I'm not that person but this is my favourite diagram for OSI

One of my dear friends @cybersecstu (who has managed CTI a tonne of innovative security programs/initiatives for multiple Telcos and organisations) has turned his book-to-be on Cyber Threat Intelligence into a series of articles for the community! Read it, send him some love!

Check out the latest trick North Korea is using to gain access to companies. DPRK employment fraud has been a persistent issue for most tech companies for the last several years. They use decent fake IDs. They can pass basic background checks. They have different approaches for working off your company laptops without you seeing that they are overseas. But they are usually very uneasy about being on camera. So this was the obvious next step. Anyone who’s used TikTok knows the live filters they have are much better than what’s on display here. And the “put your hand infront of your face” trick isn’t a problem. This specific instance has not been proven to be DPRK yet. But, as someone who has delt with it a bunch, this has signs it probably is.

I’m gonna give 10 random people that repost this and follow me $25,000 for fun (the $250,000 my X video made) I’ll pick the winners in 72 hours

THIS is an APT. No "cmd /c net user", just technical capability that's almost indistinguishable from magic

I’ve had people asking for a solid year about this but had to keep my mouth shut. Here is your answer about OMG Cables and new 🍎 phone

So I've been just been briefed on a very disturbing trend of events that I think everyone should know. Ransomware attackers have been targeting legal firms quite heavily in the last 6 months or so. I thought this was because pretty poor security, but there's much more. A 🧵

Two racks. My friends, it fits in *two racks*. I love the cloud as much as the next person, but $7m over five years to run a workload that will fit in *two racks* makes me want to sleep for a year. Fully automating two racks was not hard. world.hey.com/dhh/we-stand-t…

Don't like the views metric. It's distracting and serves no purpose other than to encourage people to tweet more. Serves Twitter but not users. Should give users ability to turn it off. Also, what is a view? Just that it showed up in someone's feed or was embedded in an article.

After a few days of collection, I analyzed over a million lines of results and found an autorun entry using legitimate install of javaw.exe to launch a randomly named file in the user directory, which turned out to be a Java RAT missed by multiple engines. virustotal.com/#/file/08bd92…

Emotet asks targets to copy the spreadsheet to these folders as they are 'trusted' by Microsoft Office. When a file is launched from these folders it bypasses the Microsoft Office Protected View security feature, allowing macros to automatically execute without warning.

My only cybersecurity career goal is to learn how to spell “reconnaissance”

Here’s my quick an dirty lab workout for Detection Engineers. I do this work out 2 to 3 times a week for about 2 hours. #CyberSecurity #infosec #BlackTechTwitter

“Apple is finally winning” Wow. Big call.

15 years ago my PhD advisor taught me One Weird Trick for editing your own writing. Edit **back to front**, paragraph by paragraph. I still use it and it still surprises me how well it works. When I get my students to do it, it often blows their minds. Try it!

Bump in time for @DDLSTraining at @AISA_National CyberCon 😊

William Shatner on his Blue Origin flight to space: "It was among the strongest feelings of grief I have ever encountered." variety.com/2022/tv/news/wil…

ICYMI, threat actors on multiple underground forums are sharing around a copy of a cracked version of Brute Ratel (aka BRC4), brace for attacks "bruteratel_1.2.2.Scandinavian_Defense.tar.gz" virustotal.com/gui/file/591c… h/t @darkcoders_mrx for the pic

lmao the official nintendo splatoon 3 port forwarding guide just says "open ports 1 - 65535" thats all of them. that is all of the ports.