jamesejr
@jamesejr.com
Security Engineer @ Discord. Detection & Response Engineering. Previously @ Cloudflare.
Technology, food, travel, and photography. https://jamesejr.com
Technology, food, travel, and photography. https://jamesejr.com
Reposted by jamesejr
NEW: Cellebrite, maker of phone unlocking tech, to buy mobile testing startup Corellium for $170 million.
Phone unlocking firm Cellebrite to acquire mobile testing startup Corellium for $170M | TechCrunch
Cellebrite said the deal will help with the "accelerated identification of mobile vulnerabilities and exploits."
techcrunch.com
June 5, 2025 at 12:47 PM
NEW: Cellebrite, maker of phone unlocking tech, to buy mobile testing startup Corellium for $170 million.
Reposted by jamesejr
Yuck. Meta apps listen on localhost on Android so that tracking scripts can talk to apps, and Meta can monitor your browsing and tie it to identity. Why is that allowed? www.theregister.com/2025/06/03/m...
Meta Pixel halts Android localhost tracking after disclosure
: Zuckercorp and Yandex used localhost loophole to tie browser data to app users, say boffins
www.theregister.com
June 4, 2025 at 1:47 AM
Yuck. Meta apps listen on localhost on Android so that tracking scripts can talk to apps, and Meta can monitor your browsing and tie it to identity. Why is that allowed? www.theregister.com/2025/06/03/m...
Reposted by jamesejr
For those leaving Meta apps and services: if you’re looking for a What’s App alternative, download Signal.
Safe & secure: signal.org/download/
Safe & secure: signal.org/download/
Download Signal
Download Signal for Android, iOS, Linux, macOS, and Windows.
signal.org
January 25, 2025 at 8:02 AM
For those leaving Meta apps and services: if you’re looking for a What’s App alternative, download Signal.
Safe & secure: signal.org/download/
Safe & secure: signal.org/download/
Reposted by jamesejr
Some data breaches include novel information about us, are the result of particularly noteworthy security flaws, or are just so massive they’re impossible to ignore. Here’s EFF’s list of some of the most egregious data breaches of 2024.
The Breachies 2024: The Worst, Weirdest, Most Impactful Data Breaches of the Year
Privacy isn’t dead. While some information about you is almost certainly out there, that’s no reason for despair. In fact, it’s a good reason to take action.
www.eff.org
January 12, 2025 at 5:04 PM
Some data breaches include novel information about us, are the result of particularly noteworthy security flaws, or are just so massive they’re impossible to ignore. Here’s EFF’s list of some of the most egregious data breaches of 2024.
Resharing for reaaaaachhh! 🙌🏽🚀
I'm trying to bring together a starter pack of women in tech but they are much tougher to find and the ones I followed on X are not all there yet 👀
Who should I add in? 👋
go.bsky.app/KhpT4TM
Who should I add in? 👋
go.bsky.app/KhpT4TM
November 27, 2024 at 8:19 AM
Resharing for reaaaaachhh! 🙌🏽🚀
Reposted by jamesejr
DualCore and I spoke at the Red Team Village this year. Here are the slides. QR code with link to gist with all the reference links on last page. Unfortunately it wasn't recorded.
docs.google.com/presentation...
#redteam #purpleteam #redteamvillage
docs.google.com/presentation...
#redteam #purpleteam #redteamvillage
Modern Red Teaming: macOS, K8s, and Cloud - RTV 24 (Public)
Modern Red Teaming: macOS, K8s, and Cloud Carnal0wnage int0x80
docs.google.com
November 24, 2024 at 7:35 PM
DualCore and I spoke at the Red Team Village this year. Here are the slides. QR code with link to gist with all the reference links on last page. Unfortunately it wasn't recorded.
docs.google.com/presentation...
#redteam #purpleteam #redteamvillage
docs.google.com/presentation...
#redteam #purpleteam #redteamvillage
Why did I wait so long to do this? 🤷🏽♂️ I've had a super old Evernote account that I stopped using a long time ago. I finally exported everything out and closed my account! I've been using Standard Notes (but lately eyeing Notesnook). Check them out!
standardnotes.com
notesnook.com
#Security #Privacy
standardnotes.com
notesnook.com
#Security #Privacy
November 24, 2024 at 5:04 AM
Why did I wait so long to do this? 🤷🏽♂️ I've had a super old Evernote account that I stopped using a long time ago. I finally exported everything out and closed my account! I've been using Standard Notes (but lately eyeing Notesnook). Check them out!
standardnotes.com
notesnook.com
#Security #Privacy
standardnotes.com
notesnook.com
#Security #Privacy
Reposted by jamesejr
Russian spies—likely Russia's GRU intelligence agency—used a new trick to hack a victim in Washington, DC: They remotely infected another network in a building across the street, hijacked a laptop there, then breached the target organization via its Wifi. www.wired.com/story/russia...
Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack
In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street.
www.wired.com
November 22, 2024 at 12:06 PM
Russian spies—likely Russia's GRU intelligence agency—used a new trick to hack a victim in Washington, DC: They remotely infected another network in a building across the street, hijacked a laptop there, then breached the target organization via its Wifi. www.wired.com/story/russia...
Wouldn't have it any other way... 🤣
November 22, 2024 at 1:45 AM
Wouldn't have it any other way... 🤣
Reposted by jamesejr
Det. Eng. Weekly Issue 93 is live! https://buff.ly/3UWj3xG
* 💎 by Andrew VanVleet on resiliency in your detection stack
* @anton1chuvakin.bsky.social on alert fatigue and reframing alert labeling to more than just false positives and true positives
(more in thread..)
* 💎 by Andrew VanVleet on resiliency in your detection stack
* @anton1chuvakin.bsky.social on alert fatigue and reframing alert labeling to more than just false positives and true positives
(more in thread..)
Det. Eng. Weekly #93 - Does a tangodown 3-peat count after a week off?
I take a week off publishing and a ransomware operator gets arrested, coincidence?
www.detectionengineering.net
November 20, 2024 at 2:12 PM
Det. Eng. Weekly Issue 93 is live! https://buff.ly/3UWj3xG
* 💎 by Andrew VanVleet on resiliency in your detection stack
* @anton1chuvakin.bsky.social on alert fatigue and reframing alert labeling to more than just false positives and true positives
(more in thread..)
* 💎 by Andrew VanVleet on resiliency in your detection stack
* @anton1chuvakin.bsky.social on alert fatigue and reframing alert labeling to more than just false positives and true positives
(more in thread..)
😱 yikes, this is wild! Great read and investigation!
November 20, 2024 at 8:06 AM
😱 yikes, this is wild! Great read and investigation!
Mercury Cafe in SF is vibes ☕🤌🏽 places like this make me miss Chicago's Jupiter Outpost, which sadly closed permanently. What coffee shops do you frequent, #sanfrancisco?
November 17, 2024 at 8:42 PM
Mercury Cafe in SF is vibes ☕🤌🏽 places like this make me miss Chicago's Jupiter Outpost, which sadly closed permanently. What coffee shops do you frequent, #sanfrancisco?
👏🏽 Awesome! Happy to see this.
Signal just released a ton of new call features that would be perfect for organizing, hint hint.
signal.org/blog/call...
signal.org/blog/call...
Improving Private Signal Calls: Call Links & More
If you love group calls on Signal, but don’t want to create a group chat for every combination of your friends or colleagues, you’re in luck. Today we’re launching call links: Share a link with anyone on Signal and in just a tap or click they can join the call. No group chat required.
signal.org
November 11, 2024 at 7:09 PM
👏🏽 Awesome! Happy to see this.
"The secret of happiness is freedom, and the secret of freedom is courage." - Thucydides
Happy Veterans Day! 🇺🇸 Thank you for your service and sacrifice. 🙏🏽
Happy Veterans Day! 🇺🇸 Thank you for your service and sacrifice. 🙏🏽
November 11, 2024 at 3:54 PM
"The secret of happiness is freedom, and the secret of freedom is courage." - Thucydides
Happy Veterans Day! 🇺🇸 Thank you for your service and sacrifice. 🙏🏽
Happy Veterans Day! 🇺🇸 Thank you for your service and sacrifice. 🙏🏽
🎉 Loveee to see that! It's the little things that do it for me 😅
Bluesky profiles now display on GitHub! 🦋
Skies looking pretty blue @github.com now 😎
November 2, 2024 at 7:59 AM
🎉 Loveee to see that! It's the little things that do it for me 😅
Reposted by jamesejr
The Microsoft team found SOHO routers manufactured by TP-Link made up most of a covert network of compromised devices used for Storm-0940 hacking operations. They exploit a vulnerability in the routers to gain remote code execution capability for a botnet
www.microsoft.com/en-us/securi...
www.microsoft.com/en-us/securi...
Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network | Microsoft Security Blog
Since August 2023, Microsoft has observed intrusion activity targeting and successfully stealing credentials from multiple Microsoft customers that is enabled by highly evasive password spray attacks....
www.microsoft.com
November 1, 2024 at 2:42 PM
The Microsoft team found SOHO routers manufactured by TP-Link made up most of a covert network of compromised devices used for Storm-0940 hacking operations. They exploit a vulnerability in the routers to gain remote code execution capability for a botnet
www.microsoft.com/en-us/securi...
www.microsoft.com/en-us/securi...
Reposted by jamesejr
This account @andygreenberg.bsky.social appears to be impersonating me and spamming/scamming people. Please report!
October 28, 2024 at 3:53 PM
This account @andygreenberg.bsky.social appears to be impersonating me and spamming/scamming people. Please report!
Ah, la dolce vita 🇮🇹 take me back! Missing my slow and simple mornings ☕ 🥐 can't wait to visit again!
#italy #travel #photography #fujifilm #x100v
#italy #travel #photography #fujifilm #x100v
October 27, 2024 at 10:24 PM
Ah, la dolce vita 🇮🇹 take me back! Missing my slow and simple mornings ☕ 🥐 can't wait to visit again!
#italy #travel #photography #fujifilm #x100v
#italy #travel #photography #fujifilm #x100v
Soo... I've been rocking @grapheneos.org for several months now (longgggg time iOS user) and wish I would have transitioned a long time ago! I'm by no means perfect, but taking baby steps has been kinda fun! 🤓
#security #privacy
#security #privacy
October 25, 2024 at 4:55 AM
Soo... I've been rocking @grapheneos.org for several months now (longgggg time iOS user) and wish I would have transitioned a long time ago! I'm by no means perfect, but taking baby steps has been kinda fun! 🤓
#security #privacy
#security #privacy
Reposted by jamesejr
