Kevin Beaumont
@doublepulsar.com
cybersecurity weather man. scanning the horizons for cloudy cyber. Expert at nothing except computer rubbish. Anti-ransomware since 2015.
Gonna get down on the NFTs in the blockchain on the metaverse
November 11, 2025 at 1:18 AM
Gonna get down on the NFTs in the blockchain on the metaverse
these guys have $70m in VC investment and can't afford a graphic designer for a day
November 10, 2025 at 4:17 PM
these guys have $70m in VC investment and can't afford a graphic designer for a day
Can we all agree this Safe Security marketing is also embarrassing AF?
November 10, 2025 at 4:07 PM
Can we all agree this Safe Security marketing is also embarrassing AF?
This is spot on. Quantum’s gonna be the next cyber grift (again), after the bottom falls out of GenAI. www.linkedin.com/posts/nathan...
November 10, 2025 at 1:06 PM
This is spot on. Quantum’s gonna be the next cyber grift (again), after the bottom falls out of GenAI. www.linkedin.com/posts/nathan...
LinkedIn, pass the bong.
November 7, 2025 at 4:40 PM
LinkedIn, pass the bong.
LinkedIn has predictably gone full cyberslop.
November 7, 2025 at 10:32 AM
LinkedIn has predictably gone full cyberslop.
About 70% of orgs still haven't patched those Cisco ASA vulns btw. If I was a ransomware group I'd invest in n-day (old) Cisco ASA AnyConnect vulns, as vast majority of orgs don't bother patching as they're too busy having a mass wank about quantum and AI risks.
cyberplace.social/@GossiTheDog...
cyberplace.social/@GossiTheDog...
November 6, 2025 at 11:35 PM
About 70% of orgs still haven't patched those Cisco ASA vulns btw. If I was a ransomware group I'd invest in n-day (old) Cisco ASA AnyConnect vulns, as vast majority of orgs don't bother patching as they're too busy having a mass wank about quantum and AI risks.
cyberplace.social/@GossiTheDog...
cyberplace.social/@GossiTheDog...
If anybody is wondering that CBO.gov Cisco ASA box is offline now, if you try browsing to it via IP. It is on @shodanhq.bsky.social timeline mode.
November 6, 2025 at 11:31 PM
If anybody is wondering that CBO.gov Cisco ASA box is offline now, if you try browsing to it via IP. It is on @shodanhq.bsky.social timeline mode.
the data is public if anybody wants it, I haven't updated for a month github.com/GossiTheDog/...
November 6, 2025 at 11:11 PM
the data is public if anybody wants it, I haven't updated for a month github.com/GossiTheDog/...
Also aside from the research, the entire website is things like this.
November 6, 2025 at 8:53 PM
Also aside from the research, the entire website is things like this.
You know that crap MIT Safe Security Generative AI ransomware paper, which they deleted? Try asking any AI to analyse and it. Here’s ChatGPT:
November 6, 2025 at 8:51 PM
You know that crap MIT Safe Security Generative AI ransomware paper, which they deleted? Try asking any AI to analyse and it. Here’s ChatGPT:
Microsoft journey 2022-2027
November 6, 2025 at 10:07 AM
Microsoft journey 2022-2027
Here’s @malwaretech.com take. I encourage more people to look at the samples because, lol.
November 5, 2025 at 8:55 PM
Here’s @malwaretech.com take. I encourage more people to look at the samples because, lol.
PromptLock, AI ransomware sample, is not a real ransomware sample. It was actually an academic study, it doesn't work, ESET got called out for a few months ago by me for saying it was the first AI ransomware. It's also widely detected out of box. Google mention it's a PoC, but don't give detail.
November 5, 2025 at 4:05 PM
PromptLock, AI ransomware sample, is not a real ransomware sample. It was actually an academic study, it doesn't work, ESET got called out for a few months ago by me for saying it was the first AI ransomware. It's also widely detected out of box. Google mention it's a PoC, but don't give detail.
FruitShell is also crap and has widespread detection.
November 5, 2025 at 4:02 PM
FruitShell is also crap and has widespread detection.
Just to be clear, PromptSteal presents 0 real world threat. Existing detects catch it. Even static YARA rules from months ago catch it.
November 5, 2025 at 4:00 PM
Just to be clear, PromptSteal presents 0 real world threat. Existing detects catch it. Even static YARA rules from months ago catch it.
PromptSteal is similarly crap. It isn't even covert - it's got a user interface for the user, and even asks users to do things. It's not new, it's been around for 5 months, and every major vendor has detected it for the duration.
November 5, 2025 at 3:59 PM
PromptSteal is similarly crap. It isn't even covert - it's got a user interface for the user, and even asks users to do things. It's not new, it's been around for 5 months, and every major vendor has detected it for the duration.
Google do a really good job of stating outright PromptFlux is not a threat, by the way, but everybody will ignore that. They aren't doing the cyberslop thing with that one.
November 5, 2025 at 3:57 PM
Google do a really good job of stating outright PromptFlux is not a threat, by the way, but everybody will ignore that. They aren't doing the cyberslop thing with that one.
PromptFlux even has good static AV detection, and this applies going back in time too. It's actually almost 6 months old, titled "crypted_pw-free-online" and some crap from a forum, and has caused 0 damage.
November 5, 2025 at 3:55 PM
PromptFlux even has good static AV detection, and this applies going back in time too. It's actually almost 6 months old, titled "crypted_pw-free-online" and some crap from a forum, and has caused 0 damage.
With PromptFlux - it doesn't actually work. Which is a big one. It's also already widely detected across all major vendors, out of the box (I've just been looking at historic telemetry). It's just testing.
November 5, 2025 at 3:53 PM
With PromptFlux - it doesn't actually work. Which is a big one. It's also already widely detected across all major vendors, out of the box (I've just been looking at historic telemetry). It's just testing.
Even Google Gemini is not having it
November 4, 2025 at 1:17 PM
Even Google Gemini is not having it
Average company PR department rewriting this if it was cyber incident
Louvre heist carried out sophisticated nation state attackers. We take your security very seriously and are installing advanced locks. There is no evidence anything was taken at this time.
Louvre heist carried out sophisticated nation state attackers. We take your security very seriously and are installing advanced locks. There is no evidence anything was taken at this time.
November 3, 2025 at 10:37 PM
Average company PR department rewriting this if it was cyber incident
Louvre heist carried out sophisticated nation state attackers. We take your security very seriously and are installing advanced locks. There is no evidence anything was taken at this time.
Louvre heist carried out sophisticated nation state attackers. We take your security very seriously and are installing advanced locks. There is no evidence anything was taken at this time.
This isn't inviting academic feedback, IMHO.
November 3, 2025 at 4:25 PM
This isn't inviting academic feedback, IMHO.
This is complete nonsense. This is their own website, where I got the PDF from. They never presented it as they just described. archive.ph/SckSr
November 3, 2025 at 2:52 PM
This is complete nonsense. This is their own website, where I got the PDF from. They never presented it as they just described. archive.ph/SckSr
