What? @_JohnHammond the podcast intro guy!? wait what!? Honestly so much fun on this one, and John totally out did us by coming insanely well prepared with all the Christmas decorations...

@0xTib3rius @SwiftSecur1 @_JohnHammond Spotify: https://t.co/cFTpoQo9fZ Apple Podcasts: https://t.co/eoRW2GXLiV Amazon Music: https://t.co/JbLPfUhFrU YouTube:

Episode 26: (Christmas) War Stories with John Hammond! @0xTib3rius & @SwiftSecur1 are joined by @_JohnHammond who shares some war stories in our first Christmas episode! Links below!

"You shouldn't work in a silo" ... Meanwhile outside the silo:

https://t.co/LNLHgAwz6H hmm handy, seems to probe for common quarantine/spam locations, seen a few scripts that just don't and only look for the device type.. Still - check the config side either way to be 100%. Then proceed to set it on fire and throw it on a skip.

Wellllll now Cisco...dont you be going after Fortinets crown with a last min December entry to the 2025 cluster fuckery charts...

0-Day Alert 🚨 Cisco warns of *unpatched* actively exploited zero-day in multiple Cisco Email Security products (CVE-2025-20393) We have just launched an Cisco ESA honeypot stream for monitoring - available now for Defused TF subscribers! 🍯 👉 https://t.co/GXFaqghsXI

🛑 WARNING: CVE-2025-20393 is rated 10.0, with no patch available. Cisco confirmed active exploitation of an AsyncOS zero-day by a China-linked APT. The flaw allows root-level command execution on affected email security appliances and enables attackers to establish

go go go

🤣

🤣🤣 I'm so here for this. I too am a member of the tactile knob appreciation club.

🔥Introducing a new Red Team tool - SessionHop: https://t.co/hChhDXzhiE SessionHop utilizes the IHxHelpPaneServer COM object to hijack specified user sessions. This session hijacking technique is an alternative to remote process injection or dumping LSASS. Kudos to @tiraniddo

Just finished our small contribution to the Verizon DBIR report for next years publication, will shout when its all pulled together...its kinda interesting, we saw a bit of a drop off our end in terms of full scale breaches..although the countless developer machines we have

Serious question...I'm close to running out of space on my laptop for stickers...should I just keep layering them till they eventually get like an inch thick...or do I just ask for a new laptop.

🚨 CVE-2025-59718 (FortiCloud SSO login bypass) exploitation is under way - at least 7 different IPs exploiting our Fortinet honeypots over the weekend Example (decoded) payload: <samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="_bypass1337"

Cosy time.

@BSidesLondon reminds us why this community matters. If you left inspired, hold onto that spark, BSides Birmingham wants to hear your voice. Seasoned speaker or first-timer on the Rookie Track, our Call for Papers is open. Brum is ready. #BSides #BSidesBirmingham

Maze... But with wall hacks on.

Some new stickers for the collection 😂

🤣