
May 26
I am officially old :(
May 25
@MalwareJake did a talk 10 years ago about similar priv esc on Linux using cron, scripts with weak permissions, etc. Always useful and often forgot about. I still go back to it every once in a while youtu.be/kuE2yqULs-Y?t=1257&…
5
1
39
5,480
May 26
Dear app developers,
I have never had the desire to review an app. Prompting me to leave a review doe not make me want to do it any more. Making me click multiple times to dismiss your "nudge" and get back to using the app just makes me want to uninstall it.
Sincerely,
Every smartphone user ever
2
2
38
8,169
May 21
Woof. Insider threat anyone?
May 20
ai layoffs are getting out of hands so I built “I GOT FIRED” button 🚨
one click, and it makes entire company codebase public, pushes .env secrets to public repo, drops staging db and finally notifies my lawyer 🙂
I hope I never need it but it’s ready 👍🏻
6
15
208
56,080
Jake Williams retweeted
May 12
I wrote this in response to a reply, but wanted to share it more generally. Many years ago, when I was starting in security, I was involved in a situation with a podcast where I was being mistreated in a very gendered way. Literally, the man who had done the same thing faced zero consequences, whereas I was banned from the premises and no longer allowed to work on the show. @strandjs was the only person involved who stood up for me, and even pointed out the gendered discrimination of it all. That meant a lot to me.
1
3
26
4,453
Jake Williams retweeted
Hey infosec folks, if you don't mind... can you give this a read?
I still have mad respect for @shenetworks
I still have mad respect for @BHinfoSecurity
Two things can both be true.
I'd like to share some info about my departure from BHIS
🧵
There has been a lot of talk about BHIS and our maternity and employment policies.
Please check out the following site for more details.
blackhillsinfosec.com/bhis-e…
Thanks!
5
5
77
40,579
Yea, I'm less willing to assume someone was trying to hurt anyone, more the ball was dropped somewhere and legal needed a cop out.
People were likely harmed due to bureaucratic nonsense and unfulfilled paperwork adjustments. Not a good look for anyone, worthy of a reputational hit when it happens.
Which is why testimony like this is needed. Getting folks to stop assuming bad intentions, like myself, is going to require this kind of input.
1
9
3,958
May 12
I've seen some of the things behind the scenes that John and BHIS have done for employees over the years.
FAR above and beyond most firms even multiple times their size. I know several employees John bent over backwards to accommodate who would have been released anywhere else.
There has been a lot of talk about BHIS and our maternity and employment policies.
Please check out the following site for more details.
blackhillsinfosec.com/bhis-e…
Thanks!
9
6
53
17,595
May 2
I laughed so hard at this that I snorted more than once.
youtube.com/watch?v=WAUnmQt2…
1
3
18
5,414
May 2
Malicious compliance.
A marketing director discovered that P1 Critical tickets have a 15-minute response SLA.
He started logging all his routine tickets as P1.
Yesterday he submitted a P1 because his wireless keyboard needed new batteries.
According to our enterprise SLA, P1 incidents require an immediate, continuous all-hands bridge call until resolution.
He submitted the ticket at 11 PM.
I initiated the emergency bridge.
Our automated system dialed his cell phone, his desk phone, and his emergency contact.
It woke up his wife.
He joined the call in a panic, asking what was on fire.
I told him we were assembled to resolve his critical keyboard outage.
I asked him to describe the battery compartment.
He hung up.
Our SLA policy states that if the user disconnects from a P1 bridge, we must call them back immediately.
I called him back.
He asked me to downgrade the ticket.
I told him P1s can only be downgraded after a post-incident root cause analysis.
He buys his own batteries now.
3
1
53
17,920
May 2
Georgia: where they know how to spell Walmart, but not Saturday...
ALT Sign that says "Saterday Only"
2
1
18
3,191
Jake Williams retweeted
Apr 28
Tired of phishing? Not getting results with brute force?
Just exploit a mid-tier app role, add a federated domain, forge a SAML token, and you're a Global Admin.
This is the Entra ID attack path that should be keeping security teams up at night.
Full breakdown on the Hunter Strategy blog: f.mtr.cool/glrzdfiqdb
#EntraID #IdentitySecurity #CyberSecurity #InfoSec
2
6
1,745
Apr 23
Sad to see an org I was so involved with for so many years taking nearly $500k in blood money from ICE. Seriously disappointed with @SANSInstitute today.
I get that the economy is bad and sales are hurting. But taking money from ICE is *a choice*.
sam.gov/workspace/contract/o…
33
57
318
35,375
Apr 16
Yay cloud...
Apr 16
Another zero day exploit released by some nerd (can't remember name right now) because they're annoyed with Microsoft. It's been confirmed by other nerds. It is yet another legit zero day. Whew.
github.com/Nightmare-Eclipse…
2
1
14
5,239