Katie Nickels
@likethecoins.bsky.social
Reposted by Katie Nickels
CYBERWARCON is coming!!! Registration and CFP are now open for this year's #CYBERWARCON! This year's keynote speaker will be @dmitri.silverado.org!!
We are back in Arlington, VA this year on November 19th.
www.cyberwarcon.com
We are back in Arlington, VA this year on November 19th.
www.cyberwarcon.com
CYBERWARCON
www.cyberwarcon.com
August 28, 2025 at 5:35 PM
CYBERWARCON is coming!!! Registration and CFP are now open for this year's #CYBERWARCON! This year's keynote speaker will be @dmitri.silverado.org!!
We are back in Arlington, VA this year on November 19th.
www.cyberwarcon.com
We are back in Arlington, VA this year on November 19th.
www.cyberwarcon.com
TIL about ASPs (App-Specific Passwords) thanks to Rebekah and her Citizen Lab colleagues...check it out! citizenlab.ca/2025/06/russ...
June 19, 2025 at 2:41 PM
TIL about ASPs (App-Specific Passwords) thanks to Rebekah and her Citizen Lab colleagues...check it out! citizenlab.ca/2025/06/russ...
Excited to be here at @sleuthcon.bsky.social! I've taken a step back from social media, so it will be nice to say hi to some of you in person. 😀 Looking forward to a great day, kicking off with Paul Melson.
June 6, 2025 at 1:09 PM
Excited to be here at @sleuthcon.bsky.social! I've taken a step back from social media, so it will be nice to say hi to some of you in person. 😀 Looking forward to a great day, kicking off with Paul Melson.
As you're planning your week, be sure to sign up for our Red Canary webinar on initial access to hear about common adversary techniques and what to do about them. redcanary.com/resources/we... Don't miss it!
[Webinar] The Detection Series: Initial Access
We explore the Initial Access MITRE ATT&CK® tactic, with a focus on emergent, novel, and prevalent adversary techniques and capabilities.
redcanary.com
May 27, 2025 at 1:17 PM
As you're planning your week, be sure to sign up for our Red Canary webinar on initial access to hear about common adversary techniques and what to do about them. redcanary.com/resources/we... Don't miss it!
Reposted by Katie Nickels
💰🐍THE SLEUTHCON 2025 LINEUP IS NOW LIVE🐍💰
From cybercrime units and big-box threat teams to red teamers and deception engineers—this year’s speaker lineup spans the full spectrum of financially motivated threat hunting, intel analysis, and response.
www.sleuthcon.com/2025lineup
From cybercrime units and big-box threat teams to red teamers and deception engineers—this year’s speaker lineup spans the full spectrum of financially motivated threat hunting, intel analysis, and response.
www.sleuthcon.com/2025lineup
April 25, 2025 at 4:25 PM
💰🐍THE SLEUTHCON 2025 LINEUP IS NOW LIVE🐍💰
From cybercrime units and big-box threat teams to red teamers and deception engineers—this year’s speaker lineup spans the full spectrum of financially motivated threat hunting, intel analysis, and response.
www.sleuthcon.com/2025lineup
From cybercrime units and big-box threat teams to red teamers and deception engineers—this year’s speaker lineup spans the full spectrum of financially motivated threat hunting, intel analysis, and response.
www.sleuthcon.com/2025lineup
Reposted by Katie Nickels
New keynote drop: Paul Melson is taking the SLEUTHCON stage to dissect the rise of crime[ware]—how it started, how it scaled, and how we shut it down.
23+ yrs defending networks. ScumBots founder. Now VP @ Capital One.
🎤 June 6
📍IRL + virtual
🎟️ Tix moving fast - sleuthcon.com
🗓️ CFP closes April 18
23+ yrs defending networks. ScumBots founder. Now VP @ Capital One.
🎤 June 6
📍IRL + virtual
🎟️ Tix moving fast - sleuthcon.com
🗓️ CFP closes April 18
April 14, 2025 at 6:02 PM
New keynote drop: Paul Melson is taking the SLEUTHCON stage to dissect the rise of crime[ware]—how it started, how it scaled, and how we shut it down.
23+ yrs defending networks. ScumBots founder. Now VP @ Capital One.
🎤 June 6
📍IRL + virtual
🎟️ Tix moving fast - sleuthcon.com
🗓️ CFP closes April 18
23+ yrs defending networks. ScumBots founder. Now VP @ Capital One.
🎤 June 6
📍IRL + virtual
🎟️ Tix moving fast - sleuthcon.com
🗓️ CFP closes April 18
Reposted by Katie Nickels
Today we're launching a new system where the public can help us develop the next ATT&CK release through Macrotechnique Refinement. To start refining FUZZYSNUGGLYDUCK, click here: attack.mitre.org/macro-techni.... Fabulous prizes await success.
April 1, 2025 at 12:44 PM
Today we're launching a new system where the public can help us develop the next ATT&CK release through Macrotechnique Refinement. To start refining FUZZYSNUGGLYDUCK, click here: attack.mitre.org/macro-techni.... Fabulous prizes await success.
Reposted by Katie Nickels
Japan CERT researchers look at the multitude of North Korean APT groups and the problem of classifying most of their activity as Lazarus
blogs.jpcert.or.jp/en/2025/03/c...
blogs.jpcert.or.jp/en/2025/03/c...
March 30, 2025 at 2:39 PM
Japan CERT researchers look at the multitude of North Korean APT groups and the problem of classifying most of their activity as Lazarus
blogs.jpcert.or.jp/en/2025/03/c...
blogs.jpcert.or.jp/en/2025/03/c...
Don't miss my teammates as they present the 2025 Red Canary Threat Detection Report tomorrow afternoon! This report is overwhelming with goodness, and they'll help you navigate it. 😀 redcanary.com/resources/we...
[Webinar] Inside the 2025 Threat Detection Report
Join the 2025 Red Canary Threat Detection Report’s authors as they explore the most important findings of the year. Don't miss this event!
redcanary.com
March 25, 2025 at 5:21 PM
Don't miss my teammates as they present the 2025 Red Canary Threat Detection Report tomorrow afternoon! This report is overwhelming with goodness, and they'll help you navigate it. 😀 redcanary.com/resources/we...
Reposted by Katie Nickels
💼 Join us on Wednesday! Our thorough review includes assessment of formatting, content clarity and alignment with industry standards!
www.blacksincyberconf.com/online-commu...
#BlacksInCyber #BlacksInCybersecurity #LitLikeBIC #CareerServices
www.blacksincyberconf.com/online-commu...
#BlacksInCyber #BlacksInCybersecurity #LitLikeBIC #CareerServices
March 23, 2025 at 3:13 PM
💼 Join us on Wednesday! Our thorough review includes assessment of formatting, content clarity and alignment with industry standards!
www.blacksincyberconf.com/online-commu...
#BlacksInCyber #BlacksInCybersecurity #LitLikeBIC #CareerServices
www.blacksincyberconf.com/online-commu...
#BlacksInCyber #BlacksInCybersecurity #LitLikeBIC #CareerServices
Interview tip: always, always come prepared with thoughtful questions to ask your interviewers. These questions are often a key factor in me recommending for or against a hire - they tell me a lot about someone's preparedness for the interview and genuine interest in the role.
March 21, 2025 at 9:28 PM
Interview tip: always, always come prepared with thoughtful questions to ask your interviewers. These questions are often a key factor in me recommending for or against a hire - they tell me a lot about someone's preparedness for the interview and genuine interest in the role.
Happy Valentine's Day everyone! Thank you for this @selenalarson.bsky.social ❤️
February 14, 2025 at 6:11 PM
Happy Valentine's Day everyone! Thank you for this @selenalarson.bsky.social ❤️
Reposted by Katie Nickels
🚨 EclecticIQ analysts uncovered a Sandworm #cyber espionage campaign targeting Ukrainian Windows users. Attackers used trojanized #Microsoft KMS activation tools to deploy the BACKORDER loader and Dark Crystal RAT, enabling data theft and espionage. blog.eclecticiq.com/sandworm-apt...
February 11, 2025 at 3:30 PM
🚨 EclecticIQ analysts uncovered a Sandworm #cyber espionage campaign targeting Ukrainian Windows users. Attackers used trojanized #Microsoft KMS activation tools to deploy the BACKORDER loader and Dark Crystal RAT, enabling data theft and espionage. blog.eclecticiq.com/sandworm-apt...
Reposted by Katie Nickels
📆 It's crime time!
#SLEUTHCON is coming to Arlington, VA on Friday, June 6th, 2025! 🎉
Stay tuned for more information.
#SLEUTHCON is coming to Arlington, VA on Friday, June 6th, 2025! 🎉
Stay tuned for more information.
February 3, 2025 at 6:00 PM
📆 It's crime time!
#SLEUTHCON is coming to Arlington, VA on Friday, June 6th, 2025! 🎉
Stay tuned for more information.
#SLEUTHCON is coming to Arlington, VA on Friday, June 6th, 2025! 🎉
Stay tuned for more information.
Do you have teammates you go to when you need a grounded perspective on some new security topic? Keith McCammon and Dave Farrow are two of these people for me. Now you can benefit from their wisdom as well! Join them starting next Tuesday for Red Canary Office Hours. redcanary.com/resources/we...
Red Canary Office Hours: Weekly trends in security operations
Got a burning question? Bring it. Want to stay ahead of attackers? Listen in. This is your open forum for all things security operations.
redcanary.com
January 29, 2025 at 6:25 PM
Do you have teammates you go to when you need a grounded perspective on some new security topic? Keith McCammon and Dave Farrow are two of these people for me. Now you can benefit from their wisdom as well! Join them starting next Tuesday for Red Canary Office Hours. redcanary.com/resources/we...
What's the story you're telling yourself about why you can't separate from work? When can you say I'm NOT available? Such good advice from Dr. Daniel Shore. #CTISummit
January 28, 2025 at 2:43 PM
What's the story you're telling yourself about why you can't separate from work? When can you say I'm NOT available? Such good advice from Dr. Daniel Shore. #CTISummit
We're kicking off Day 2 of the #CTISummit with a keynote by Dr. Daniel Shore on mental health and burnout - an issue we all need to pay attention to. He's kicking off with an example from his own life around summer camp.
January 28, 2025 at 2:22 PM
We're kicking off Day 2 of the #CTISummit with a keynote by Dr. Daniel Shore on mental health and burnout - an issue we all need to pay attention to. He's kicking off with an example from his own life around summer camp.
This is a fantastic visual from Tom and Lior that shows how complicated it is to cluster intrusions #CTISummit
January 27, 2025 at 7:13 PM
This is a fantastic visual from Tom and Lior that shows how complicated it is to cluster intrusions #CTISummit
Quishing is coming when, @attack.mitre.org? 😀 #CTISummit
January 27, 2025 at 4:06 PM
Quishing is coming when, @attack.mitre.org? 😀 #CTISummit
Interesting example from Arda of cyber criminals changing their branding after public exposure by Mandiant. #CTISummit
January 27, 2025 at 4:04 PM
Interesting example from Arda of cyber criminals changing their branding after public exposure by Mandiant. #CTISummit
I'm excited to be here to kick off the 13th SANS #CTISummit with a keynote by Dr. Jeannie Johnson on anticipatory intelligence!
January 27, 2025 at 2:22 PM
I'm excited to be here to kick off the 13th SANS #CTISummit with a keynote by Dr. Jeannie Johnson on anticipatory intelligence!
We're just two weeks away from the SANS CTI Summit, one of my favorite conferences of the year! I've seen several presentation drafts, and they are 🔥. Register today to join Live Online (free!) or in-person in Alexandria, VA!
➡️ Register: sans.org/u/1xCe
➡️ Register: sans.org/u/1xCe
January 13, 2025 at 7:00 PM
We're just two weeks away from the SANS CTI Summit, one of my favorite conferences of the year! I've seen several presentation drafts, and they are 🔥. Register today to join Live Online (free!) or in-person in Alexandria, VA!
➡️ Register: sans.org/u/1xCe
➡️ Register: sans.org/u/1xCe
Hi #shmoocon! I'm here all afternoon, if you see me, please say hi! It's bittersweet to be here for the last one, this was my very first hacker con. ❤️
January 11, 2025 at 5:31 PM
Hi #shmoocon! I'm here all afternoon, if you see me, please say hi! It's bittersweet to be here for the last one, this was my very first hacker con. ❤️
Reposted by Katie Nickels
🔥 new blog detailing 0day exploitation of Ivanti appliances as well as some newly observed malware families tracked as PHASEJAM and DRYHOOK. We also detail activity related to the previously observed SPAWN* malware ecosystem tied to China-nexus cluster UNC5337.
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation | Google Cloud Blog
Zero-day exploitation of Ivanti Connect Secure VPN vulnerabilities since as far back as December 2024.
cloud.google.com
January 9, 2025 at 12:42 AM
🔥 new blog detailing 0day exploitation of Ivanti appliances as well as some newly observed malware families tracked as PHASEJAM and DRYHOOK. We also detail activity related to the previously observed SPAWN* malware ecosystem tied to China-nexus cluster UNC5337.
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...