AI Revives Early‑2000s 0‑Day Chaos
Has AI brought back the early 2000s? People can find and exploit 0days easily. Hackers angry at Microsoft are dropping 0day. Frosted tips are cool again (ok, that one would mean the apocalypse)
God‑mode RCE Is Just Access; Execution Needs Capability
Even having a working 0day RCE god mode bug only gets you so far. You have initial access. Now what? What do you want to do and do you have the systems, processes, infrastructure and time to do it? Capability, opportunity,...
DoD Switches Allies as Anthropic Unveils Dangerous AI Weapon
DoD: Friendship ended with Anthropic. Now OpenAI is my best friend. [one month later] Anthropic: We’re pleased to announce the most powerful hacker capability ever created, able to discover and exploit thousands of critical 0days. Friends only release.
Java's Security Flaws Expose Risks for Critical Software
This just proves that Java is not a safe language to develop security critical software. This¹ would never have happened² with an analysis safe language, like Perl. __ ¹ bug discovery ² no understanding? No exploit.
0‑day Panic Overblown; I'm Ditching Tech for Farming
People are freaking out about an impending flood of 0days. This was the norm 20 years ago. I’m not that worried. Firstly, simply having an exploit doesn’t mean all that much in terms of operational capability. Secondly, I’m giving up...
North Korea Pressures Russian Officers over Crypto Ransomware
I assess with medium confidence this is a North Korean state actor looking for Russian officers with large crypto holdings from shaking down ransomware cyber criminals.
Metrics Miss the Bigger Picture in Conflict
“You know you never beat us on the battlefield,” I told my North Vietnamese Army (NVA) counterpart, Colonel Tu, during a meeting in Hanoi a week before the fall of Saigon. “That may be so,” he replied, “but it is...
Collaboration & Agility Drive Cyber‑resilient Innovation Ecosystems
As the digital domain presents challenges of extraordinary scale and complexity from a constantly evolving threat landscape, it is clear that empowering cyber-resilient innovation ecosystems requires a fundamental reimagining of how we synergize across modalities. The convergence of public-private partnership...
Prioritize Parachutes over Costly Drop‑plane Flights
If it were me, I would stop paying for the drop plane flights rather than the parachutes. Seems like a bit of a prioritization issue.
Use Dedicated Secure Devices for Source Protection
Jumping onboard the OPSEC train: Don't rely on cute tricks to stop security forces from accessing important data. Have a better system architecture that is secure against basic coercion. If you are a journalist working with someone who is committing treason,...
Google’s Mandiant Deploy
Mandiant Google’s shiny hunters scattered lapsus okta internal sso phishing blog. Imagine trying to parse that sentence in twenty years ago. Mandiant’s acquisition Google used their shiny hunters to scatter the Lapsus Okta internal sso phishing blog.
Group Chats Expose Sensitive Data Due to Trust Gaps
Allowing members of a group to see the group messages is literally the purpose of a group. The issue seems to be that sensitive data is shared with poorly established trust boundaries and insecure COMSEC. There is no technical solution...
Defender, Not Attacker, Determines Cyber Attack Impact
I wrote a short post on how the impact of cyber attacks is determined by the target, not the attacker. It’s important to remember how much control the defender has over not just the terrain but the effects of an...