Profile avatar
paulbatson.bsky.social
Lazysecurity on the hellsite and infosec.exchange. Secops geek. Detection engineering, threat hunting & IR mostly. Occasionally helps out with some analysis or testing pens. Former BSidesLondon organiser.
22 posts 103 followers 457 following
Regular Contributor
Conversation Starter
Posts 20 Comments 16

Do any of my followers have any contacts at Snapchat? A close friend has been phished but realised a couple of mins later and reset her creds. The email she has received afterwards isn't clear if the attempted auth was successful or not. She is fraught with worry. Please repost for visibility.

submitted 12 days ago • 1 comment

Regex is too hard for even OpenAI o1: it thought for over three minutes and then produced regex that didn't work. Looks like regex is a good test for AGI.

submitted 30 days ago • 5 comments

I decided to put together a starter pack of oldskool hacker and/or hacker-adjacent folks you may want to follow (Or, y'know, maybe you want to block them all, what do I know? You do you, homeslice.) go.bsky.app/HQWqtno

submitted 82 days ago • 36 comments

Hope to see some of you tonight for discussions

submitted 80 days ago • 0 comments

This blog is wild. “Secret Blizzard (Turla) has used the tools and infrastructure of at least 6 other threat actors during the past 7 years.” www.microsoft.com/en-us/securi...

submitted 81 days ago • 1 comment

Sekoia has published some pretty comprehensive research on how ransomware gangs exfiltrate data from compromised environments. blog.sekoia.io/ransomware-d...

submitted 87 days ago • 4 comments

www.welivesecurity.com/en/eset-rese...

submitted 87 days ago • 0 comments

DualCore and I spoke at the Red Team Village this year. Here are the slides. QR code with link to gist with all the reference links on last page. Unfortunately it wasn't recorded. docs.google.com/presentation... #redteam #purpleteam #redteamvillage

submitted 91 days ago • 0 comments

If you'll be at BSides London this year please do find the time to check out this talk by my student Ana, she's going to be talking about the intersection of security and disability with her talk on password accessibility

submitted 91 days ago • 3 comments

For anyone just getting into detection engineering or hunting, I’d strongly recommend starting out by making sure you’re collecting process events (with full command lines), persistence locations (eg. scheduled tasks, services, reg run keys, cron, etc) and process network connections.

submitted 91 days ago • 1 comment

Just added a boatload of new detection engineers who joined Bluesky this week. Make sure to check this starter pack out

submitted 91 days ago • 2 comments

If you're interested in Linux DFIR? Then check all our talks/workshops below. #Linux #DFIR #Cybersecurity CC: @maryst33d.bsky.social linuxdfir.ashemery.com

submitted 91 days ago • 0 comments

We have just managed to free up some more tickets for #BSidesLDN2024, when they are gone, they are gone! www.eventbrite.co.uk/e/bsides-lon... Please be a team player and remember to cancel your ticket if you can no longer be there on the day! #Security #BSides #London #Tickets

submitted 91 days ago • 0 comments

Whilst helping someone out with their gmail security, I’ve just realised they offer darkweb/leak monitoring. How did I not know about this already?

submitted 93 days ago • 0 comments

🧵1/5 For anyone wondering why they put up with the stress of a role in infosec (I know I have wondered sometimes in the past) please consider the following. We all know ransomware TAs affect companies and their bottom line. And there’s an understanding that it affects individuals too..

submitted 95 days ago • 5 comments

I made a Detection Engineering starter pack, will be adding more as more folks jump over to bluesky! go.bsky.app/HenXJUR

submitted 97 days ago • 9 comments

This is a really interesting read from a Russian IR company on some pretty stealthy nix malware. (Hat tip to @patrick.risky.biz / Risky Business for highlighting it). Some good detection opportunities in there. Russian language but Google translate does a great job. rt-solar.ru/solar-4rays/...

submitted 97 days ago • 0 comments

If the NSA[1], GrapheneOS[2], and Apple[3] all believe that rebooting your mobile phone regularly is something that protects your data, you might consider automating it. 1. https://buff.ly/3xhyTtU 2. https://buff.ly/40OLdhw 3. https://buff.ly/3UIbQB0

submitted 104 days ago • 5 comments

This starter pack thing is cool, it's like what Follow Friday wanted to be when it grew up. :)

submitted 97 days ago • 3 comments

Great post by @naehrdine.bsky.social on the inner workings of the new inactivity reboot feature in iOS 18. naehrdine.blogspot.com/2024/11/reve...

submitted 97 days ago • 1 comment