Uh juicy, Lockbit has a new variant 😱😱😱 I cannot WAIT to dig into this www.trendmicro.com/en_us/resear...

Does anyone have BRICKSTORM hashes they can share, other than the two in the Mandiant blog? Or low and behold, samples? 🥹🥹🥹

Boom, the future is here. BRICKSTORM comes with Java servlets, a SOCKS proxy, Go malware, PowerShell scripts, JSP webshells, info stealers, and probs stuff I've missed. Forget Linux or Windows malware, the age of whatever-runs, wherever-it-runs malware has arrived! cloud.google.com/blog/topics/...

Lol ok the callgraph now makes pewpew when I click on a node, and Claude calls it a satisfying "pew" 😂

I vibecoded me a project today that I had on the backburner for a while, callgraph extraction with IDAPython and D3 force-directed graph vis. Did it work out of the box? No Claude made some hilarious mistakes. Was it faster than just me? For sure. Is it useful? Not yet. Fun? Yup.

Candid question. Does burnout ever really go away?

Jetlag make ADD go boom. That also means, proper sleep make executive function go boom! Follow me for more armchair health advice.

@blackhoodie.bsky.social at @sec-t.bsky.social was a blast, a full room of curious students. What a wonderful experience, and now on to the conference!

Huge thanks to the @hexacon.bsky.social team for bringing BlackHoodie to Paris! A free 4-day security workshop for women by women, Oct 6-9. So grateful for our amazing trainers sharing their knowledge: Sonia (Linux Forensics) Paula (Web/Mobile Sec) & Jiska (iOS Hacking)! blackhoodie.re/Hexacon2025/

Here we go again 🙄 we have written an open letter detailing how incredibly misguided is the ChatControl proposal: csa-scientist-open-letter.org/Sep2025

I'm omw to Stockholm for @blackhoodie.bsky.social at @sec-t.bsky.social conference 🥳🥰😱

OH: if vaccines caused autism, we’d have way more trains in the United States

And how is your burnout coming along? Acquired that goat farm yet?

I'm once again looking at the epic 20-part essay which Ian Lance Taylor wrote about linkers lwn.net/Articles/276... - did anyone ever write anything remotely comparable about the MSVC linker? Like, very remotely even?

I've asked this before but seriously, what IS it these days with ransomware shipping with help menus and writing log files..?

Serious Windows XP background image vibes here in New Hampshire

And we did it! We ran 200 miles from Mt Hood to Seaside during a heatwave. That's after Blackhat, Defcon, and a week of moving houses. And, good morning Boston! Im omw to Dartmouth college 🤓🤓🤓

Phrack turns 40. The digital drop is live. Download it. Archive it. Pass it on. 💾 www.phrack.org #phrackat40 #phrack72

I got mugshots done so I can finally look my age in biopics. Hi, I've been a reverse engineer for a long time, and these days I take ransomware apart for blood sports.

I'm captain of a Hood to Coast team again, and 12 of us are running 200 miles this weekend or 11 cause one guy had to drop today. Ask me where my cortisol is at but luckily the team figured it out and we're still on and the leadership qualities of those folk blow my mind 🗻🏃‍♂️🏃‍♀️

@bsidespdx.bsky.social is happening on Oct 24 & 25 in, you guessed it, Portland! The call for paper is open for another few weeks, send us your best stuff!! bsidespdx.org

At long last - Phrack 72 has been released online for your reading pleasure! Check it out: phrack.org

I reverse engineered Lockbit's Linux ESXi variant, also explaining how I did some of the steps! For the fun of it, cause reverse engineering is lots of fun. Enjoy! hackandcheese.com/posts/blog1_...

@blackhoodie.bsky.social will be at @sec-t.bsky.social on September 10th with a training on Linux Malware Reverse Engineering, for women by women! We have very few seats left 😁 blackhoodie.re/SecT2025/

Come hang out with Jos Wetzels and myself at 11.20am at Lagoon G level 2 to chat about reverse engineering and meet fellow REs!

DEFCON has banned Eric Michaud. You need to be an exceptionally toxic sleazebag to get banned from DEFCON. There are literally only 4 other names on the list: John Draper, Jake Appelbaum, Morgan Marquis-Boire, and Chris Hadnagy. defcon.org/html/links/d...

Going to BlackHat next week and passionate about reverse engineering? Or, wanting to be? Come hang out with Jos Wetzels and I on the 7th at 11.20am to chat about projects, books and tools you really enjoy, let us know if you're hiring or looking for a job in reverse engineering!

@blackhoodie.bsky.social will be back at @hexacon.bsky.social this year, and we're currently looking for former BlackHoodies who would be willing to give a training, between Oct 6 and 9! blackhoodie.re/Hexacon2025/

Sunset over Mt Hood national forest this last weekend!

Odd, but what an error screen!

Just chatted with a friend who works at a big corp, who got called a dog in a 1:1 with their manager today. I dont know what this industry is anymore. What should they do in such situation if afraid of retaliation?

man pthread_create is a perfectly well formed search engine query

And what do we do when we're upset with the world? That's right, we buy more books.

What is it with ransomware these days shipping with help menus?

Recon conference was a blast, and I had the opportunity to deliver my first training at an industry conference! The class went well, students were very engaged and I got good feedback. Will I do this again? Hot maybe, I had a lot of fun 😁

Noooooooooooooooo Microsoft 😭 80.lv/articles/mic...

No. No, they won’t. This attributes agency and choice to LLMs, which they conspicuously don’t have. They will put together text that responds to context, and since lots of human text in certain contexts resorts to deception and blackmail, their text will also do so.

One of my burnout recovery activities is paint night with friends every week. Here's last Monday's friendly monster. I've come to obsess over painting silly things.

Like I've said before, if you have any doubts about climate change, just go to a super-boring insurance conference and listen to the super-boring panels where they dryly talk about the growing threat of disasters so catastrophic and unpredictable in scope they simply cannot be insured at any price.

excited bc today @huntress.com is releasing our analysis of a gnarly intrusion into a web3 company by the DPRK's BlueNoroff!! 🤠 we've observed 8 new pieces of macOS malware from implants to infostealers! and they're actually good (for once)! www.huntress.com/blog/inside-...

Hey Andy, you should build that AI workforce _before_ you alienate the rest of your real worksforce. www.aboutamazon.com/news/company...

Oh, I'd say the marketing people in Mozilla are salivating over the puns about (fire)fox vs Google :)

Funny, now that I know how Linux process injection works, I can't find any Linux malware that actually does it. Do we have that MITRE tactic for just-in-case scenarios?

What happens when errors and hallucinations become facts, facts that may be impossible to dispute or lurk in the background unseen and uncorrected? Especially when new, more capable AI systems learn from these new "facts." perilous.tech/2025/06/05/a...

Terrific summary of Linux process injection techniques www.akamai.com/blog/securit...

Roberta Gibb and Kathrine Switzer had more courage than I'll ever possess, but I'll always want to run another marathon because they weren't allowed to 🏃‍♀️

I have gotten this impression that offensive security is hiring on all ends, while defense is seeing budget cuts and layoffs. The future is bright.

My heart goes out to the recruiter in my inbox thinking Im interested in a project management gig to bring my career forward 🙄

Came back from a long trip yesterday all gung-ho with motivation to hack stuff, and today I'm jetlagged af and lost knee deep in ELF load time relocation, and thoroughly questioning life choices 🥴