I voted in #FatBearWeek. The biggest bears at Brooks River in Katmai can weigh 1,400 pounds. FatBearWeek.org

A threat actor installed Huntress. ... a hysterical mistake on their part, giving us first-hand insight to their tooling, workflow & routine. Phishing infra, stealer logs, Telegram dark web sites, AI... Hilarious goldmine of cybercrime deets with a front row seat: huntress.com/blog/rare-look-…

If you want to quickly evaluate if you are exploitable: github.com/LuemmelSec/Pentes…

Hey @HomeDepot - knock it off.

hOw dO I gEt a JoB in InForMaTioN sEcurIty Just apply or something damn it's not that crazy

🔖Cybersecurity Conference Presentation Slides 🟢Black Hat USA 2024 🟢REcon 2024 🟢Offensivecon 2024 🟢Blackhat Asia 2024 🟢Blackhat Asia 2023 🟢Offensivecon 2023 🟢Blackhat USA 2023 🟢Recon 2023 🟢Blackhat Europe 2023 github.com/onhexgroup/Confer…

MSRC fixed a RCE bug in TCPIP module. I found the bug several months ago. Its score is 9.8 and exploitation is more likely. Please apply the patch immediately.

lol

This morning the National Crime Agency of the United Kingdom announced and released footage of the arrest of 'J.P. Morgan'. 'J.P. Morgan's' real name has not yet been officially released by the National Crime Agency. J.P. Morgan and his associates have been actively monitored by the United States Federal Bureau of Investigation and United States Secret Service since 2015. J.P. Morgan is believed to be a key player behind Reveton Ransomware Group, Ransomware Cartel, and Angler Exploit Kit which has resulted in the extortion of millions of dollars all across the globe. Angler exploit kit was often used to deploy CryptXXX, CryptoWall, and other strains. At it's peak, it's suspected over 100,000 devices were infected by Angler Exploit Kit, bringing in a revenue of around $34,000,000. J.P. Morgan's arrest coincides with the arrest of Belarus national Maksim Silnikau a/k/a 'Maksym Silnikov', 'xxx', 'J.P. Morgan', and 'lanksy', in Poland. Indeed, you read this correctly, Maksim Silnikau also operated under the moniker J.P. Morgan – two people are J.P. Morgan. Furthermore, charges have been brought against two more individuals who are believed to operate with J.P. Morgan and Silnikau. Vladimir Kadariya, a 38 year old citizen of Belarus and Andrei Tarasov, a 33 year old citizen of Russia. These 4 individuals operated malvertising campaigns (i.e. Angler) which believe to have impacted over 500,000,000 people across the globe. The National Crime Agency identified physical offices for their malvertising campaigns located in Ukraine under the business name 'Media Lab'. August 9th, the Ukraine Cyber Department of the Security Service conducted 15 raids on employees tied to J.P. Morgan and co. Media Lab company. Two more raids took place on August 9th related to J.P. Morgan and co. in Singapore and Portugal in collaboration with the Singapore Police Force and Portugal Judicial Police. In Singapore, the infrastructure for Ransomware Cartel was seized. In Portugal, another unnamed individual was raided – believed to be an associate of J.P. Morgan and co. The National Crime Agency stated over 50TB of evidence has been seized.

How to fix the Crowdstrike thing: 1. Boot Windows into safe mode 2. Go to C:\Windows\System32\drivers\CrowdStrike 3. Delete C-00000291*.sys 4. Repeat for every host in your enterprise network including remote workers 5. If you're using BitLocker jump off a bridge

Note this will not work if your machine is bitlocker encrypted without getting the recovery key for each machine...

IT teams waking up this morning

Crowdstrike Analysis: It was a NULL pointer from the memory unsafe C language. Since I am a professional C programmer, let me decode this stack trace dump for you.

CrowdStrike has performed the largest ransomware attack in history. Accidentally.

Today’s CrowdStrike outage must be the most comprehensive blocking of APT activity in the company’s history.

Anthropic has taken the lead. The new Clause 3.5 Sonnet model is in a league of it's own. 11 impressive demos of the new model:

This is fast. Chrome running Gemini locally on my laptop. 2 lines of code.

We found a Remote Code Execution (RCE) vulnerability in @Ollama - one of the most popular AI inference projects on GitHub. Here is everything you need to know about #Probllama (CVE-2024-37032) 🧵👇

Yesterday Lockbit ransomware group claimed to have ransomed the United States Federal Reserve. 1. Doubt 2. If Lockbit ransomware group actually ransomed the United States Federal Reserve it would be DEFCON 2 and the administrators would need to worry about a drone strike