Any cybersecurity folks wanna meet virtually once a month to chat and encourage each other?

testing unaware pentesters w deceptive tech see how non-cyber ppl have low regard for cyber firms- think they know how to effectively eval pentest firms using some deceptive cyber tech ie bypassing proven methodologies

Management: “How do we make it so we can tell public nothing happened” Media: “Company spokesperson said nothing happened” Customer: “Looks like nothing happened”

why must every single biz & org be required to pay $ for every single user to learn very basic info-security awareness (ie cyber common sense) #CyberSecurity

Bug hunting on random sites without written permission or a publicly posted VDP/BBP is a crime.

Registry Analysis for Beginners Part 1 covers SAM, SYSTEM, SOFTWARE hives, NTUSER.DAT, Amcache + transaction logs that reveal changes even after deletion. Extract with Autopsy/KAPE/FTK, compare with RegBack backups to catch anti-forensics: https://t.co/gGyYyVPk5B @three_cube

airpod ecosystem lock-in bypass

ease the $$ burden to US businesses- shift left basic cyber awareness training to edu saves billions $

How to Use Fedora Toolbx for Isolated Development Environments

major opportunity in cyber rn to look into vendor (over-)consolidation- aggregating physical control of data/systems and security services/tools to same provider that makes the client os, cloud services, biz prod suite, server os, etc etc defies security fundamentals

boring, but major opportunity in biz-org cyber for US at least most biz have no idea of hidden attack surface exposed- identifying beyond what asm tools can see, attribute

What’s Your Biggest Challenge in Third-Party Risk Management? #CyRAACS #PollOftheDay

opportunities in biz/org cyber to id pros in roles that either need to improve their fundamentals, ethos, common sense (or to replace if they’re unwilling) many requirements bypassed for many to promote, transfer, hire into a cyber role- it’s how US biz cyber falsely solved the

Let me blow your mind real quick: When you use Remote Desktop (RDP), Windows secretly takes screenshots of what you are doing. It’s called the RDP Bitmap Cache. To make the connection faster, Windows saves small tiles (images) of the remote screen to your hard drive in a bin

Someone found an RCE on my website yesterday. CVE-2025-55182. React2Shell. I don't have a bug bounty program. I never asked for a security assessment. I woke up to a DM: "Hey I found a critical vulnerability in your site. I only ran the exploit to verify it worked. Here's my

rCTI (@Reddit cyber threat intel)

#ITM - Step right up and tune in to the Power at the Top of the Hour! It's the Media Deconstruction That You Need to Function for a reason! No corporate overlords, the show is producer-supported! 🚨Tune in NOW!🚨

What is your strategy to overcome such a deletion event? Forced backup of PCs? Voluntary backup with online storage? Leave it to the employee?

observed % of initial access “appliances” w/ edge-exposed port where running as virtual machine on same virtual infra as remaining VMs/targets (?)

No reboot is mainly “no patches needed”. No patches means no security questions (omitted regression tests).