Ron Bowes
@iagox86.bsky.social
Principal Security Researcher at GreyNoise. https://skullsecurity.org
Mostly post about work stuff, maybe some improv stuff and maybe even magic some day. Seattle-based (originally Canadian), queer, cybersecurity nerd.
(He/him)
Mostly post about work stuff, maybe some improv stuff and maybe even magic some day. Seattle-based (originally Canadian), queer, cybersecurity nerd.
(He/him)
Days since somebody dropped a huge 0-day on the oss-security mailing list: 0
seclists.org/oss-sec/2026...
seclists.org/oss-sec/2026...
oss-sec: GNU InetUtils Security Advisory: remote authentication by-pass in telnetd
seclists.org
January 20, 2026 at 8:41 PM
Days since somebody dropped a huge 0-day on the oss-security mailing list: 0
seclists.org/oss-sec/2026...
seclists.org/oss-sec/2026...
This is a realllllllll bad vuln (thankfully, I don't think a ton of people use inetutils telnet): infosec.exchange/@iagox86/115...
GreyNoise tag: viz.greynoise.io/tags/inetuti...
GreyNoise tag: viz.greynoise.io/tags/inetuti...
Ron Bowes (@iagox86@infosec.exchange)
@raptor Confirmed that that works between two containers, wild!
```
$ podman run --network lab --rm -it ubuntu bash
...
$ apt update && apt-get install inetutils-telnetd telnet
$ sed -i 's/#<off># te...
infosec.exchange
January 20, 2026 at 8:37 PM
This is a realllllllll bad vuln (thankfully, I don't think a ton of people use inetutils telnet): infosec.exchange/@iagox86/115...
GreyNoise tag: viz.greynoise.io/tags/inetuti...
GreyNoise tag: viz.greynoise.io/tags/inetuti...
Reposted by Ron Bowes
I just woke up from a nap and somehow while I was asleep, everyone on the bus has figured out we are not going to the right place
January 20, 2026 at 1:57 AM
I just woke up from a nap and somehow while I was asleep, everyone on the bus has figured out we are not going to the right place
Reposted by Ron Bowes
If you're a soldier in the 11th Airborne Division being ordered to prep for deployment to Minnesota or Greenland, remember that you have the right to apply for conscientious objector status.
Call the GI Bill Rights hotline: 1-877-447-4487
Call the GI Bill Rights hotline: 1-877-447-4487
January 19, 2026 at 7:23 PM
If you're a soldier in the 11th Airborne Division being ordered to prep for deployment to Minnesota or Greenland, remember that you have the right to apply for conscientious objector status.
Call the GI Bill Rights hotline: 1-877-447-4487
Call the GI Bill Rights hotline: 1-877-447-4487
Reposted by Ron Bowes
Have you ever tried to find JSON Web Token (JWT) bugs?
5 ideas to try 👇
5 ideas to try 👇
January 19, 2026 at 3:11 PM
Have you ever tried to find JSON Web Token (JWT) bugs?
5 ideas to try 👇
5 ideas to try 👇
Oh no, what did @obsidian.md do to their UI?? I liked the UI so much and now it's suddenly all liquid glass-y with things workout hovering and I hate it :-(
January 16, 2026 at 6:27 AM
Oh no, what did @obsidian.md do to their UI?? I liked the UI so much and now it's suddenly all liquid glass-y with things workout hovering and I hate it :-(
Reposted by Ron Bowes
Chimps are sticking grass and sticks in their butts, seemingly as a fashion trend www.cbc.ca/radio/asitha...
Chimps are sticking grass and sticks in their butts, seemingly as a fashion trend | CBC Radio
A group of chimpanzees in Zambia have resurrected an old fashion trend with a surprising new twist.
www.cbc.ca
January 15, 2026 at 2:34 PM
Chimps are sticking grass and sticks in their butts, seemingly as a fashion trend www.cbc.ca/radio/asitha...
Reposted by Ron Bowes
Important question for software developers: what do you wish you knew more about in regard to creating more secure software? If you could suddenly know something, like Neo in the matrix, what would it be?
I will see if I can help.
I will see if I can help.
January 14, 2026 at 11:29 PM
Important question for software developers: what do you wish you knew more about in regard to creating more secure software? If you could suddenly know something, like Neo in the matrix, what would it be?
I will see if I can help.
I will see if I can help.
Reposted by Ron Bowes
I'm no political savant but I feel like when one side is openly terrorizing and killing its citizens the other side should find it pretty easy to win.
January 12, 2026 at 6:42 PM
I'm no political savant but I feel like when one side is openly terrorizing and killing its citizens the other side should find it pretty easy to win.
Reposted by Ron Bowes
New on the GreyNoise blog: We borrow from some unexpected fields, enzyme kinetics, species biodiversity models, astrophotography, to understand internet-wide scanning activity and measure what we might be missing.
#GreyNoise #Cybersecurity
#GreyNoise #Cybersecurity
Filtering Noise in (Cyber)Space
Dive into the scientific methods GreyNoise uses to separate internet noise from real threats, providing defenders a clearer, more accurate view of malicious activity.
www.greynoise.io
January 12, 2026 at 9:14 PM
New on the GreyNoise blog: We borrow from some unexpected fields, enzyme kinetics, species biodiversity models, astrophotography, to understand internet-wide scanning activity and measure what we might be missing.
#GreyNoise #Cybersecurity
#GreyNoise #Cybersecurity
Great place to work!
🚨 We are hiring across sales, alliances, and customer experience for our US + EMEA teams 🌍
See a role you'd crush? We would love to hear from you!
👉 Apply now: greynoise.io/careers
#hiring #cybersecuritycareers
See a role you'd crush? We would love to hear from you!
👉 Apply now: greynoise.io/careers
#hiring #cybersecuritycareers
January 12, 2026 at 4:45 PM
Great place to work!
Reposted by Ron Bowes
Since we’re doing starter packs again, here’s @patrickhowelloneill.com’s list of cybersecurity and information security folks
go.bsky.app/JvFS98y
go.bsky.app/JvFS98y
January 11, 2026 at 3:16 PM
Since we’re doing starter packs again, here’s @patrickhowelloneill.com’s list of cybersecurity and information security folks
go.bsky.app/JvFS98y
go.bsky.app/JvFS98y
Reposted by Ron Bowes
Reposted by Ron Bowes
GreyNoise analyzed activity targeting exposed Ollama and LLM infrastructure, identifying SSRF abuse attempts and large-scale probing of LLM model endpoints.
#GreyNoise #ThreatIntelligence #LLMSecurity
#GreyNoise #ThreatIntelligence #LLMSecurity
Threat Actors Actively Targeting LLMs
Our Ollama honeypot infrastructure captured 91,403 attack sessions between October 2025 and January 2026. Buried in that data: two distinct campaigns that reveal how threat actors are systematically m...
www.greynoise.io
January 8, 2026 at 7:58 PM
GreyNoise analyzed activity targeting exposed Ollama and LLM infrastructure, identifying SSRF abuse attempts and large-scale probing of LLM model endpoints.
#GreyNoise #ThreatIntelligence #LLMSecurity
#GreyNoise #ThreatIntelligence #LLMSecurity
Reposted by Ron Bowes
Ransomware starts with reconnaissance: we observed a recent large-scale scanning campaign validating exploitable systems, data that feeds the initial access market and shows up later in real attacks. 🕵️♀️
#GreyNoise #Ransomware #InitialAccess #IAB #Recon
#GreyNoise #Ransomware #InitialAccess #IAB #Recon
The Ransomware Ground Game: How A Christmas Scanning Campaign Will Fuel 2026 Attacks
Over four days in December, one operator scanned the internet with 240+ exploits, logging confirmed vulnerabilities that could power targeted intrusions in 2026.
www.greynoise.io
January 8, 2026 at 3:03 PM
Ransomware starts with reconnaissance: we observed a recent large-scale scanning campaign validating exploitable systems, data that feeds the initial access market and shows up later in real attacks. 🕵️♀️
#GreyNoise #Ransomware #InitialAccess #IAB #Recon
#GreyNoise #Ransomware #InitialAccess #IAB #Recon
Reposted by Ron Bowes
I've gotta say.. playing SANS Holiday Hack Challenge (#hhc) this year and seeing that the entire thing was AI generated was so disappointing.. when I worked there, the human touch was the most important part. Now it's 100% slop.
I guess capitalism comes for everything eventually..
I guess capitalism comes for everything eventually..
December 31, 2025 at 4:47 PM
I've gotta say.. playing SANS Holiday Hack Challenge (#hhc) this year and seeing that the entire thing was AI generated was so disappointing.. when I worked there, the human touch was the most important part. Now it's 100% slop.
I guess capitalism comes for everything eventually..
I guess capitalism comes for everything eventually..
Reposted by Ron Bowes
Last year, I got to spend a day a day at Pachyderm Studios with The Cropdusters, documenting the creation of the album. Some of those shots made it into the liner notes. This fall, I shot some artwork for the album cover. It feels pretty wild to see my work on an album cover!
#PhotographersUnited
#PhotographersUnited
December 21, 2025 at 4:40 AM
Last year, I got to spend a day a day at Pachyderm Studios with The Cropdusters, documenting the creation of the album. Some of those shots made it into the liner notes. This fall, I shot some artwork for the album cover. It feels pretty wild to see my work on an album cover!
#PhotographersUnited
#PhotographersUnited
Reposted by Ron Bowes
Are you a security researcher or journalist? We want to hear from you — please take this survey!
Dissent Doe at DataBreaches.net, and yours truly at this.weekinsecurity.com, are running this survey to explore the state of legal demands and criminal threats in cybersecurity.
Dissent Doe at DataBreaches.net, and yours truly at this.weekinsecurity.com, are running this survey to explore the state of legal demands and criminal threats in cybersecurity.
Survey about legal and criminal threats experienced by journalists and security researchers
Researchers who try to responsibly disclose leaks, vulnerabilities, and other security breaches or mishaps may face legal threats or lawsuits. Similarly, journalists may find themselves threatened wit...
forms.gle
December 20, 2025 at 2:32 PM
Are you a security researcher or journalist? We want to hear from you — please take this survey!
Dissent Doe at DataBreaches.net, and yours truly at this.weekinsecurity.com, are running this survey to explore the state of legal demands and criminal threats in cybersecurity.
Dissent Doe at DataBreaches.net, and yours truly at this.weekinsecurity.com, are running this survey to explore the state of legal demands and criminal threats in cybersecurity.
As this year up and everybody is using AI to write emails and blog posts and readmes and basically everything else, and it's making the world feel so lonely. I miss human connections
December 20, 2025 at 12:00 AM
As this year up and everybody is using AI to write emails and blog posts and readmes and basically everything else, and it's making the world feel so lonely. I miss human connections
Reposted by Ron Bowes
See you all TOMORROW at 12ET for our last GreyNoise University LIVE of the year! ✨
GreyNoise University LIVE
www.greynoise.io
December 17, 2025 at 6:38 PM
See you all TOMORROW at 12ET for our last GreyNoise University LIVE of the year! ✨
Reposted by Ron Bowes
Update: Analyzing React2Shell payloads. Full breakdown from @hrbrmstr.dev 👇
#React2Shell #Nextjs #CVE202555182
#React2Shell #Nextjs #CVE202555182
React2Shell Payload Analysis: A Look at Selected Opportunistic and Possibly AI-
Over the past ~1.5 weeks, the React2Shell campaign has unleashed a flood of exploitation attempts targeting vulnerable React Server Components. Analyzing the payload size distribution across these att...
www.greynoise.io
December 17, 2025 at 4:36 PM
Update: Analyzing React2Shell payloads. Full breakdown from @hrbrmstr.dev 👇
#React2Shell #Nextjs #CVE202555182
#React2Shell #Nextjs #CVE202555182
Reposted by Ron Bowes
We keep adding to our lineup! Four shows, one night! Come see They Might Be Ghosts, Stay Silly, Fan / Friction. AND Servant of Two Maestros, this Wednesday at The Vermillion! It's free! What else are you doing on a Wednesday??
Please RSVP! partiful.com/e/cQTefmEPhH...
Please RSVP! partiful.com/e/cQTefmEPhH...
December 14, 2025 at 11:36 PM
We keep adding to our lineup! Four shows, one night! Come see They Might Be Ghosts, Stay Silly, Fan / Friction. AND Servant of Two Maestros, this Wednesday at The Vermillion! It's free! What else are you doing on a Wednesday??
Please RSVP! partiful.com/e/cQTefmEPhH...
Please RSVP! partiful.com/e/cQTefmEPhH...
What else are you gonna do on a Wednesday in #Seattle? Come see us!!
We keep adding to our lineup! Four shows, one night! Come see They Might Be Ghosts, Stay Silly, Fan / Friction. AND Servant of Two Maestros, this Wednesday at The Vermillion! It's free! What else are you doing on a Wednesday??
Please RSVP! partiful.com/e/cQTefmEPhH...
Please RSVP! partiful.com/e/cQTefmEPhH...
December 14, 2025 at 11:53 PM
What else are you gonna do on a Wednesday in #Seattle? Come see us!!
Reposted by Ron Bowes
Federal agencies now only have one more day to patch React2Shell bug #cybersecurity #hacking #news #infosec #security #technology #privacy
Federal agencies now only have one more day to patch React2Shell bug
Wide exploitation of the vulnerability known as React2Shell has prompted CISA to reduce the amount of time federal agencies have to patch the bug.
therecord.media
December 12, 2025 at 4:16 PM
Federal agencies now only have one more day to patch React2Shell bug #cybersecurity #hacking #news #infosec #security #technology #privacy