Ron Bowes
@iagox86.bsky.social
Principal Security Researcher at GreyNoise. https://skullsecurity.org
Mostly post about work stuff, maybe some improv stuff and maybe even magic some day. Seattle-based (originally Canadian), queer, cybersecurity nerd.
(He/him)
Mostly post about work stuff, maybe some improv stuff and maybe even magic some day. Seattle-based (originally Canadian), queer, cybersecurity nerd.
(He/him)
Reposted by Ron Bowes
Not sure who made this, but probably the most accurate representation of the current state of tech to date
November 20, 2025 at 10:59 PM
Not sure who made this, but probably the most accurate representation of the current state of tech to date
Reposted by Ron Bowes
We now have a (draft) @metasploit-r7.bsky.social exploit module for the recent Fortinet FortiWeb vulns, chaining CVE-2025-64446 (auth bypass) + CVE-2025-58034 (command injection) to achieve unauthenticated RCE with root privileges: github.com/rapid7/metas...
November 21, 2025 at 1:29 PM
We now have a (draft) @metasploit-r7.bsky.social exploit module for the recent Fortinet FortiWeb vulns, chaining CVE-2025-64446 (auth bypass) + CVE-2025-58034 (command injection) to achieve unauthenticated RCE with root privileges: github.com/rapid7/metas...
Reposted by Ron Bowes
Grok has been reprogrammed to say Musk is better than everyone at everything, including blowjobs, piss drinking, playing quarterback, conquering Europe, etc.
Elon Musk Could 'Drink Piss Better Than Any Human in History,' Grok Says
Grok has been reprogrammed to say Musk is better than everyone at everything, including blowjobs, piss drinking, playing quarterback, conquering Europe, etc.
www.404media.co
November 20, 2025 at 10:15 PM
Grok has been reprogrammed to say Musk is better than everyone at everything, including blowjobs, piss drinking, playing quarterback, conquering Europe, etc.
Who's in Montreal for #Suricon? I'm there speaking and representing @greynoise.io! Come say hi!
We also have a very limited special giveaway. Pro tip: if people ask me for it then I don't have to work to give them away, so if you want a cool prototype thing then just ask!
We also have a very limited special giveaway. Pro tip: if people ask me for it then I don't have to work to give them away, so if you want a cool prototype thing then just ask!
November 18, 2025 at 6:39 PM
Who's in Montreal for #Suricon? I'm there speaking and representing @greynoise.io! Come say hi!
We also have a very limited special giveaway. Pro tip: if people ask me for it then I don't have to work to give them away, so if you want a cool prototype thing then just ask!
We also have a very limited special giveaway. Pro tip: if people ask me for it then I don't have to work to give them away, so if you want a cool prototype thing then just ask!
Reposted by Ron Bowes
EU sanctioned Stark Industries in May. Leaked docs gave them 12 days warning.
Result: ASN shuffle, rebrand to THE.Hosting. Corporate shells changed, network behavior didn't.
We tracked it: AS44477→AS209847. Packets don't lie.
Result: ASN shuffle, rebrand to THE.Hosting. Corporate shells changed, network behavior didn't.
We tracked it: AS44477→AS209847. Packets don't lie.
The Stark Industries Shell Game - When Bulletproof Hosting Proves Bulletproof
EU sanctions hit Stark Industries in May 2025. GreyNoise data shows how the group quietly rebranded to THE.Hosting and kept its malicious infrastructure running.
www.greynoise.io
November 17, 2025 at 8:56 PM
EU sanctioned Stark Industries in May. Leaked docs gave them 12 days warning.
Result: ASN shuffle, rebrand to THE.Hosting. Corporate shells changed, network behavior didn't.
We tracked it: AS44477→AS209847. Packets don't lie.
Result: ASN shuffle, rebrand to THE.Hosting. Corporate shells changed, network behavior didn't.
We tracked it: AS44477→AS209847. Packets don't lie.
Reposted by Ron Bowes
Hey Canada, we're packed up + headed to #SuriCon25! 🇨🇦 Check out our booth and don't miss @ntkramer.bsky.social + @iagox86.bsky.social talk ...and if you happen to run into them or @hrbrmstr.dev around the con, they might have something special for you 🥧...
November 17, 2025 at 6:23 PM
Hey Canada, we're packed up + headed to #SuriCon25! 🇨🇦 Check out our booth and don't miss @ntkramer.bsky.social + @iagox86.bsky.social talk ...and if you happen to run into them or @hrbrmstr.dev around the con, they might have something special for you 🥧...
Reposted by Ron Bowes
The emus are performing arcane summoning rituals in the backyard again.
(This seems particularly appropriate to share today, in response to @tkingfisher.com's recent D&D emu adventures)
(This seems particularly appropriate to share today, in response to @tkingfisher.com's recent D&D emu adventures)
May 6, 2025 at 4:46 PM
The emus are performing arcane summoning rituals in the backyard again.
(This seems particularly appropriate to share today, in response to @tkingfisher.com's recent D&D emu adventures)
(This seems particularly appropriate to share today, in response to @tkingfisher.com's recent D&D emu adventures)
Every week or so, the preview that is didn't ask for, don't use, and don't want expires.
After nearly 10 years, all I can think of is how much I miss the old Duolingo
After nearly 10 years, all I can think of is how much I miss the old Duolingo
November 14, 2025 at 5:25 AM
Every week or so, the preview that is didn't ask for, don't use, and don't want expires.
After nearly 10 years, all I can think of is how much I miss the old Duolingo
After nearly 10 years, all I can think of is how much I miss the old Duolingo
Reposted by Ron Bowes
🚨 GreyNoise for @microsoft.com Sentinel is here!
Filter out internet background noise automatically. Focus on real threats.
#MicrosoftSentinel #AppAssure
🔗 techcommunity.microsoft.com/blog/Microso...
Filter out internet background noise automatically. Focus on real threats.
#MicrosoftSentinel #AppAssure
🔗 techcommunity.microsoft.com/blog/Microso...
November 13, 2025 at 4:02 PM
🚨 GreyNoise for @microsoft.com Sentinel is here!
Filter out internet background noise automatically. Focus on real threats.
#MicrosoftSentinel #AppAssure
🔗 techcommunity.microsoft.com/blog/Microso...
Filter out internet background noise automatically. Focus on real threats.
#MicrosoftSentinel #AppAssure
🔗 techcommunity.microsoft.com/blog/Microso...
Reposted by Ron Bowes
For folks (and journalists) who want to search the Oversight Committee email texts, I made a database for searching the 20k text files:
splendorous-chaja-f79791.netlify.app
splendorous-chaja-f79791.netlify.app
Epstein Document Search
splendorous-chaja-f79791.netlify.app
November 13, 2025 at 1:12 AM
For folks (and journalists) who want to search the Oversight Committee email texts, I made a database for searching the 20k text files:
splendorous-chaja-f79791.netlify.app
splendorous-chaja-f79791.netlify.app
Reposted by Ron Bowes
The Jokers of Magic return in 2026 with dates in January and March! See tour dates and ticket links at…
The Jokers of Magic
Experience The Jokers of Magic live! Comedy magicians from America's Got Talent, Penn & Teller's Fool Us & SNL. Tour dates across the US in 2026.
www.jokersofmagic.com
November 12, 2025 at 10:54 AM
The Jokers of Magic return in 2026 with dates in January and March! See tour dates and ticket links at…
Marriott cancelled my Sonder booking (due to bankruptcy or something) and I'm having to jump through loops for a refund.. pretty sure this is what Chargebacks are for but that feels like the nuclear option
Also this means I have less than a week to re-book my stay in Montreal...
Also this means I have less than a week to re-book my stay in Montreal...
November 10, 2025 at 5:41 PM
Marriott cancelled my Sonder booking (due to bankruptcy or something) and I'm having to jump through loops for a refund.. pretty sure this is what Chargebacks are for but that feels like the nuclear option
Also this means I have less than a week to re-book my stay in Montreal...
Also this means I have less than a week to re-book my stay in Montreal...
Reposted by Ron Bowes
Reposted by Ron Bowes
@aminal_crossing on ig was banned for posting this
November 6, 2025 at 9:15 PM
@aminal_crossing on ig was banned for posting this
Reposted by Ron Bowes
We’ve launched At The Edge, a weekly brief for GreyNoise customers highlighting shifts in attacker behavior seen across the Global Observation Grid (GOG).
Human-led analysis that turns internet noise into insight defenders can act on.
#ThreatIntel #GreyNoise
Human-led analysis that turns internet noise into insight defenders can act on.
#ThreatIntel #GreyNoise
November 6, 2025 at 3:00 PM
We’ve launched At The Edge, a weekly brief for GreyNoise customers highlighting shifts in attacker behavior seen across the Global Observation Grid (GOG).
Human-led analysis that turns internet noise into insight defenders can act on.
#ThreatIntel #GreyNoise
Human-led analysis that turns internet noise into insight defenders can act on.
#ThreatIntel #GreyNoise
Reposted by Ron Bowes
We deployed MCP honeypots to understand how threat actors engage with AI middleware exposed to the internet. What we observed was unexpected. Full analysis ⬇️
#GreyNoise #AI #AISecurity #MCP #MCPSecurity #Cybersecurity #ThreatIntel
#GreyNoise #AI #AISecurity #MCP #MCPSecurity #Cybersecurity #ThreatIntel
What GreyNoise Learned from Deploying MCP Honeypots
GreyNoise deployed MCP honeypots to see what happens when AI middleware meets the open internet — revealing how attackers interact with this new layer of AI infrastructure.
www.greynoise.io
November 5, 2025 at 7:15 PM
We deployed MCP honeypots to understand how threat actors engage with AI middleware exposed to the internet. What we observed was unexpected. Full analysis ⬇️
#GreyNoise #AI #AISecurity #MCP #MCPSecurity #Cybersecurity #ThreatIntel
#GreyNoise #AI #AISecurity #MCP #MCPSecurity #Cybersecurity #ThreatIntel
Reposted by Ron Bowes
GreyNoise has observed a surge in PHP exploitation activity since late summer — now peaking as attackers deploy cryptominers at scale. Full analysis ⬇️ #GreyNoise #PHP #ThreatIntel
PHP Cryptomining Campaign: October/November 2025
From Aug–Oct 2025, GreyNoise observed a surge in exploitation attempts against PHP and PHP-based frameworks as attackers deployed cryptominers—driven by rising Bitcoin prices and higher mining payoffs...
www.greynoise.io
November 4, 2025 at 4:36 PM
GreyNoise has observed a surge in PHP exploitation activity since late summer — now peaking as attackers deploy cryptominers at scale. Full analysis ⬇️ #GreyNoise #PHP #ThreatIntel
Reposted by Ron Bowes
Headed to #FalConEurope2025 this week? Come by booth 45 and chat with the team. On Wednesday, continue the conversation at our joint happy hour with Cribl + NetBuilder from 7-?? at Nobu Barcelona, sign up today! ⬇️
GreyNoise - Dinner and Drinks at Fal.Con
Join GreyNoise, Cribl, and Netbuilder on Wednesday, 5 November, for dinner and drinks after a long day at Fal.Con Europe.
info.greynoise.io
November 3, 2025 at 6:40 PM
Headed to #FalConEurope2025 this week? Come by booth 45 and chat with the team. On Wednesday, continue the conversation at our joint happy hour with Cribl + NetBuilder from 7-?? at Nobu Barcelona, sign up today! ⬇️
Reposted by Ron Bowes
turned this on to highlight spam accounts and I’m learning a lot about who has insomnia and/or posts when they get up to pee in the middle of the night
bsky.app
November 2, 2025 at 7:18 PM
turned this on to highlight spam accounts and I’m learning a lot about who has insomnia and/or posts when they get up to pee in the middle of the night
Reposted by Ron Bowes
Happy Halloween from your fave GreyNerds 🍬🍫
October 31, 2025 at 9:21 PM
Happy Halloween from your fave GreyNerds 🍬🍫
Reposted by Ron Bowes
Tune in for a very spooky GreyNoise University LIVE, tomorrow October 30th @ 12 ET. Sign up today, if you dare! 🕸️
GreyNoise University LIVE
www.greynoise.io
October 29, 2025 at 3:56 PM
Tune in for a very spooky GreyNoise University LIVE, tomorrow October 30th @ 12 ET. Sign up today, if you dare! 🕸️
Reposted by Ron Bowes
We derestricted crbug.com/382005099 today which might just be my favorite bug of the last few years: bad interaction between WebAudio changing the CPU's handling of floats and V8 not expecting that. See crbug.com/382005099#co... for a PoC exploit. Also affected other browsers
October 29, 2025 at 2:27 PM
We derestricted crbug.com/382005099 today which might just be my favorite bug of the last few years: bad interaction between WebAudio changing the CPU's handling of floats and V8 not expecting that. See crbug.com/382005099#co... for a PoC exploit. Also affected other browsers
Reposted by Ron Bowes
Sent to me by an associate, confirmed true on multiple accounts.
Note: This is hidden in Android app and needs to be addressed from desktop webapp.
Note: This is hidden in Android app and needs to be addressed from desktop webapp.
October 27, 2025 at 8:34 PM
Sent to me by an associate, confirmed true on multiple accounts.
Note: This is hidden in Android app and needs to be addressed from desktop webapp.
Note: This is hidden in Android app and needs to be addressed from desktop webapp.
Reposted by Ron Bowes
TLDR; The PSF has made the decision to put our community and our shared diversity, equity, and inclusion values ahead of seeking $1.5M in new revenue. Please read and share. pyfound.blogspot.com/2025/10/NSF-...
🧵
🧵
The official home of the Python Programming Language
www.python.org
October 27, 2025 at 2:47 PM
TLDR; The PSF has made the decision to put our community and our shared diversity, equity, and inclusion values ahead of seeking $1.5M in new revenue. Please read and share. pyfound.blogspot.com/2025/10/NSF-...
🧵
🧵
Reposted by Ron Bowes
Ron (@iagox86.bsky.social) and I are presenting at #Suricon (Montreal) next month! If you're around, you'll definitely want to find us for some sweet swag (oh, and our talk is pretty cool too!).
suricon.net/agenda-m...
suricon.net/agenda-m...
October 21, 2025 at 2:37 PM
Ron (@iagox86.bsky.social) and I are presenting at #Suricon (Montreal) next month! If you're around, you'll definitely want to find us for some sweet swag (oh, and our talk is pretty cool too!).
suricon.net/agenda-m...
suricon.net/agenda-m...