New blog post: Data Driven Detection Engineering.

In which I argue for stronger software engineering skills in cybersecurity, and a focus on data engineering.https://t.co/roKBtdyXfz

— Julien Vehent (@jvehent) April 16, 2023

software is eating the world - and spitting most of it back out again looking slightly chewed, soggy and half-eaten, as it moves on to the next thing that you used to be able to rely on

— Mary Branscombe (@marypcbuk) February 2, 2018

New Blog Post:
"The LockBit ransomware (kinda) comes for macOS": https://t.co/GjGZZX22dz 🍎🔐

Includes full technical analysis of LockBit's macOS arm64 variant ("locker_Apple_M1_64") + sample for download + heuristic methods of detection 🔥

H/T @malwrhunterteam @vxunderground

— Patrick Wardle (@patrickwardle) April 16, 2023

"focus on my private life with my remaining apes" -- a new phrase to bounce around my head for the next week https://t.co/NGyKjyO7sj

— james hennessy (@jrhennessy) April 17, 2023

Here are the slides for my keynote, 'Mobile Exploitation, the past, present, and the future' at #Zer0Con2023. Zer0con was a blast as always, thank you @POC_Crew!! 🚀💫https://t.co/cqEftba9Cy

— Ahn Ki Chan (@Externalist) April 16, 2023

Now in English:
Israeli spyware maker QuaDream closes, fires all employees@omerbenj https://t.co/sACm33JpmT

— avi scharf (@avischarf) April 16, 2023

Cobalt Strike redirector technique used recently by Russian APT29/Nobellium ⚡️

This is a Red Team technique (T1090.002 External Proxy)https://t.co/31qDR29SPh
to hide C2 behind a legit website.

This could be very useful for Threat Hunters/Intel to set up a hypothesis/monitor… pic.twitter.com/Uy3MqnCOec

— Michael Koczwara (@MichalKoczwara) April 16, 2023