Matt Muller
@matt.buildingsecops.com
Cybersecurity tinkerer by day, wine and cheese tinkerer by night. Security @ Tines | ex-Coinbase Security, Material Security
Pinned
Matt Muller
@matt.buildingsecops.com
· Jul 22
Three SOC Paradoxes To Fix in 2025
Reflections and takeaways from the 2025 SANS SOC Survey.
buildingsecops.com
My hot take of the day: we’re not gonna resolve SOC burnout any time soon unless we fix these three underlying issues in how we run SOC teams. buildingsecops.com/posts/three-...
Reposted by Matt Muller
After yesterday’s surrender, we’re launching the largest Democratic primary program that we’ve ever run.
We will not back any Senate primary candidate unless they call for Schumer to step down as Minority Leader.
If you’re as pissed as we are, join this campaign to rebuild the Democratic Party. 👇
We will not back any Senate primary candidate unless they call for Schumer to step down as Minority Leader.
If you’re as pissed as we are, join this campaign to rebuild the Democratic Party. 👇
Democratic leaders have failed us again. It's time to get new leaders.
After yet another capitulation by Chuck Schumer and Senate Democrats, it's clear we need new leadership capable of mounting a serious opposition to Trump's authoritarian regime. We're launching our la...
www.indivisible2026.org
November 11, 2025 at 12:00 AM
After yesterday’s surrender, we’re launching the largest Democratic primary program that we’ve ever run.
We will not back any Senate primary candidate unless they call for Schumer to step down as Minority Leader.
If you’re as pissed as we are, join this campaign to rebuild the Democratic Party. 👇
We will not back any Senate primary candidate unless they call for Schumer to step down as Minority Leader.
If you’re as pissed as we are, join this campaign to rebuild the Democratic Party. 👇
Reposted by Matt Muller
When you book a flight through major travel sites, a data broker owned by U.S. airlines will sell details about your flight—your name, credit card used, and where you’re flying to the government.
We found out how to opt-out of ARC selling your travel data. A guide:
www.404media.co/how-to-opt-o...
We found out how to opt-out of ARC selling your travel data. A guide:
www.404media.co/how-to-opt-o...
How to Opt-Out of Airlines Selling Your Travel Data to the Government
The Airlines Reporting Corporation (ARC), owned by major U.S. airlines, collects billions of ticketing records and sells them to the government to be searched without a warrant. I managed to opt-out…
www.404media.co
November 4, 2025 at 2:48 PM
When you book a flight through major travel sites, a data broker owned by U.S. airlines will sell details about your flight—your name, credit card used, and where you’re flying to the government.
We found out how to opt-out of ARC selling your travel data. A guide:
www.404media.co/how-to-opt-o...
We found out how to opt-out of ARC selling your travel data. A guide:
www.404media.co/how-to-opt-o...
Reposted by Matt Muller
“I’m a law-abiding citizen who never thought I’d be of such interest that the U.S. government would use my tax dollars & yours to try to send me to prison…[after being] manhandled by an Immigration and Customs Enforcement agent trying to remove my phone from my hand.”
www.msnbc.com/opinion/msnb...
www.msnbc.com/opinion/msnb...
Opinion | A jury of my peers agreed that the feds wrongly charged me for watching ICE
I believe that filming what federal agents were doing that day counted as basic human decency.
www.msnbc.com
November 2, 2025 at 4:45 PM
“I’m a law-abiding citizen who never thought I’d be of such interest that the U.S. government would use my tax dollars & yours to try to send me to prison…[after being] manhandled by an Immigration and Customs Enforcement agent trying to remove my phone from my hand.”
www.msnbc.com/opinion/msnb...
www.msnbc.com/opinion/msnb...
Reposted by Matt Muller
So this story is super duper interesting for a whole ton of reasons, but one big one is its a very rare glimpse into the private valuation of high-end exploits held by major defense contractors
bsky.app/profile/lega...
bsky.app/profile/lega...
Peter Williams, A former executive with US defense contractor L3Harris has pleaded guilty to selling digital spy tools to a Russian broker, the Justice Department announced. Williams pleaded to two counts of theft of trade secrets reut.rs/49o7Q0I
October 29, 2025 at 11:45 PM
So this story is super duper interesting for a whole ton of reasons, but one big one is its a very rare glimpse into the private valuation of high-end exploits held by major defense contractors
bsky.app/profile/lega...
bsky.app/profile/lega...
Reposted by Matt Muller
Truly, SS7 is the surveillance gift that keeps on giving: www.motherjones.com/politics/202...
The surveillance empire that tracked world leaders, a Vatican enemy, and maybe you
Inside the hidden world of First Wap, whose untraceable tech has targeted politicians, journalists, celebrities, and activists around the globe.
www.motherjones.com
October 14, 2025 at 6:35 PM
Truly, SS7 is the surveillance gift that keeps on giving: www.motherjones.com/politics/202...
Reposted by Matt Muller
NEW: cost to 'poison' an LLM and insert backdoors is relatively constant. Even as models grow.
Implication: security doesn't scale with LLMs.
Super interesting: Prior work had suggested that as model sizes grew, it would make them cost-prohibitive to poison. 1/
arxiv.org/pdf/2510.07192
Implication: security doesn't scale with LLMs.
Super interesting: Prior work had suggested that as model sizes grew, it would make them cost-prohibitive to poison. 1/
arxiv.org/pdf/2510.07192
October 9, 2025 at 4:56 PM
NEW: cost to 'poison' an LLM and insert backdoors is relatively constant. Even as models grow.
Implication: security doesn't scale with LLMs.
Super interesting: Prior work had suggested that as model sizes grew, it would make them cost-prohibitive to poison. 1/
arxiv.org/pdf/2510.07192
Implication: security doesn't scale with LLMs.
Super interesting: Prior work had suggested that as model sizes grew, it would make them cost-prohibitive to poison. 1/
arxiv.org/pdf/2510.07192
Veep wasn’t supposed to be a documentary
October 9, 2025 at 4:57 PM
Veep wasn’t supposed to be a documentary
Reposted by Matt Muller
🎶Thicker than
A deep dish pie
Joints are sore
Blood pressure high
Pudding, flan
And crème brûlée
None are safe
From the Green Beignets🎶
A deep dish pie
Joints are sore
Blood pressure high
Pudding, flan
And crème brûlée
None are safe
From the Green Beignets🎶
October 8, 2025 at 12:45 PM
🎶Thicker than
A deep dish pie
Joints are sore
Blood pressure high
Pudding, flan
And crème brûlée
None are safe
From the Green Beignets🎶
A deep dish pie
Joints are sore
Blood pressure high
Pudding, flan
And crème brûlée
None are safe
From the Green Beignets🎶
Reposted by Matt Muller
Sickening behavior by this agent. The fact that Mayor Adams has rolled out the red carpet for ICE is a stain on our city.
I was back at 26 Federal Plaza today, where an ICE agent violently threw this bereft woman to the ground in front of her kids. She had not touched him. She did not pose any threat. She had to be taken to the hospital. (🎥: Elias Eliahu)
September 25, 2025 at 7:15 PM
Sickening behavior by this agent. The fact that Mayor Adams has rolled out the red carpet for ICE is a stain on our city.
Reposted by Matt Muller
1/ Hi, I'm TProphet. I write the Telecom Informer for @2600.com. A lot of people have been asking me about www.nbcnews.com/politics/nat... given that I'm somewhat knowledgeable in the area.
Here's my take: I'm kind of astonished that this is public, and it isn't normal that it would ever be.
Here's my take: I'm kind of astonished that this is public, and it isn't normal that it would ever be.
Secret Service agents dismantle network that could shut down New York cellphone system
Agents discovered electronic devices in five locations in and around the city that could be used to disable cellphone towers. The system could also be used for criminal activities.
www.nbcnews.com
September 23, 2025 at 6:49 PM
1/ Hi, I'm TProphet. I write the Telecom Informer for @2600.com. A lot of people have been asking me about www.nbcnews.com/politics/nat... given that I'm somewhat knowledgeable in the area.
Here's my take: I'm kind of astonished that this is public, and it isn't normal that it would ever be.
Here's my take: I'm kind of astonished that this is public, and it isn't normal that it would ever be.
Reposted by Matt Muller
Be sure you take a moment today to remember Charlie Kirk for exactly who he was.
Charlie Kirk Sept 27 2024: "Just so we're clear, the Haitians that are in Huntsville that are raping your women and hunting you down at night - it's only gonna get worse - unless Donald Trump wins
There will be hundreds of thousands of Haitians brought into Alabama and they will become your masters"
There will be hundreds of thousands of Haitians brought into Alabama and they will become your masters"
September 21, 2025 at 3:06 PM
Be sure you take a moment today to remember Charlie Kirk for exactly who he was.
Nothing infuriates me more than cybercriminals that target small businesses, so it's time to spend a Saturday burning down the infrastructure of the ones who targeted a contractor I've worked with.
September 20, 2025 at 2:00 PM
Nothing infuriates me more than cybercriminals that target small businesses, so it's time to spend a Saturday burning down the infrastructure of the ones who targeted a contractor I've worked with.
Reposted by Matt Muller
It's bullshit that I agree with David Frum. Things shouldn't have sunk so low that we've reached our level of agreement! We should be in the realm where we disagree on every issue in the news!
David Frum on Jimmy Kimmel: "This is not cancel culture because it's not culture. It's state repression. It's an order from the government. Here is the script, you must read, if you do not read it, you will be taken off the air."
September 18, 2025 at 1:42 AM
It's bullshit that I agree with David Frum. Things shouldn't have sunk so low that we've reached our level of agreement! We should be in the realm where we disagree on every issue in the news!
Reposted by Matt Muller
I watched Kimmel's three most recent monologues, convinced I had missed the thing MAGA was outraged about. But it looks like this is it.
It has to be more than this, right? There's just no way this is it.
It has to be more than this, right? There's just no way this is it.
1. Just so we’re clear, this is the clip that got Jimmy Kimmel’s show shelved by ABC.
If I’m missing any other clips please let me know.
If I’m missing any other clips please let me know.
September 18, 2025 at 4:38 AM
I watched Kimmel's three most recent monologues, convinced I had missed the thing MAGA was outraged about. But it looks like this is it.
It has to be more than this, right? There's just no way this is it.
It has to be more than this, right? There's just no way this is it.
Reposted by Matt Muller
Not really an overstatement to say that the test of a free society is whether or not comedians can make fun of the country's leader on TV without repurcussions.
July 18, 2025 at 3:39 PM
Not really an overstatement to say that the test of a free society is whether or not comedians can make fun of the country's leader on TV without repurcussions.
I am genuinely curious what other type of content AWS thinks I’d be submitting through their “Report Phishing” form…?
September 16, 2025 at 1:58 AM
I am genuinely curious what other type of content AWS thinks I’d be submitting through their “Report Phishing” form…?
Reposted by Matt Muller
It is a bit wild to me that Snowflake got dragged through the mud because threat actors abused a bunch of one-off credentials in stealer logs, but somehow Salesforce has escaped scrutiny when all the impacted customers came from a single integration.
September 11, 2025 at 11:51 PM
It is a bit wild to me that Snowflake got dragged through the mud because threat actors abused a bunch of one-off credentials in stealer logs, but somehow Salesforce has escaped scrutiny when all the impacted customers came from a single integration.
Reposted by Matt Muller
An incredible firsthand glimpse into threat actor operations from Huntress:
An Attacker’s Blunder Gave Us a Look Into Their Operations | Huntress
An attacker installed Huntress onto their operating machine, giving us a detailed look at how they’re using AI to build workflows, searching for tools like Evilginx, and researching targets like software development companies.
www.huntress.com
September 9, 2025 at 6:04 PM
An incredible firsthand glimpse into threat actor operations from Huntress:
This talk was excellent - super practical advice and a refreshing antidote to all the “AI will fix everything” nonsense out there.
The slides from my @blueteamcon.com keynote this morning are posted here. It's unfortunately not recorded, but if this is the sort of thing your org would benefit from privately, reach out and we'll talk.
github.com/malwarejake-...
github.com/malwarejake-...
github.com
September 7, 2025 at 3:54 PM
This talk was excellent - super practical advice and a refreshing antidote to all the “AI will fix everything” nonsense out there.
Let the @blueteamcon.com festivities commence! Looking forward to a great day of talks.
September 6, 2025 at 1:23 PM
Let the @blueteamcon.com festivities commence! Looking forward to a great day of talks.
Sorry guys, Taylor Swift’s own instagram post is wrong, Google’s multi billion dollar AI says so.
August 26, 2025 at 5:32 PM
Sorry guys, Taylor Swift’s own instagram post is wrong, Google’s multi billion dollar AI says so.
Reposted by Matt Muller
“I’ve never heard of the kind of pervasive bribery that this incident showed us, with the long-term focus and the amounts involved,” Philip Martin, CSO of Coinbase, tells CSO. “It was, to me, an evolution in attacker behavior.”
www.csoonline.com/article/4042...
www.csoonline.com/article/4042...
Behind the Coinbase breach: Bribery emerges as enterprise threat
Coinbase’s breach shows how bribery schemes — long used for SIM swaps — can be a potent enterprise attack vector. Experts urge security leaders to add bribery training and red-teaming to their cyber d...
www.csoonline.com
August 26, 2025 at 12:59 PM
“I’ve never heard of the kind of pervasive bribery that this incident showed us, with the long-term focus and the amounts involved,” Philip Martin, CSO of Coinbase, tells CSO. “It was, to me, an evolution in attacker behavior.”
www.csoonline.com/article/4042...
www.csoonline.com/article/4042...
Reposted by Matt Muller
WHOA: megapublisher Axel Springer asks German court to ban an ad-blocker.
They claim HTML/ CSS code of websites are protected computer programs.
And influencing how they are displayed (e.g by removing ads) violates copyright.
Endless security, privacy and technical downside & absurdity 1/
They claim HTML/ CSS code of websites are protected computer programs.
And influencing how they are displayed (e.g by removing ads) violates copyright.
Endless security, privacy and technical downside & absurdity 1/
August 20, 2025 at 7:31 PM
WHOA: megapublisher Axel Springer asks German court to ban an ad-blocker.
They claim HTML/ CSS code of websites are protected computer programs.
And influencing how they are displayed (e.g by removing ads) violates copyright.
Endless security, privacy and technical downside & absurdity 1/
They claim HTML/ CSS code of websites are protected computer programs.
And influencing how they are displayed (e.g by removing ads) violates copyright.
Endless security, privacy and technical downside & absurdity 1/
Examples like this are why it’s particularly infuriating that I can’t fully disable all AI features in Google Workspace. Different threat models deserve more granular controls. www.wired.com/story/google...
Hackers Hijacked Google’s Gemini AI With a Poisoned Calendar Invite to Take Over a Smart Home
For likely the first time ever, security researchers have shown how AI can be hacked to create real world havoc, allowing them to turn off lights, open smart shutters, and more.
www.wired.com
August 8, 2025 at 4:59 PM
Examples like this are why it’s particularly infuriating that I can’t fully disable all AI features in Google Workspace. Different threat models deserve more granular controls. www.wired.com/story/google...