Catch up on all the week's security news, including the NPM package compromises, the Wyden letter to the FTC, and the new Apple memory safety push, in our latest podcast episode. decipher.sc/videos/npm-p...

When we launched in 2018, the first piece on the site was part one of our four-part oral history of the L0pht. We were able to rescue that series from the archives. Here's that first part again. Enjoy! decipher.sc/2025/07/24/w...

New pod! We talked through the Salesloft fallout, the potential for a long tail from the incident, and a new shared vision on SBOM from CISA, NSA, and many foreign gov cyber agencies. youtu.be/HCxV7Fsh7v0?...

So much of what was said here still rings true 10 years later

“The federal judiciary has repeatedly proven itself incapable of protecting the highly sensitive and confidential information with which it has been entrusted." @wyden.senate.gov decipher.sc/2025/09/03/w...

365 days since our last podcast episode, me and @lindseyodwelch.bsky.social are back and so is @deciphersec.bsky.social! Join us! We have lots of cool stuff on the way.

Hello friends! We're very excited to let you know.... WE ARE BACK! Our first video and podcast is live now, and our new site is live as well. Please have a look, share, and follow us wherever you find fine internet content! youtu.be/2cg7ljpvzdg?...

Invisible until it breaks: The risk of cutting costs and undervaluing cybersecurity www.fastcompany.com/91352486/inv...

Government internet shutdowns are quite common to silence dissent, but I think this is the first time that a government has shut down the internet in its own country as a defensive measure against cyberattacks.

I didn’t know the depths to which Twitter could go in it’s unhinged dumpster fire cesspool-ness, but it surpassed my expectations this month

First time getting warm+butter as a New Englander used to cold+mayo. It was eye opening

Man, why can't the world just be normal for a few days

Everyone needs a cybersecurity guy

Missed this week's @huntress.com Tradecraft Tuesday episode on infostealers? You can catch up on YouTube⤵️ www.youtube.com/live/pzjzdeA...

Post-exploitation activities observed stemming from the Samsung MagicINFO 9 Server flaw, in a nutshell: www.huntress.com/blog/post-ex...

A win is a win

🎉 May Tradecraft Tuesday 🎉 Excited to talk about infostealers next week with Greg Linares as part of the @huntress.com May Tradecraft Tuesday.

I’m a big believer that the worst of human nature comes out in two places: on social media and on roundabouts

Tech these days

You have unlocked visual derision Taylor

Went to the #DBIR for the footnotes. Was not disappointed.

Some good takeaways from @huntress.com’s recent Tradecraft Tuesday ft. Patrick Wardle: -The impact of Apple bringing TCC events to Endpoint Security -#Mac malware persistence techniques vs BTM -Security alert inundation for #macOS users Catch up here⤵️ www.huntress.com/blog/say-hel...

So a ransomware attack on the federal public defender's office in Phoenix has delayed the trial of Donald Day, Jr, who is accused of inciting the unprecedented fundamentalist Christian terrorist attack in Wieambilla, Australia, in 2022. www.azfamily.com/2025/04/23/t...

What’s the going rate for the tooth fairy these days?

Post-exploitation activity we found for *that* critical-severity CrushFTP flaw: -MeshAgent installs ➡️ non admin users to local administrators groups -AnyDesk RMM installs ➡️ credential harvesting -Telegram bot malware 🤖

👀 woah... Google announces Sec-Gemini v1, a new experimental cybersecurity model security.googleblog....

hear hear

For the last few days we are also scanning & reporting out exposed Ingress NGINX Controller for Kubernetes (Admission Controller feature). These may possibly be also vulnerable to CVE-2025-1974 & other recently disclosed vulnerabilities. We see around 4000 IPs exposed.

Parenthood is judging people for sending their kids to daycare with a cough, and then sending your kid to daycare with a cough the next day

Pi day was Friday and St. Patrick’s day is Monday… therefore I made Shepard’s Pie

a cybersecurity bracket looking at red team tools? Count me in.

🚨 The 2025 Ultimate Red Team Tool Showdown is here! 🚨 We’re putting the top offensive security tools head-to-head, but only ONE will take the crown. And it’s all up to YOU! Check out the full bracket & cast your votes: bishopfox.com/redteam-tool...

Garantex, a major Russian cashout point for dirty cryptocurrency of all kinds in recent years, is currently down with a law enforcement seizure notice.

The only good thing about Zero Day on Netflix is that I got to explain to my husband what a zero-day flaw is

Smishers be smishing.

The FTC emailed almost 3.7 million Avast customers who bought the company's antivirus and are now entitled to refunds due to the company illegally selling their data. Claim it quick before Musk takes this FTC division down 🤣 www.ftc.gov/news-events/...

Is this still gonna happen? www.fcc.gov/CyberTrustMark

Highly do not recommend running 13.1 miles after couch potato-ing for 3 months

New Englanders emerging from their homes when the weather reaches 40 degrees

Boston, whatcha up to March 1-2?

Ai broke hiring. From chatgpt answer generators to North Korean spies. Gonna get worse before it gets better. youtu.be/oLnX9ZfzAv4?...

Decipher forever and ever

One year on, what systemic fixes have been undertaken by whom. - Last I heard, most industry groups are cool with things as is - HHS seemed like they might try to step up, but didn't - CISA went quiet on helping healthcare after the COVID Task Force was disbanded - A few Congressional proposals

Severance Reddit sleuths > Lost Reddit sleuths

Good overview from @talosintelligence.com on what is happening with Volt Typhoon in the Telco Infrastructure.

Just realized the Change Healthcare ransomware attack was first detected a year ago (Feb. 21, 2024) Here are the aspects of the attack that I'm still thinking about a year later duo.com/decipher/nat...

A coordinated international law enforcement action last week has led to the arrest of four individuals leading the 8Base #ransomware group www.europol.europa.eu/media-press/...