Profile avatar
subtee.bsky.social
My posts disappear
82 posts 574 followers 268 following
Prolific Poster
Conversation Starter
Posts 38 Comments 11

Most people have never watched Bret Victor’s Inventing on Principle So they miss the audience appreciation when he shows us the value of say, time travel debugging This is why nation states win. We put in focus and energy Time travel debug is OLD news my friend. We’ve been doing it for years.

submitted 8 hours ago • 0 comments

Like me and 3 other analysts at CIA have watched Rick Steve’s visit to Iran… More of this. It’s people. Stop making it so abstract and difficult. Travel more? Talk to Iranians who live here? CIA has a horrible past, with Iran, but maybe we can repair? Not bomb. m.youtube.com/watch?v=CYoa...

submitted 10 hours ago • 0 comments

Watch Queenpins I was absolutely cackling out loud m.youtube.com/watch?v=v90Y... Just a low rated movie many of you would appreciate Coupon Fraud Like millions!! Watch it … it will lower your threshold for attacker IQ lol

submitted 11 hours ago • 0 comments

"A disgruntled IT worker who launched a cyber attack on his employer after he was suspended from work has been jailed." www.westyorkshire.police.uk/news-appeals...

submitted 22 hours ago • 1 comment

github.com/20urc3/golem

submitted 23 hours ago • 1 comment

I had three people I greatly respect offer kind and encouraging words to me this week, and it really meant a lot. Never underestimate the power or importance of encouraging others. You can have a tremendous impact on someone’s life with just a few kind words.

submitted 2 days ago • 1 comment

fwd:cloudsec is around the corner! Don't miss these 3 talks from Datadog researchers Seth Sec, Katie Knowles, Greg Foss, and Anthony Randazzo. fwdcloudsec.org/conference/n... @sethsec.bsky.social @siigil.bsky.social @gregfoss.com

submitted 2 days ago • 0 comments

It's not a Friday, but I released a video this morning. It's about something really nice that my friend Adam Shostack is doing. If you find yourself no longer employed by the Fed due to cuts, chaos, etc. Adam is offering you a free seat in his upcoming training. www.youtube.com/watch?v=fPpp...

submitted 2 days ago • 2 comments

Dan Geer and I write on lawfare about AI and code security : www.lawfaremedia.org/article/ai-a...

submitted 2 days ago • 1 comment

@scottpiper.bsky.social Looking for an extra ticket for someone for fwd:CloudSec Next week You know of anyone that can’t use theirs? Or can you point me to a good place to ask? Thanks! Looking forward to the event

submitted 2 days ago • 1 comment

I was interviewed by the National Cryptologic Foundation on forensics in critical infrastructure (and a lot of other stuff!) and it was a very fun chat. They have an interesting assortment of interviews on their podcast and I really recommend you check them out: open.spotify.com/episode/5kzz...

submitted 2 days ago • 0 comments

www.bleepingcomputer.com/news/securit... Whole Foods supplier UNFI restores core systems after cyberattack

submitted 3 days ago • 0 comments

It's impressive how much crypto theft can be automated using ChatGPT to monitor wallets and then automatically pluck out currency. North Korean hackers automate crypto crime with ChatGPT cointelegraph.com/magazine/cha...

submitted 3 days ago • 0 comments

Get out of the kernel.. Will be effective, right about when I’m read to retire in 15 years

submitted 3 days ago • 0 comments

I publish two blog posts today! 📝🐫 First dives into how we're improving the way BloodHound models attack paths through AD trusts: specterops.io/blog/2025/06... Second covers an attack technique I came across while exploring AD trust abuse: specterops.io/blog/2025/06... Hope you enjoy the read 🥳

submitted 5 days ago • 0 comments

This repo is excellent for building a deception system. Attacker never expects some other driver signed by some other entity Craaaazy shit github.com/HyperSine/Wi...

submitted 3 days ago • 0 comments

There is attacking AI And Using AI to attack Different things. One is exceedingly more profitable Sure you can escape prompts in Claude. Cute. But fuzzing crypto libraries? For an interesting variety of NSA cng.sys flaw, have it write you some additional “tests” 1/2

submitted 3 days ago • 1 comment

The best part of the Colorado Rockies this season, is watching the visitors. Excited to see the Dodgers in Denver today lol

submitted 3 days ago • 0 comments

loldrivers++

submitted 3 days ago • 0 comments

This paper by @dreadnode.bsky.social Was awesome dreadnode.io/blog/ai-red-... [my opinion { Watch this space close automation of attacks is a Defender win. May drive cost down to do red team/ test. Allow humans to test further, deeper. Think like BloodHound , attack / def same map

submitted 3 days ago • 0 comments

Really loving ollama ollama.com Fast and easy way to use models, connect them: I’ve got some super fun stuff I’ll share more soon. But it’s ProjFS with a model backing for not only dynamic file names , but content This is the future for Canarytokens 😎

submitted 4 days ago • 0 comments

Loved this write up h0mbre.github.io/atillk64_exp...

submitted 4 days ago • 0 comments

Such a good read nasbench.medium.com/what-is-the-...

submitted 4 days ago • 0 comments

Meet HackRF Pro! HackRF Pro is a Software Defined Radio peripheral capable of transmission or reception of radio signals from 100 kHz to 6 GHz. You can read more about HackRF Pro and preorder it now from select resellers here: greatscottgadgets.com/hackrf/pro/

submitted 5 days ago • 3 comments

I was wondering when someone would connect AFL to AI and rain exploits lol www.securitum.com/artificial_i...

submitted 5 days ago • 0 comments

This is fascinating Check out XBOW autonomously "Breaking a Cryptographic CAPTCHA with a CBC Padding Oracle" xbow.com#breaking-a-c... Holy Smokes!

submitted 5 days ago • 0 comments

#HuntingTipOfTheDay: there are numerous open-source projects listing cyber threats. Some of these have directly ingestible indicators, which can be very helpful when threat hunting. How about: 🔵 lots-project.com + LOLBINs 🟠 hijacklibs.net + DLL write events 🟢 lolrmm.io + DNS requests

submitted 5 days ago • 0 comments

For the first time in history, the #1 hacker in the US is an AI. (1/8)

submitted 5 days ago • 1 comment

One of the Best Hackers in the Country is an AI Bot www.bloomberg.com/news/article...

submitted 5 days ago • 0 comments

Do you enjoy guzzling real-time TLS certificate allocations, but don't want to use a third-party service (crt.sh, CertStream, etc.)? Drink straight from the Certificate Transparency log firehose using ctail: $ go run github.com/hdm/ctail@latest -f -m '^autodiscover\.' github.com/hdm/ctail

submitted 9 days ago • 1 comment

The names… So great.

submitted 9 days ago • 0 comments

Still relevant Supply exceeds demand Any target anywhere anytime theonion.com/china-unable...

submitted 10 days ago • 0 comments

DHS says Chinese tech firms are "smuggling" signal jammers in the US www.dhs.gov/news/2025/06...

submitted 11 days ago • 1 comment

www.chainalysis.com/blog/nobitex...

submitted 11 days ago • 1 comment

coke-driven development is wild

submitted 14 days ago • 5 comments

medium.com/@cy1337/mall...

submitted 14 days ago • 0 comments

submitted 14 days ago • 531 comments

-suspected APT -targeted MSFT accounts -targeted natsec and economic policy reporters -breach discovered Thursday -staff notified today

submitted 14 days ago • 0 comments