techy
@techy.detectionengineering.net
Creator of Detection Engineering Weekly (https://detectionengineering.net), Sec Research/Intel/Detection @ Datadog
Pinned
techy
@techy.detectionengineering.net
· Nov 18
I made a Detection Engineering starter pack, will be adding more as more folks jump over to bluesky! go.bsky.app/HenXJUR
DEW #130 - God-mode Azure vulnerability, Composite Detections & Detection Observability
In this post:
* 💎 by Dirk-jan Mollema discloses a cross-tenant Azure vulnerability that gives access to any Azure tenant, with detection opportunities to boot!
www.detectionengineering.net/p/dew-130-go...
In this post:
* 💎 by Dirk-jan Mollema discloses a cross-tenant Azure vulnerability that gives access to any Azure tenant, with detection opportunities to boot!
www.detectionengineering.net/p/dew-130-go...
DEW #130 - God-mode Azure vulnerability, Composite Detections & Detection Observability
power overwhelming
www.detectionengineering.net
September 24, 2025 at 12:39 PM
DEW #130 - God-mode Azure vulnerability, Composite Detections & Detection Observability
In this post:
* 💎 by Dirk-jan Mollema discloses a cross-tenant Azure vulnerability that gives access to any Azure tenant, with detection opportunities to boot!
www.detectionengineering.net/p/dew-130-go...
In this post:
* 💎 by Dirk-jan Mollema discloses a cross-tenant Azure vulnerability that gives access to any Azure tenant, with detection opportunities to boot!
www.detectionengineering.net/p/dew-130-go...
I'm starting a new series on Detection Engineering called the Detection Field Manual. I wanted to publish < 10 minute reads on threat detection topics I've built in the field, at conferences and our interviews for candidates at Datadog.
Here's issue 1!
www.detectionengineering.net/p/detection-...
Here's issue 1!
www.detectionengineering.net/p/detection-...
Detection Engineering Field Manual #1 - What is a Detection Engineer?
Why does Detection Engineering matter to a security org?
www.detectionengineering.net
June 22, 2025 at 6:44 PM
I'm starting a new series on Detection Engineering called the Detection Field Manual. I wanted to publish < 10 minute reads on threat detection topics I've built in the field, at conferences and our interviews for candidates at Datadog.
Here's issue 1!
www.detectionengineering.net/p/detection-...
Here's issue 1!
www.detectionengineering.net/p/detection-...
I'm so excited to announce that Datadog Security Research is launching a FREE, fully-online, Detection Engineering focused conference called Datadog Detect!
bit.ly/datadog-detect
Our lineup is incredible with experts in the field of detection, response and threat intelligence.
bit.ly/datadog-detect
Our lineup is incredible with experts in the field of detection, response and threat intelligence.
Datadog Detect: Scale your Security Operations with Detection Engineering | Datadog
See metrics from all of your apps, tools & services in one place with Datadog's cloud monitoring as a service solution. Try it for free.
bit.ly
May 10, 2025 at 6:14 PM
I'm so excited to announce that Datadog Security Research is launching a FREE, fully-online, Detection Engineering focused conference called Datadog Detect!
bit.ly/datadog-detect
Our lineup is incredible with experts in the field of detection, response and threat intelligence.
bit.ly/datadog-detect
Our lineup is incredible with experts in the field of detection, response and threat intelligence.
Found just outside Moscone North for RSA. Now I'm pumped for my talk tomorrow. #hacktheplanet
April 27, 2025 at 9:29 PM
Found just outside Moscone North for RSA. Now I'm pumped for my talk tomorrow. #hacktheplanet
Detection Engineering Weekly Issue 109 is live! www.detectionengineering.net/p/det-eng-we...
Det. Eng. Weekly #109 - I’m making a Hinge for detection engineers
Your profile is a rule, an alert is a match, and a false positive is a shitty date
www.detectionengineering.net
April 9, 2025 at 8:28 PM
Detection Engineering Weekly Issue 109 is live! www.detectionengineering.net/p/det-eng-we...
Detection Engineering Weekly issue 108 is live! www.detectionengineering.net/p/det-eng-we...
Det. Eng. Weekly #108 - Can any1 in the IC add me to their Signal group?
Just tryna forward some reels and feelin left out rn
www.detectionengineering.net
April 2, 2025 at 1:03 PM
Detection Engineering Weekly issue 108 is live! www.detectionengineering.net/p/det-eng-we...
@sekoia.io FYI your TLS cert is showing invalid due to date expiration for *.sekoia.io
February 9, 2025 at 5:44 PM
@sekoia.io FYI your TLS cert is showing invalid due to date expiration for *.sekoia.io
Reposted by techy
🍎👿 The key macOS malware families of 2024: This past year saw a sharp rise in sophisticated campaigns targeting macOS users in the enterprise and the increasing adoption of cross-platform development frameworks.
2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise
Learn about the key macOS malware families from 2024, including tactics, IoCs, opportunities for detection, and links to further reading.
s1.ai
January 20, 2025 at 5:11 PM
🍎👿 The key macOS malware families of 2024: This past year saw a sharp rise in sophisticated campaigns targeting macOS users in the enterprise and the increasing adoption of cross-platform development frameworks.
Reposted by techy
I’m biased, but wow—it’s so refreshing to get updates that genuinely help me better track threat actors. 🔥
www.validin.com/blog/threat_...
www.validin.com/blog/threat_...
Tracking Threat Actors with Validin | Validin
Quickly identify threat actors and discover malicious infrastructure using Validin by viewing detailed descriptions on thousands of threat actors that Validin has cataloged
www.validin.com
January 9, 2025 at 4:34 PM
I’m biased, but wow—it’s so refreshing to get updates that genuinely help me better track threat actors. 🔥
www.validin.com/blog/threat_...
www.validin.com/blog/threat_...
Reposted by techy
Did a security researcher at Snyk really just publish malicious packages to NPM targeting Cursor.com?
January 8, 2025 at 9:48 AM
Did a security researcher at Snyk really just publish malicious packages to NPM targeting Cursor.com?
Reposted by techy
🎉 link and docs and details: nims-template.notion.site
Notion Incident Management System (NIMS) | Notion
Use the Template
nims-template.notion.site
January 7, 2025 at 12:49 AM
🎉 link and docs and details: nims-template.notion.site
Reposted by techy
🚀 Excited to announce the alpha release of NIMS - a Notion-based Incident Management System!
Designed for SOC/IR teams, NIMS helps streamline incident management and collaboration using Notion's powerful database features.
#InfoSec #DFIR #IncidentResponse #SecOps #Notion
Designed for SOC/IR teams, NIMS helps streamline incident management and collaboration using Notion's powerful database features.
#InfoSec #DFIR #IncidentResponse #SecOps #Notion
January 7, 2025 at 12:42 AM
🚀 Excited to announce the alpha release of NIMS - a Notion-based Incident Management System!
Designed for SOC/IR teams, NIMS helps streamline incident management and collaboration using Notion's powerful database features.
#InfoSec #DFIR #IncidentResponse #SecOps #Notion
Designed for SOC/IR teams, NIMS helps streamline incident management and collaboration using Notion's powerful database features.
#InfoSec #DFIR #IncidentResponse #SecOps #Notion
Reposted by techy
"North Korea-nexus Golang Backdoor/Stealer from Contagious Interview campaign" published by dmpdump. #ContagiousInterview, #DPRK, #CTI https://dmpdump.github.io/posts/NorthKorea_Backdoor_Stealer/
January 6, 2025 at 11:30 AM
"North Korea-nexus Golang Backdoor/Stealer from Contagious Interview campaign" published by dmpdump. #ContagiousInterview, #DPRK, #CTI https://dmpdump.github.io/posts/NorthKorea_Backdoor_Stealer/
Reposted by techy
IF IT AINT EXECUTTABLE IT AINT FOR ME - dashare.zone ADMIN
December 18, 2024 at 9:38 PM
IF IT AINT EXECUTTABLE IT AINT FOR ME - dashare.zone ADMIN
The cybersecurity subreddit has a thread on influencers and “who to avoid because of xyz”. These threads irk me because there’s no clear measurement and lots of gate keeping around who is allowed to post stuff and who isn’t. www.reddit.com/r/cybersecur...
From the cybersecurity community on Reddit
Explore this post and more from the cybersecurity community
www.reddit.com
December 29, 2024 at 2:06 PM
The cybersecurity subreddit has a thread on influencers and “who to avoid because of xyz”. These threads irk me because there’s no clear measurement and lots of gate keeping around who is allowed to post stuff and who isn’t. www.reddit.com/r/cybersecur...
I’ve been pretty sick for the last 2 weeks, but Christmas holiday has been a much needed break for rest and recovery.
Take care of yourselves people; I think stress contributed a ton to this, and being mindful and in the present has helped me out a lot.
And lots of Christmas food.
Take care of yourselves people; I think stress contributed a ton to this, and being mindful and in the present has helped me out a lot.
And lots of Christmas food.
December 26, 2024 at 4:41 PM
I’ve been pretty sick for the last 2 weeks, but Christmas holiday has been a much needed break for rest and recovery.
Take care of yourselves people; I think stress contributed a ton to this, and being mindful and in the present has helped me out a lot.
And lots of Christmas food.
Take care of yourselves people; I think stress contributed a ton to this, and being mindful and in the present has helped me out a lot.
And lots of Christmas food.
telling chatgpt my editor in a very blunt and snarky way, as all vim users do
December 22, 2024 at 6:07 PM
telling chatgpt my editor in a very blunt and snarky way, as all vim users do
Reposted by techy
Today is not a good day. Our dog needed a vet visit because he was weak and not eating. Turns out he had blood and fluid throughout his abdomen due to cancer. He was an amazing friend and family member, and tomorrow’s issue will be somber but commemorative with lots of pupper pics. Hug your dogs!
December 17, 2024 at 8:57 PM
Today is not a good day. Our dog needed a vet visit because he was weak and not eating. Turns out he had blood and fluid throughout his abdomen due to cancer. He was an amazing friend and family member, and tomorrow’s issue will be somber but commemorative with lots of pupper pics. Hug your dogs!
Reposted by techy
You've got to be a total wanker to name a law after yourself, and guess what!
www.chrisfarris.com/post/three-l...
www.chrisfarris.com/post/three-l...
Farris's Three Laws of Auto Remediation - Chris Farris
In this post, I present three laws of Cloud Security Robotics with homage to a SciFi great.
www.chrisfarris.com
December 17, 2024 at 12:09 AM
You've got to be a total wanker to name a law after yourself, and guess what!
www.chrisfarris.com/post/three-l...
www.chrisfarris.com/post/three-l...
Reposted by techy
love these looks from Proper Cloth's new lookbook titled "New Ivy." even the grey shetland knit with black jeans and small dress watch looks great.
December 15, 2024 at 3:49 AM
love these looks from Proper Cloth's new lookbook titled "New Ivy." even the grey shetland knit with black jeans and small dress watch looks great.
Reposted by techy
DeFi platform Radiant Capital says North Korean hackers were behind the theft of over $50 million worth of assets from its servers in October this year.
Radiant says it was hacked after an employee opened a malicious file received from a former contractor via Telegram: medium.com/@RadiantCapi...
Radiant says it was hacked after an employee opened a malicious file received from a former contractor via Telegram: medium.com/@RadiantCapi...
Radiant Capital Incident Update
2024–12–06
medium.com
December 10, 2024 at 11:38 AM
DeFi platform Radiant Capital says North Korean hackers were behind the theft of over $50 million worth of assets from its servers in October this year.
Radiant says it was hacked after an employee opened a malicious file received from a former contractor via Telegram: medium.com/@RadiantCapi...
Radiant says it was hacked after an employee opened a malicious file received from a former contractor via Telegram: medium.com/@RadiantCapi...
Reposted by techy
Reposted by techy
zizmor would have caught the Ultralytics workflow vulnerability https://blog.yossarian.net/2024/12/06/zizmor-ultralytics-injection #security #oss
December 6, 2024 at 5:40 PM
zizmor would have caught the Ultralytics workflow vulnerability https://blog.yossarian.net/2024/12/06/zizmor-ultralytics-injection #security #oss