Profile avatar
cyb3rkitties.bsky.social
they/she. spreader of virtual kitties. 🐱
 reverse engineering ⚫️ threat intelligence ⚫️ malware ⚫️ security research ⚫️ snoring cats occasionally climbing. good food always. naps are underrated.
36 posts 519 followers 201 following
Prolific Poster
Conversation Starter
Posts 33 Comments 17

Fellow NSA - National Security Agency veterans. Look at what’s happened at the National Cryptologic Museum. They covered up with brown paper the photos of Women in American Cryptology. All in response to President Trump’s anti-diversity executive order.

submitted 28 days ago • 969 comments

me: “so you want to transition from IT to security. what do you wanna do in security?” person on the internet: “defense analyst…security analyst” me: “a security analyst can include soc, grc, ir, vulnerability assessment/management, etc. so, what do you wanna do in security?”

submitted 35 days ago • 0 comments

okay, serious question: why don’t enterprises mandate default adblockers for all users? would it not avoid headaches and a good chunk of credstealing/malware download opportunities?!

submitted 81 days ago • 1 comment

A Russia/Iran-backed coup of senior Assad regime officers seems to be underway in Damascus. If they’re successful, and they can prevent a conflict with the opposition forces, it will allow them a say in any negotiated settlement.

submitted 84 days ago • 22 comments

After annulling the first round of the presidential election, Romanian authorities have now raided a local man paying influencers to support the pro-Kremlin candidate--which is against the law in Romania. www.agerpres.ro/justitie/202...

submitted 85 days ago • 2 comments

international affairs genie: “hey, it’s almost the end of the year, how bout we all chill out and take a breather?” south korea: “lmao too late” france: “hold my beer”

submitted 87 days ago • 1 comment

well, this was interesting to say the least. a spectacularly failed “self coup”. www.aljazeera.com/news/2024/12...

submitted 87 days ago • 0 comments

submitted 88 days ago • 0 comments

For anyone interested in detection and prevention methods against Salt Typhoon intrusions targeting communication providers, here is a comprehensive guide: media.defense.gov/2024/Dec/03/...

submitted 88 days ago • 2 comments

It is the biggest con in cyber security, hands down. There is *no data* that it changes cyber security *outcomes.* I theorize that most people intuitively know this, but because "improving click rate" is easy to track (and game), many performatively champion it as a "good metric" for security.

submitted 94 days ago • 21 comments

ah, the joys of building hash tables that refuse to populate.

submitted 95 days ago • 1 comment

more fun malware to add to the reversing list

submitted 96 days ago • 0 comments

#SaltTyphoon

submitted 97 days ago • 1 comment

show opinions needed! last week i finally watched “dune: part two”, liked it, and now wondering about dune: prophecy. anyone watched it? is it a yay, nay, or meh?

submitted 98 days ago • 0 comments

Nearest Neighbor? Espionage. www.wired.com/story/russia... Salt Typhoon? Espionage. wapo.st/3CHK3dQ GRU’s use of Moobot? Espionage. www.justice.gov/opa/pr/justi... MSS hack of MSFT? Espionage. www.cisa.gov/sites/defaul... SolarWinds? Espionage. www.lawfaremedia.org/article/sanc...

submitted 99 days ago • 0 comments

hello, hi, happy #caturday! can we please bring back the chicken wings cat dance trend? pretty please? youtube.com/shorts/ETIs_...

submitted 99 days ago • 0 comments

Awesome research ! - The Nearest Neighbor Attack: How A Russian #APT Weaponized Nearby Wi-Fi Networks for Covert Access - @volexity.com - www.volexity.com/blog/2024/11... #cyberespionage

submitted 99 days ago • 2 comments

Check our our introductory post on Reverse Engineering a NES / Famicom game with Ghidra using the excellent NES decompiler plugin.

submitted 99 days ago • 0 comments

what!! this is neat. didn’t know they had a weekly newsletter on vulnerability research 🤩 blog.exploits.club/exploits-clu...

submitted 100 days ago • 0 comments

2024-11-22 (Friday) #XLoader / #Formbook: I've been fired by my non-existent HR department. At least I got a "salary-receipt.exe" bazaar.abuse.ch/sample/003b5... Tria.ge and Any.Run don't identify the malware, but Joe Sandbox does: www.joesandbox.com/analysis/156... Also runs in my lab just fine

submitted 100 days ago • 2 comments

This is wild. Time to mandate 2fa for WiFi. www.volexity.com/blog/2024/11...

submitted 100 days ago • 1 comment

anyone else with @cyberwarcon.bsky.social FOMO? have fun y’all 🥹 hope to join you next year 💕

submitted 100 days ago • 2 comments

We're hiring a Principal Intel Analyst in the UK. The work is onsite 3 days/week and requires a UK DV clearance. If you fit that description, it's some really cool work. www.google.com/about/career...

submitted 107 days ago • 0 comments

and speaking of advent calendars! this sounds like a lot of fun—advent of radare2 🤩 www.radare.org/advent/

submitted 100 days ago • 0 comments

truth is that the average cyber attack these days is anything but “sophisticated”. creds are literally found everywhere in various breaches and users have the bad habit to reuse them. then, it’s about some AD discovery and LOLbin type tool for lateral movement + privesc, and we all know how it ends.

submitted 101 days ago • 0 comments

Been a while since we've seen #macOS #malware abusing osacompile rather than plain osascript, but #Amos Atomic Stealer is nothing if not adaptable. SHA1: 51ef05c84eea3dde149a5dd3ea9916a824e95afc. A reminder that it's possible (didn't say easy 😅) to reverse compiled #applescript. s1.ai/fadedead

submitted 101 days ago • 0 comments

Quite an evening listening to @mikko.bsky.social open the Museum of Malware Art in Helsinki! Brilliant collection including the 2000 Iloveyou virus commemorated as a hanging collection

submitted 103 days ago • 3 comments

Det. Eng. Weekly Issue 93 is live! https://buff.ly/3UWj3xG * 💎 by Andrew VanVleet on resiliency in your detection stack * @anton1chuvakin.bsky.social on alert fatigue and reframing alert labeling to more than just false positives and true positives (more in thread..)

submitted 102 days ago • 1 comment

The alleged Phobos ransomware operator has been extradited from South Korea to the US and faces up to 20 years in prison. Read: hackread.com/russian-hack... #CyberSecurity #CyberCrime #Phobos #Ransomware

submitted 102 days ago • 0 comments

i’m not religious but i’ve always loved the idea of advent calendars. i’m thinking about building one for malware people. like, each day is a surprise new cool malware sample, a useful script, a writeup on a technique. 🤔

submitted 103 days ago • 3 comments

oh hai everyone, it’s been a minute since i’ve logged in here. where are all my malware/security research nerdsss?! 🤓💕

submitted 111 days ago • 0 comments

These past few weeks, I did a thing to try and organize my malware reverse engineering work: a framework that leverages MITRE ATT&CK tactics to guide an analyst through the workflow by looking at keywords and API/function patterns. I hope folks find it useful! cyb3rkitties.github.io/posts/malwar...

submitted 515 days ago • 0 comments

i have “look for the same people you follow on mastodon” fatigue.

submitted 605 days ago • 0 comments