LP
LightNews LightNews
jotunvillur.bsky.social
LP
@jotunvillur.bsky.social
180 followers 50 following 30 posts
Ultrarunner with a powerlifting problem. Sometimes I do cybersecurity.
Posts Replies Media Videos
Reposted by LP
letswastetime.bsky.social
Threat hunting falls apart when your “docs” live in Slack threads.

Part 2 of the @thorcollective.bsky.social Dispatch Agentic Threat Hunting series covers the first step to scaling: put your hunts in a GitHub repo and give your AI bestie memory.

dispatch.thorcollective.com/p/agentic-th...
October 2, 2025 at 10:15 PM
jotunvillur.bsky.social
We at @thorcollective.bsky.social are waking you up before September ends, because a new Ask-a-Thrunt3r episode just dropped with:

2K subscriber milestone 🎉
15 baseline examples
The great data vs. data debate
Plus: Is Git the future of hunting collab?

🎧: dispatch.thorcollective.com/p/ask-a-thru...
Ask-a-Thrunt3r: September 2025 Recap 🐏
Mainly ramblings. And maybe some wisdom.
dispatch.thorcollective.com
October 1, 2025 at 4:26 AM
jotunvillur.bsky.social
You can’t find weird if you don’t know normal.

@thorcollective.bsky.social
just dropped 10 baseline hunts you can shine in the dark parts of your env and magnify the adversaries from the noise.

Join us for all the thrunting 👉: open.substack.com/pub/thorcoll...

#threathunting #infosec
September 23, 2025 at 8:51 PM
Reposted by LP
letswastetime.bsky.social
Cybersecurity needs more than hackers in hoodies.

In this week’s @thorcollective.bsky.social Dispatch, Courtney Shar shares how project management skills like risk alignment, process design, and team coordination directly strengthen security programs.

👉 dispatch.thorcollective.com/p/beyond-hac...
dispatch.thorcollective.com
September 16, 2025 at 3:15 PM
jotunvillur.bsky.social
🚨 Think your browser extensions are harmless?

Join @johntuckner.me for @thorcollective.bsky.social
and learn how to hunt the dangerous ones before they hunt you:

thorcollective.substack.com/p/even-if-ma...

#cybersecurity #infosec #threathunting #thrunting
Even if many plugins are fine, the bad ones are BAD
Sydney recently wrote a great piece about extensions and hunting for IDE plugins.
thorcollective.substack.com
September 12, 2025 at 8:20 PM
Reposted by LP
johntuckner.me
Not subscribed to the THOR Collective Dispatch yet? You might've missed my guest piece on hunting for bad browser extensions. Check if the extension your CFO installed to change text to Comic Sans is also taking screenshots of his Salesforce reports.

dispatch.thorcollective.com/p/even-if-ma...
September 12, 2025 at 8:10 PM
jotunvillur.bsky.social
📻 Ask a Thrunt3r August is here!

DEF CON wisdom unlocked:
🔓 Why your SecOps model isn't working anymore
🎯 Supply chain attacks via AI coding tools
🛠️ One tool
@THOR_Collective
wishes you knew about (hint: it's Sliver)

dispatch.thorcollective.com/p/ask-a-thru...

#threathunting #cybersecurity
Ask-a-Thrunt3r: August 2025 Recap 🐏
Mainly ramblings. And maybe some wisdom.
dispatch.thorcollective.com
September 9, 2025 at 1:52 PM
Reposted by LP
johntuckner.me
Six malicious extensions listed in Cursor and hosted on Open VSX. All are squatting on other packages and are showing above the safe versions they target.
September 7, 2025 at 5:48 PM
Reposted by LP
bengoerz.bsky.social
If you are around DEF CON today, join me at 5pm for “Sh*t Show Triage: An Honest Panel on Incident Response” btv-dc33.sessionize.com/session/966539
Sh*t Show Triage: An Honest Panel on Incident Response
You can start with the best intentions, solid tools, and all the right policies, but what happens when your network moves from “effing around” straight into “finding out”? Join a panel of variously tr...
btv-dc33.sessionize.com
August 9, 2025 at 9:13 PM
Reposted by LP
thorcollective.bsky.social
Shoutout to our fam Elipscion, who's spinning live at DEF CON 33 this Friday at 8pm on the DEF CON stage.
🎧 Listen here: open.spotify.com/artist/2tgPZ...

🔥 Join our @thorcollective.bsky.social meetup during his set. Say hi, talk hunts, and grab some free swag. See you there!
ELIPSCION
Artist · 10 monthly listeners.
open.spotify.com
August 4, 2025 at 5:30 PM
Reposted by LP
archwisp.bsky.social
Oh hey! Did I mention I’m speaking on Saturday? I’ll be in track 1 at 2:30!

defcon.org/html/defcon-...
DEF CON® Hacking Conference - Speakers
defcon.org
August 3, 2025 at 9:22 PM
Reposted by LP
letswastetime.bsky.social
🌵 Calm before the Hacker Summer Camp storm.

July’s Dispatch Debrief is light on posts, heavy on hot takes — from agentic AI to making pentest findings sting.

Catch up before Vegas 👉 dispatch.thorcollective.com/p/dispatch-d...
Dispatch Debrief: July 2025
Consider this the calm before the Hacker Summer Camp storm.
dispatch.thorcollective.com
July 31, 2025 at 9:51 PM
Reposted by LP
letswastetime.bsky.social
Threat hunting is broken.
We can’t out-query adversaries who automate everything.
Enter the agentic threat hunter. An AI that thinks, hypothesizes, investigates, and scales.

In the latest @thorcollective.bsky.social Dispatch, we explore this shift:

📌 dispatch.thorcollective.com/p/the-agenti...
July 27, 2025 at 4:34 PM
Reposted by LP
ajohnsocyber.bsky.social
msrc.microsoft.com/blog/2025/07...

Microsoft is aware of active attacks targeting on-premises SharePoint Server customers. The attacks are exploiting a variant of CVE-2025-49706. This vulnerability has been assigned CVE-2025-53770.

SharePoint Online in Microsoft 365 is not impacted
Customer guidance for SharePoint vulnerability CVE-2025-53770 | MSRC Blog | Microsoft Security Response Center
Customer guidance for SharePoint vulnerability CVE-2025-53770
msrc.microsoft.com
July 20, 2025 at 1:22 AM
Reposted by LP
letswastetime.bsky.social
THRUNTING isn’t just a buzzword. It’s a mindset. 🐑

Inspired by Tim Peters’ 19 aphorisms for Python, @thorcollective.bsky.social Dispatch introduces "The Zen of Thrunting."

dispatch.thorcollective.com/p/the-zen-of...

Stay curious. Happy thrunting.
The Zen of Thrunting
Abstract
dispatch.thorcollective.com
July 3, 2025 at 3:11 PM
Reposted by LP
letswastetime.bsky.social
🔌 That browser extension? That IDE plugin? Might not be doing what you think.

New on @thorcollective.bsky.social Dispatch: five hunt ideas + a PEAK deep dive into sneaky plugin abuse.

Start with visibility. Hunt what blends in.

📖 dispatch.thorcollective.com/p/your-plugi...
Your Plugins and Extensions Are (Probably) Fine. Hunt Them Anyway.
Five hunt ideas (and one deep dive) for abuse hiding in plain sight.
dispatch.thorcollective.com
June 24, 2025 at 3:27 PM
Reposted by LP
letswastetime.bsky.social
New guest post on thorcollective.bsky.social Dispatch from infosecsherpa.bsky.social:

Don’t Let Mis(s) Information Take the Crown 👑

This post shows how to apply the Intelligence Cycle to news and help you filter bias.

Read it here: dispatch.thorcollective.com/p/dont-let-m...
Don't Let Mis(s) Information Take the Crown
Sherpa Intelligence: Your Guide Up a Mountain of Information!
dispatch.thorcollective.com
June 19, 2025 at 6:03 PM
jotunvillur.bsky.social
⚡ New @thorcollective.bsky.social Dispatch drop

No hallucinations here. Just TTPs that quietly defined Q1 2025.

🔐 OAuth abuse
📦 Malicious packages
🖥️ SimpleHelp RMM exploits

Stay ahead with what to hunt & where to look.

👉 dispatch.thorcollective.com/p/from-the-f...

#THORCollective
#threathunting
From the Fire: Q1FY25
TTPs that sparked, spread, and still burn for those paying attention.
dispatch.thorcollective.com
June 10, 2025 at 4:22 PM
jotunvillur.bsky.social
✨ New THOR Collective post ✨

Introducing Threat Hunting Relevancy Factors (THRF!) These factors can help you create relevant hunts and tangible impact for your organization. Show your business that you mean bzns. 📈

Join us at 👉: dispatch.thorcollective.com/p/threat-hun...

#threathunting
Making Your Hunts Matter: Introducing Threat Hunting Relevancy Factors
Don’t just hunt, hunt with purpose.
dispatch.thorcollective.com
May 27, 2025 at 7:03 PM
Reposted by LP
thorcollective.bsky.social
🐏 Ask a Thrunter AMA + Giveaway!

Join @thorcollective.bsky.social live next THORsday, May 29th @ 7pm PT in Discord. We’ve got a special announcement + we’ll reveal the monthly giveaway winner (all paid Dispatch subscribers automatically entered!).

Submit your questions early👇
May 22, 2025 at 10:23 PM
Reposted by LP
letswastetime.bsky.social
Introverts rewrite detection rules repeatedly, while extroverts demo them mid-draft.
In cybersecurity, you need both.
Today's @thorcollective.bsky.social Dispatch features Alex Hurtado, highlighting how embracing differences strengthens SOC teams.

👉 : dispatch.thorcollective.com/p/quiet-loud...
Quiet, Loud, and in the Logfiles: The Detection Duo You Didn’t Know You Needed
Filed under: Things your agent can’t do but Linda from SecOps does without breaking a sweat.
dispatch.thorcollective.com
May 22, 2025 at 3:21 PM
jotunvillur.bsky.social
Sierra Ferrell, yeehaw! 🤠
May 16, 2025 at 3:48 AM
Reposted by LP
drterdnugget.bsky.social
🚨 New guest drop on @THOR_Collective Dispatch! 🚨

"Exploring Cybersecurity Career Paths and How They Work Together" by Audra Streetman

Whether you're into offense, intel, or cyber defense, there's a path for you!

Read it here: dispatch.thorcollective.com/p/exploring-...
May 15, 2025 at 4:09 PM
Reposted by LP
letswastetime.bsky.social
💡 New guest drop on @thorcollective.bsky.social Dispatch: "Detection-in-Depth" by Day Johnson.

Day covers how to build resilient detection systems that handle real-world challenges, from fine-tuning rules to threat emulation and kill chain coverage.

dispatch.thorcollective.com/p/detection-...
Detection-In-Depth
Eliminating detection blind spots through a multi-layered defense approach
dispatch.thorcollective.com
May 8, 2025 at 3:24 PM
Reposted by LP
letswastetime.bsky.social
🔥 Dispatch Debrief: April 2025 is live 🔥
Explore star sign-inspired hunting techniques, organizing your hunt squad, and the value of finding "nothing."

Discover this month's insights from @thorcollective.bsky.social Dispatch - dispatch.thorcollective.com/p/april-debr...
Dispatch Debrief: April 2025
What We Hunted, Learned, and Loved This Month
dispatch.thorcollective.com
May 1, 2025 at 3:14 PM