Think you understand how LLMs work? You might be surprised. 😳 In his latest blog post, @blaisebrignac.bsky.social explains the history, challenges, and attack primitives that make securing AI systems such an extreme challenge. Read more: ghst.ly/497pxl0

In Part 1 of my Intune Attack Paths series, I discuss the fundamental components and mechanics of Intune that lead to the emergence of attack paths: posts.specterops.io/intune-attac...

Been working on @dreadnode.bsky.social's Crucible AI CTF and just completed the "What's the flag #6" challenge. Such a fun time! Everyone in chat had a great time providing suggestions. Hats off to the CTF authors, they did a fantastic job! www.youtube.com/live/YTZft0L...

CVE-2023-34990 🤦‍♂️🤦‍♂️

Die Hard is a Harry Potter prequel about Snape's origin story.

being a network engineer

They got the goods, then let their newbies come in to get hands-on experience. Plot twist, experienced operators had a betting pool to see how long till they got detected.

Oh by the way

Using the EDR against itself.

Not to besmirch training courses, but you CAN find the information on blogs all over the Internet. The main benefit to a training course is the organization of the material and the order of presentation. Trying to learn a subject without a dependency order is way harder.

This is pretty sick, and if you have a dedicated cracking rig def worth a try, especially if your pentest is unauthenticated. The chances of cracking a machine account are exceptionally low, maybe 1%, so I wouldn't fire this off in AWS cracking.

Today, I'm thankful I was turned down from my dream job last year. I was crushed and honestly pretty pissed, so I decided to work even harder and learn as much as possible about red teaming. Big shout out to @rastamouse.me for his material at Zero Point Security.