Spanky
@spankowitz.bsky.social
📤 80
📥 427
📝 24
I like threat intel, purple team, and turtles.
reposted by
Spanky
Ron Deibert
about 13 hours ago
NEW
@citizenlab.ca
report: Cellebrite Used on Kenyan Activist and Politician Boniface Mwangi
citizenlab.ca/research/cel...
loading . . .
Not Safe for Politics: Cellebrite Used on Kenyan Activist and Politician Boniface Mwangi - The Citizen Lab
Following the widely-condemned arrest in July 2025 of prominent Kenyan opposition voice Boniface Mwangi, the Citizen Lab analyzed artefacts from devices seized during the arrest. We found that Cellebr...
https://citizenlab.ca/research/cellebrite-used-on-kenyan-activist-and-politician-boniface-mwangi/
1
20
19
Making my GREM index like...
3 days ago
0
1
0
These dudes are awesome! Highly recommend their training if you get the opportunity.
add a skeleton here at some point
4 days ago
1
1
0
reposted by
Spanky
Barry Dorrans
4 days ago
Early career pen tester wanted to break some of azures specialist clouds.
#infosecJobs
loading . . .
Penetration Tester | Microsoft Careers
Penetration Testing Identify security vulnerabilities and variants across critical cloud services. Perform source code reviews, dynamic analysis, and operational security assessments. Validate softwar...
https://apply.careers.microsoft.com/careers/job/1970393556748197
0
7
4
reposted by
Spanky
Teri Radichel
4 days ago
Non-Deterministic: The most important word you need to understand about AI 🤖
teriradichel.substack.com/p/non-determ...
loading . . .
Non-Deterministic
The most important word you need to understand about AI
https://teriradichel.substack.com/p/non-deterministic
0
2
1
reposted by
Spanky
Ryan Naraine
7 days ago
This week's show is up on YouTube (presented by Thinkst Canary
@thinkstcanary.canary.tools
) WATCH
www.youtube.com/watch?v=fvKM...
loading . . .
From Epstein to Notepad++: Redactions, Zero-Days and Supply Chain Attacks
YouTube video by Three Buddy Problem
https://www.youtube.com/watch?v=fvKMQjdl9qo
1
6
7
reposted by
Spanky
Teri Radichel
18 days ago
If Pentesting, AppSec, Bug Bounties or Security Engineering is your focus the Security Bugs section of my blog may be for you. Here I explore a serialization CVE in SolarWinds and prevention methods Programming Languages and Serialization CVEs
teriradichel.substack.com/p/programmin...
loading . . .
Programming Languages and Serialization CVEs
Taking a look at a recent critical Solar Winds CVE
https://teriradichel.substack.com/p/programming-languages-and-serialization
0
4
1
reposted by
Spanky
Ryan Naraine
18 days ago
🔥
#ThreeBuddyProblem
Ep83 has been pushed to your earholes. Poland CERT on Russian wipers, Sandworm or not Sandworm, new FortIvanti nightmares + some KasperSekrets chit-chat
@craiu.bsky.social
@jags.bsky.social
securityconversations.com/episode/a-de...
loading . . .
A destructive cyberattack in Poland raises NATO 'red-line' questions - Security Conversations
(Presented by Material Security: We protect your company’s most valuable materials — the emails, files, and accounts that live in your Google Workspace and Microsoft […]
https://securityconversations.com/episode/a-destructive-cyberattack-in-poland-raises-nato-red-line-questions/
1
7
5
reposted by
Spanky
Effin' Birds
about 1 month ago
15
2181
672
reposted by
Spanky
The New Yorker
about 1 month ago
Today’s Daily Cartoon, by Teresa Burns Parkhurst.
#NewYorkerCartoons
2
281
67
reposted by
Spanky
NPR
about 1 month ago
NPR built a visual archive of the Jan. 6, 2021, attack on the Capitol, showing exactly what happened through the lenses of the people who were there. In "Chapter 2: Stop the Steal," we look at how false claims of a stolen election mobilized Trump supporters.
loading . . .
Jan. 6, 2021: A visual archive of the Capitol attack
NPR’s Jan. 6 archive brings together reporting, video, documents and testimony to show what really happened during the Capitol riot. Explore the timeline, cases and evidence behind the attack.
https://n.pr/4sxp4jy
20
1153
630
reposted by
Spanky
NPR
about 2 months ago
The 2025 selection follows its predecessors, "brain rot" from 2024, "rizz" from 2023 and "goblin mode" from 2022.
loading . . .
Don't get angry, but the 2025 Oxford Word of the Year is 'rage bait'
The 2025 selection follows its predecessors, "brain rot" from 2024, "rizz" from 2023 and "goblin mode" from 2022.
https://n.pr/49a6eFZ
9
189
43
reposted by
Spanky
Ryan Naraine
about 2 months ago
A fresh problem has been pushed to your podcast platforms!
@craiu.bsky.social
@jags.bsky.social
- Spotify
open.spotify.com/episode/68US...
- Apple
podcasts.apple.com/us/podcast/w...
Presented by our friends at ThreatLocker 😍
loading . . .
What's behind US gov push to 'privatize' cyber operations?
https://open.spotify.com/episode/68USKCh4UahGvufJTRSQZ5
0
4
3
reposted by
Spanky
SentinelOne
2 months ago
AI isn’t reinventing ransomware — it’s industrializing it. That’s the core finding from new
@sentinellabs.bsky.social
research on how threat actors are actually using LLMs today.
s1.ai/llm-rw
loading . . .
LLMs & Ransomware | An Operational Accelerator, Not a Revolution
LLMs make competent ransomware crews faster and novices more dangerous. The risk is not superintelligent malware, but rather industrialized extortion.
https://s1.ai/llm-rw
1
1
1
reposted by
Spanky
Eric Geller
2 months ago
Outgoing 15-year head of GAO says he's worried the government is "taking our foot off the gas at CISA" and would "live to regret it." He also said CISA's one-third workforce cut was "obviously untenable" and "they may not be postured" to support the midterm elections.
fedscoop.com/cisa-workfor...
loading . . .
Outgoing GAO chief warns of ‘taking our foot off the gas’ at CISA
Gene Dodaro, who is set to retire from the watchdog at the end of this month, shared final concerns with senators Tuesday about how the government is prioritizing cybersecurity.
https://fedscoop.com/cisa-workforce-threats-gao-cybersecurity-gene-dodaro/
0
20
5
reposted by
Spanky
SpecterOps
2 months ago
The BloodHound Query Library, launched by
@martinsohn.dk
&
@joeydreijer.bsky.social
, democratizes tradecraft with a shared, searchable ecosystem. With 180+ Cypher queries & counting, the library is an increasingly valuable tool for the BloodHound community! Browse ➡️
ghst.ly/bql_eoybsky
0
2
3
reposted by
Spanky
The New Yorker
2 months ago
Today’s Daily Cartoon, by Brendan Loper.
#NewYorkerCartoons
2
78
14
reposted by
Spanky
SpecterOps
3 months ago
AI tooling and MCP servers are entering enterprises fast, often faster than security teams can assess the risks. During a recent engagement,
@xpnsec.com
found a new Claude Code vuln (CVE-2025-64755) while exploring MCP abuse paths. 👀 Read the details:
ghst.ly/49ybl4W
loading . . .
An Evening with Claude (Code) - SpecterOps
This blog post explores a bug, (CVE-2025-64755), I found while trying to find a command execution primitive within Claude Code to demonstrate the risks of web-hosted MCP to a client.
https://ghst.ly/49ybl4W
0
10
4
reposted by
Spanky
Phillip Wylie
3 months ago
White Knight Labs: Part 2
loading . . .
White Knight Labs: Part 2 - Phillip Wylie
About the Guests: Greg Hatcher and John Stigerwalt are co-founders of White Knight Labs, a boutique cybersecurity company specializing in offensive security services and advanced training programs. Greg’s background includes a remarkable career as a Green Beret in the U.S. Army, transitioning into cybersecurity with a focus on penetration testing and red teaming. John’s journey…
https://thehackermaker.com/white-knight-labs-part-2/
0
1
1
reposted by
Spanky
Effin' Birds
3 months ago
1
561
84
reposted by
Spanky
The New Republic
3 months ago
A U.S. District Judge has ruled that interim U.S. Attorney Lindsey Halligan (who had no prosecutorial experience before this role) was improperly appointed by the Trump administration, agreeing with Comey’s defense team. The ruling means that both federal indictments are dismissed.
trib.al/WZbNPi9
3
101
25
@cyberwarcon.bsky.social
how do you get so much talent packed into one day? This is my favorite conference. Every talk is a banger.
3 months ago
0
9
1
reposted by
Spanky
60 Minutes
3 months ago
When Matt Thomas dropped out of law school, he devoted himself to a sport he initially thought was a joke: chess boxing.
cbsn.ws/3LB3nOz
loading . . .
Chess boxers fight to win by hook or by rook
Chess boxing got its start in a graphic novel. Now actual competitors fight for knockouts and checkmates. Russia has dominated for years, but the sport's popularity is growing in the U.S.
https://cbsn.ws/3LB3nOz
1
11
4
reposted by
Spanky
Olivia Messer
3 months ago
79-year-old Paul Bojerski was born to Polish parents in a WWII German refugee camp. His family legally emigrated to the U.S. when he was 5. He’s been taken by ICE in Florida.
www.orlandosentinel.com/2025/11/16/s...
loading . . .
Sanford grandfather, born in refugee camp, nabbed by ICE after 70 years in U.S.
Paul Bojerski never gained official residency, but he checked in regularly with ICE for years. Then in July, at age 79, he was detained and sent to Alligator Alcatraz.
https://www.orlandosentinel.com/2025/11/16/sanford-grandfather-born-in-refugee-camp-nabbed-by-ice-after-70-years-in-u-s/
170
4528
3125
reposted by
Spanky
Black Hills Information Security
3 months ago
This Thursday
@strandjs.bsky.social
join us to talk about China! A cross between history and technology John breaks down exactly what he will be discussing in his webcast here! Interested? Come join us and register here:
events.zoom.us/ev/AhsoFeh2O...
loading . . .
0
1
1
reposted by
Spanky
Zack Whittaker
3 months ago
Politico is reporting that the breach at the Congressional Budget Office is "ongoing." “Do NOT click on any links in emails from CBO. Do NOT share sensitive information with CBO colleagues over email, Microsoft Teams, or Zoom at this time,” the email to CBO staff reads.
loading . . .
Cybersecurity breach at Congressional Budget Office remains a live threat
Library of Congress employees were informed to take caution when emailing the office of the congressional scorekeeper.
https://www.politico.com/live-updates/2025/11/10/congress/cbo-still-under-threat-00644930
13
310
228
reposted by
Spanky
Mark Simos
3 months ago
I found myself using this career advice slide a lot lately and thought I would share it more broadly.
0
2
2
reposted by
Spanky
GreyNoise
3 months ago
We deployed MCP honeypots to understand how threat actors engage with AI middleware exposed to the internet. What we observed was unexpected. Full analysis ⬇️
#GreyNoise
#AI
#AISecurity
#MCP
#MCPSecurity
#Cybersecurity
#ThreatIntel
loading . . .
What GreyNoise Learned from Deploying MCP Honeypots
GreyNoise deployed MCP honeypots to see what happens when AI middleware meets the open internet — revealing how attackers interact with this new layer of AI infrastructure.
https://www.greynoise.io/blog/deploying-mcp-honeypots
0
15
9
reposted by
Spanky
The New Yorker
4 months ago
The rushed and uneven rollout of A.I. has made it tempting to conclude that it’s all hype. But its advancement may have profound implications for the field of neuroscience.
loading . . .
The Case That A.I. Is Thinking
ChatGPT does not have an inner life. Yet it seems to know what it’s talking about.
https://www.newyorker.com/magazine/2025/11/10/the-case-that-ai-is-thinking?utm_medium=social&utm_social-type=owned&utm_source=bluesky&mbid=social_bluesky&utm_brand=tny
45
71
32
reposted by
Spanky
Reyhan Harmanci
4 months ago
🎇New package alert
@wired.com
! This one has been in the works for months. If WIRED was going to tackle AI -- something we cover daily -- we had to go big. So here are 17 different stories about the way AI is changing us, even as the technology itself keeps moving
www.wired.com/ai-issue/
loading . . .
AI of a Thousand Faces
What happens now that AI is everywhere and in everything? WIRED can’t tell the future, but we can try to make sense of it. Behold: 17 readings from the furthest reaches of the AI age.
https://www.wired.com/ai-issue/
5
187
84
reposted by
Spanky
Teri Radichel
4 months ago
Summary of the Amazon DynamoDB Service Disruption in Northern Virginia (US-EAST-1) Region I bet someone wishes they had checked for an empty value in this code right about now: The root cause of this issue was …
1
1
1
reposted by
Spanky
Joseph Cox
4 months ago
"Hold onto your butts, because one day you might be breathing through them."
www.404media.co/breathing-th...
loading . . .
Breathing Through Our Butts Declared Safe After First Human Trial
The first application of enteral ventilation—aka breathing through the bum—to humans proved the technique is safe.
https://www.404media.co/breathing-through-our-butts-declared-safe-after-first-human-trial/
5
32
13
reposted by
Spanky
John Hultquist
4 months ago
An opinion piece I wrote for Cipher Brief on the next wave of AI threats. The speed and scale of this activity will change the nature of cybersecurity. In order to compete with adversary use of this technology we must adopt it wholeheartedly into defense.
www.thecipherbrief.com/ai-cyberatta...
loading . . .
AI-Powered Adversaries Require AI-Driven Defenses
OPINION — The use of artificial intelligence by adversaries has been the subject of exhaustive speculation. No one doubts that the technology will be abused by criminals and state actors, but it can b...
https://www.thecipherbrief.com/ai-cyberattack-cybersecurity
0
11
7
reposted by
Spanky
garthoid
4 months ago
www.theregister.com/2025/10/20/a...
loading . . .
Today is when Amazon brain drain finally caught up with AWS
column: When your best engineers log off for good, don’t be surprised when the cloud forgets how DNS works
https://www.theregister.com/2025/10/20/aws_outage_amazon_brain_drain_corey_quinn/
0
5
3
reposted by
Spanky
SentinelOne
4 months ago
AI as an Amplifier for Human Tradecraft: how scale can meet sharper intelligence. What’s New: In their
#LABScon
2025 talk,
@dreadnode.bsky.social
's Brad Palm and
@machinavelli.com
show how agentic AI can explore every analytical pathway — at speed and scale.
loading . . .
1
2
2
reposted by
Spanky
Anil Kalhan
5 months ago
"[A]gents engulfed my car in tear gas, smashed my driver-side window, and pepper-sprayed my face.... I spent three nights and three days in federal custody. No explanation. No charges. No apology. One day, I was just told, 'you’re free to go.'"
#KavanaughStop
loading . . .
I’m a US citizen and a veteran. ICE arrested me for no reason.
Jailed for three days without an explanation or ability to notify anyone, George Retes argues the only path to healing starts with the government taking accountability for its actions.
https://newsletter.ofthebrave.org/p/im-a-us-citizen-and-a-veteran-ice?utm_medium=web
68
2291
1216
reposted by
Spanky
Renee DiResta
5 months ago
My whole Threads feed is Takes (tedious, tedious takes) on That Album that I will never listen to by an artist I’ve never expressed any interest in. It’s wild to see how quickly that algorithm changes a feed to be about one thing only.
11
105
5
reposted by
Spanky
The Citizen Lab
5 months ago
NEW REPORT: We uncovered a coordinated network of fake X profiles that is spreading AI-generated content to induce revolt in
#Iran
. We call this network “PRISONBREAK”. Read the report 👉
citizenlab.ca/2025/10/ai-e...
loading . . .
We Say You Want a Revolution: PRISONBREAK - An AI-Enabled Influence Operation Aimed at Overthrowing the Iranian Regime - The Citizen Lab
We investigate a coordinated network of inauthentic X accounts that is spreading AI-generated content to induce revolt in Iran. The network has been active since 2023, but increased activity during th...
https://citizenlab.ca/2025/10/ai-enabled-io-aimed-at-overthrowing-iranian-regime
2
34
15
reposted by
Spanky
Ryan Naraine
5 months ago
We're streaming live to YouTube in ~20 mins. Come hang out with us
www.youtube.com/watch?v=zjdh...
loading . . .
Three Buddy Problem (Episode 66)
YouTube video by Three Buddy Problem
https://www.youtube.com/watch?v=zjdhfWFt2LE
0
5
5
reposted by
Spanky
The Banshee Queen 👑
5 months ago
First public report at Recorded Future by yours truly is out! RedNovember (formerly TAG-100, a.k.a. Storm-2077) is a Chinese state-sponsored threat group focused on intelligence collection, especially on flashpoint issues of strategic interest to China.
www.recordedfuture.com/research/red...
loading . . .
RedNovember Targets Government, Defense, and Technology Organizations
RedNovember, a likely Chinese state-sponsored cyber-espionage group, has targeted global government, defense, and tech sectors using advanced tools like Pantegana and Cobalt Strike. Discover the lates...
https://www.recordedfuture.com/research/rednovember-targets-government-defense-and-technology-organizations
2
22
14
reposted by
Spanky
Black Hills Information Security
5 months ago
Burp Suite is powerful, no doubt. But let’s be real — it’s also a beast to tame. That’s why you need a cheat sheet just as stacked. More:
portswigger.net/burp
www.youtube.com/watch?v=Gb7O...
www.youtube.com/watch?v=lyJi...
www.youtube.com/watch?v=xKud...
.
www.youtube.com/playlist?lis...
0
5
2
reposted by
Spanky
Tom Nichols
5 months ago
The Atlantic Announces Free Digital Subscriptions for All U.S. Public High Schools
www.theatlantic.com/press-releas...
loading . . .
The Atlantic Announces Free Digital Subscriptions for All U.S. Public High Schools
None
https://www.theatlantic.com/press-releases/archive/2025/09/atlantic-gives-free-digital-access-high-schools/684221/?gift=otEsSHbRYKNfFYMngVFweMbCl6OUb_h7fYJdXxVTgZk&utm_source=copy-link&utm_medium=social&utm_campaign=share
110
2920
660
reposted by
Spanky
NPR
5 months ago
Four prosecutors who worked on Capitol riot cases have found a way to continue public service after leaving the Justice Department. They're all colleagues again.
loading . . .
These fired DOJ lawyers are finding new ways to make a difference
Four prosecutors who worked on Capitol riot cases have found a way to continue public service after leaving the Justice Department. They're all colleagues again.
https://n.pr/4pmTeV0
17
908
176
reposted by
Spanky
SentinelOne
6 months ago
Your cyber threat intel is part of the North Korean strategy: DPRK operators are abusing CTI platforms to see if they’ve been seen—and moving faster because of it. 👀
1
7
8
reposted by
Spanky
Phillip Wylie
6 months ago
Cheryl Biswas: From Political Science Major to Cyber Threat Intelligence
loading . . .
Cheryl Biswas: From Political Science Major to Cyber Threat Intelligence - Phillip Wylie
About The Guest:Cheryl Biswas is a cybersecurity professional with a background in political science. She currently works in cyber threat intelligence, protecting a big bank against cybercrime and state-sponsored adversaries. Cheryl is passionate about the intersection of politics, economics, and technology in the cybersecurity field. Summary:Cheryl Biswas, a cybersecurity professional with a background in political…
https://thehackermaker.com/cheryl-biswas-from-political-science-major-to-cyber-threat-intelligence/
0
1
1
reposted by
Spanky
CYBERWARCON
6 months ago
CYBERWARCON is coming!!! Registration and CFP are now open for this year's
#CYBERWARCON
! This year's keynote speaker will be
@dmitri.silverado.org
!! We are back in Arlington, VA this year on November 19th.
www.cyberwarcon.com
loading . . .
CYBERWARCON
https://www.cyberwarcon.com
1
29
31
reposted by
Spanky
Alex de Campi
6 months ago
There are tons of graphic novels, academic papers, film and TV scripts, & prose novels/nonfiction on the LibGen list Anthropic used. As settlement approaches, make it easy for the class action lawyers to contact you! Here’s how Part 1: is your work in Libgen?
www.theatlantic.com/technology/a...
loading . . .
Search LibGen, the Pirated-Books Database That Meta Used to Train AI
Millions of books and scientific papers are captured in the collection’s current iteration.
https://www.theatlantic.com/technology/archive/2025/03/search-libgen-data-set/682094/
51
1015
975
reposted by
Spanky
andy jabbour
6 months ago
'more than 500 credible reports of human rights abuses...the investigation—led by US senator
@ossoff.bsky.social
@ossoff.senate.gov
...unearthed 41 cases of physical and sexual abuse; 14 involving pregnant detainees & 18 involving children'-
@dell.bsky.social
@wired.com
www.wired.com/story/senate...
loading . . .
Senate Probe Uncovers Allegations of Widespread Abuse in ICE Custody
Led by US senator Jon Ossoff, the investigation cites hundreds of reports since January, including accounts of miscarriages, child neglect, and sexual abuse at ICE detention centers in dozens of state...
https://www.wired.com/story/senate-probe-uncovers-widespread-abuse-in-ice-custody/?utm_source=nl&utm_brand=wired&utm_mailing=WIR_Daily_082025_UNPAID&utm_campaign=aud-dev&utm_medium=email&utm_content=WIR_Daily_082025_UNPAID&bxid=678d05ac3d0abc261010577d&cndid=85925085&hasha=d3516dcea8d102c3614c323741fa86e7&hashc=6433e3c77ff1d484c89f652e821941d23428745044de436c135c8601390f3343&esrc=JOURNEY_PAYWALL&utm_term=WIR_DAILY_UNPAID
1
1
3
Load more
feeds!
log in