JM
LightNews LightNews
banner
mrjm.bsky.social
JM
@mrjm.bsky.social
81 followers 94 following 30 posts
Dad, husband & Security dinosaur: lots of SecEng ⚙️, Redteam ☠️ DFIR ⛑️. Passion for National Security 🇺🇸🇨🇦🇫🇷, Coding 💻 & Space 🚀
https://linkedin.com/in/jmamblat
Posts Replies Media Videos
Reposted by JM
lindarothwell.bsky.social
Look what's happening at the French Embassy in Washington DC.
March 4, 2025 at 9:05 PM
Reposted by JM
timdickinson.bsky.social
'Did you even say thank you?'
March 1, 2025 at 9:01 PM
Reposted by JM
ellenwapo.bsky.social
SecDef has ordered a pause on offensive cyber and info operations while the US & Moscow are in talks, though planning for operations continues, according to sources. While such a pause is not unusual, the move comes as Trump accommodates Putin in his designs on Ukraine.
wapo.st/4kjGtrI
As Trump warms to Putin, U.S. halts offensive cyber operations against Moscow
Defense Secretary Pete Hegseth has ordered U.S. Cyber Command to pause cyber and information operations against Russia as Trump seeks to bring Putin to the negotiating table to end war in Ukraine.
wapo.st
March 2, 2025 at 1:18 AM
Reposted by JM
hankgreen.bsky.social
We are experiencing an assault on science unparalleled by anything I’ve seen in my life. It’s not one issue or another anymore, the entire institution is under attack by the most powerful individuals in the country.

This Friday, where will you be?

standupforscience2025.org
March 2, 2025 at 4:27 PM
Reposted by JM
malwarejake.bsky.social
Why this matters:
1. While NSA doesn't have to stand down, many service members working *at* NSA work for their individual services, addressing their intelligence priorities. The national mission broadly benefits from this. These members likely must stand down. 1/
therecord.media/hegseth-orde...
Exclusive: Hegseth orders Cyber Command to stand down on Russia planning
The secretary of Defense has ordered U.S. Cyber Command to stand down from all planning against Russia, including offensive digital actions, sources tell Recorded Future News.
therecord.media
February 28, 2025 at 8:35 PM
mrjm.bsky.social
This is a really cool post if interested in Redteam and bypassing AVs.. en.r-tec.net/r-tec-blog-b...
r-tec Blog | Bypass AMSI in 2025
This blog post will shed some light on what's behind AMSI (roughly, but hopefully easy to understand) and how you can still effectively bypass it - more than four years later.
en.r-tec.net
March 3, 2025 at 12:01 AM
mrjm.bsky.social
“Lazarus group evolves its infection chain with old and new malware” #threatintel #cybersecurity
securelist.com/lazarus-new-...
Lazarus targets nuclear-related organization with new malware
Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.
securelist.com
December 24, 2024 at 1:02 PM
Reposted by JM
rya.nc
New password generation algorithm just dropped, get cracking.
Screenshot of a password box, with example "Nine+twelve=21"
December 18, 2024 at 1:02 PM
mrjm.bsky.social
“Russian government spies targeted Ukraine using tools developed by cybercriminals” #nationalsecurity #intel #infosec

techcrunch.com/2024/12/11/r...
Russian government spies targeted Ukraine using tools developed by cybercriminals | TechCrunch
Researchers say a hacking group linked to the FSB used tools developed by a cybercrime group to target Ukraine's Army and Border Guard.
techcrunch.com
December 13, 2024 at 11:45 AM
Reposted by JM
darthputinkgb.bsky.social
Told Assad I am not mad and to prove it I've given him apartment with large windows & scenic views.
December 9, 2024 at 7:24 AM
Reposted by JM
leak.bsky.social
Would you like to work with great folks to secure something important? LinkedIn security is hiring -- with more roles coming, including a Sr. Director for Risk and Compliance. I'd love to work with you!

No jerks, please.
omkhar.net omkhar @omkhar.net · Dec 9
All I want for Christmas is to work with YOU - seriously.

We need your help to ensure the security of over 1 billion members. LinkedIn InfoSec has lots of open roles, with even more to come in 2025.
December 9, 2024 at 7:54 PM
mrjm.bsky.social
(Should not be a surprise :) “US alleges China hacked calls of 'very senior' political figures, official says” #nationalsecurity #cybersecurity
www.reuters.com/world/us-all...
US alleges China hacked calls of 'very senior' political figures, official says
The U.S. believes that an alleged sweeping Chinese cyber espionage campaign known as Salt Typhoon targeted and recorded telephone calls of "very senior" American political figures, a White House official said on Saturday.
www.reuters.com
December 9, 2024 at 11:48 PM
Reposted by JM
michaeldweiss.bsky.social
Breaking: The House Permanent Select Committee on Intelligence has released an unclassified report into the IC and its work on Havana Syndrome, or Anomalous Health Incidents. From the first lines of the executive summary: "It appears increasingly likely…that a foreign adversary is behind some AHIs."
December 5, 2024 at 7:50 PM
Reposted by JM
jkirk.bsky.social
A Russian APT hacked the infrastructure and tools of other APTs and cybercriminal groups to conduct cyber espionage attacks in South East Asia. Great @microsoftsecurity.bsky.social report. #infosec www.microsoft.com/en-us/securi...
Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage | Microsoft Security Blog
Microsoft has observed Secret Blizzard compromising the infrastructure and backdoors of the Pakistan-based threat actor we track as Storm-0156 for espionage against the Afghanistan government and Indi...
www.microsoft.com
December 4, 2024 at 10:21 PM
mrjm.bsky.social
“Guidance Urges Visibility and Device #Hardening against PRC-Affiliated Threat Actor” #infosec #cybersecurity

www.nsa.gov/Press-Room/P...
Guidance Urges Visibility and Device Hardening against PRC-Affiliated Threat Actor
FORT MEADE, Md. – The National Security Agency (NSA) joins the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and others in releasing
www.nsa.gov
December 4, 2024 at 11:15 AM
Reposted by JM
leak.bsky.social
The irony, it burns.

Yes, there are tradeoffs to end to end encryption, but it's wild for the FBI to start agreeing with basically the entire security community that it's an often-necessary security message.

www.nbcnews.com/tech/securit...
U.S. officials urge Americans to use encrypted apps amid cyberattack that exposed live phone calls
Officials from the FBI and CISA said it was impossible to predict when the telecommunications companies would be fully safe from interlopers.
www.nbcnews.com
December 3, 2024 at 11:02 PM
mrjm.bsky.social
#CobaltStrike ‘s Process Inject Kit from C to C++ BOF templates.. courtesy Rasta Mouse #redteam #infosec #cybersecurity

github.com/rasta-mouse/...
GitHub - rasta-mouse/process-inject-kit: Port of Cobalt Strike's Process Inject Kit
Port of Cobalt Strike's Process Inject Kit. Contribute to rasta-mouse/process-inject-kit development by creating an account on GitHub.
github.com
December 1, 2024 at 3:46 PM
mrjm.bsky.social
“DFIR Labs Capture The Flag (#CTF) competition” #infosec #cybersecurity fun in December
thedfirreport.com/services/dfi...
Capture The Flag (CTF)
Get ready to elevate your DFIR skills with our exciting DFIR Labs Capture The Flag (CTF) competition! This event will immerse you in real-world intrusion scenarios, crafted to evaluate various face…
thedfirreport.com
December 1, 2024 at 2:31 PM
mrjm.bsky.social
“Dissecting JA4H for improved Sliver #C2 detections” #cybersecurity #infosec #dfir
#detection

blog.webscout.io/dissecting-j...
Dissecting JA4H for improved Sliver C2 detections
Background On November 18, 2024, Palo Alto Networks announced the discovery of two critical vulnerabilities, CVE-2024-0012 and CVE-2024-9474, in the operating system that powers their firewall device...
blog.webscout.io
November 30, 2024 at 12:49 PM
Reposted by JM
grapheneos.org
Secure PDF Viewer app version 20 released:

github.com/GrapheneOS/P...

See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.

#GrapheneOS #privacy #security #pdf #android
Release 20 · GrapheneOS/PdfViewer
Notable changes in version 20: improve app compatibility by trying to load data with no MIME type passed improve zoom gesture by scrolling during zooming to keep focus in the same place instead of...
github.com
November 28, 2024 at 7:53 PM
mrjm.bsky.social
GRUB LUKS Bypass and Dump, #linux #cybersecurity #infosec

remyhax.xyz/posts/luks-v...
GRUB LUKS Bypass and Dump
Recently I needed to get the data off of a LUKS encrypted partition on a Virtual Machine that “wasn’t mine” and I’d never done it before.
remyhax.xyz
November 28, 2024 at 5:28 PM
Reposted by JM
rich.harang.org
If you missed my blackhat talk on the security of LLM applications, it's up on youtube now:

m.youtube.com/watch?v=Rhpq...
Practical LLM Security: Takeaways From a Year in the Trenches
YouTube video by Black Hat
m.youtube.com
November 28, 2024 at 12:25 PM
Reposted by JM
shashj.bsky.social
“The UK government recently supplied Ukraine with dozens more Storm Shadow cruise missiles, according to people familiar with the matter, a first under Prime Minister Keir Starmer” www.bloomberg.com/news/article...
UK Sends Kyiv More Storm Shadows as Starmer Pledges Support
The UK government recently supplied Ukraine with dozens more Storm Shadow cruise missiles, according to people familiar with the matter, a first under Prime Minister Keir Starmer, who has pledged cont...
www.bloomberg.com
November 26, 2024 at 11:15 AM
Reposted by JM
weld.bsky.social
New tech brings new vulnerabilities. Introducing CWE-1427: Improper Neutralization of Input Used for LLM Prompting,
Externally-provided data used to build prompts provided LLMs, but the way they are constructed causes the LLM to fail to distinguish between user-supplied inputs and system directives
November 20, 2024 at 6:44 PM