Yesterday folks got a phishing email for a fake DMCA report-- myself included. Caught me at a good time so I could record poking at the scam and the malware it leads to: ultimately infostealer malware (the usual) from a fake domain & clearly AI slop site: piped.video/IzKjL16-sgY

Black Friday Comes Early 🦃 Code "BlackFriday25" active NOW for 25% off ALL courses on Just Hacking Training including Constructing Defense 2025! Excludes already discounted Bundles. Expires Nov 30 at Midnight ET.

Window Batch Malware Analysis! x.com/i/broadcasts/1zqKVdbQQ…

There's an open role for a Staff CTI Analyst on my team here @HuntressLabs 📢💫 ✨Do you love doing correlations between different incidents, sometimes digging into them, or doing malware analysis? ✨Do you like doing data analysis, and using this to make threat reports? 👇

and shoutout to @wbmmfq for his sweet work tracking some more domains for this on @ValidinLLC and finding the server.js backend code! 🔥

The 2025 SANS #HolidayHack Challenge launched about an hour ago! Come have some fun building cybersecurity skills in this free @SANSInstitute gift to the community. sans.org/holidayhack New micro-challenges, new gamified world, new music, new game dynamics! Check it out!

Good morning! ☀️ #GootLoader woke up and chose violence (again) Grab your coffee, this one's JUICY 💣 huntress.com/blog/gootloader…

just bought another domain name that i didn't need 💪

I had some time to work on the RE Rust Tickler challenges from @HuntressLabs recent CTF. Specifically, I wanted to focus on @vector35 Binary Ninja's TTD implementation Over weekend I made some quick write-ups on how I approached these easier challenges. github.com/Rurik/CTF/tree/ma…

What happens when you put 30,000 hackers in one place? Welcome to DEF CON, the world's largest hacking convention. From picking locks, to hacking cars, to meeting LEGENDS like Kitboga and the creator of Wireshark; this wasn't just a conference... it was hacker Disneyland. I even got to film inside villages where cameras usually aren't allowed. Watch what happened HERE: piped.video/qFsj6KL8_nU @defcon @packetpioneer @JackRhysider @Kitboga @_JohnHammond @0dayCTF @rez0__ @Rhynorater @DanielMiessler @Jhaddix @Cyb3rMaddy @endingwithali

today.

Packed classroom for live and in-person training 🤩😁😎

And a HUGE thank you to @runpanther for sponsoring this video! Take control of your security operations with Panther -- you can ditch legacy SIEMs and embrace an AI-driven, autonomous and engineer-first SOC platform and solution: jh.live/panther

Off the tails of a recent NightShade C2 writeup, experimenting with building a "UAC prompt bomb" (... best YouTube video title I could ask for 😅(plz dont ban me)) repeatedly asking for admin privileges -- short & sweet in just a line of PowerShell! Video: piped.video/JpWbytYrL2s

This looks like a super cool competition -- ginormous prize pool for one thing, and it's legitimate AI security, not just the cute stuff. And another staggered rollout style! Looks like it starts at the beginning of November with new content each week. Another to add to the list!

Kinda wild we're in the last few days of the month and Huntress CTF is wrapping up soon 🤯 ~11,672 players (new record) ~6,720 teams (new record) Lots of challenges released throughout the month (including my personal favorite of the ones I created, "My Hawaii Vacation"😝), check back in if you haven't for some more malware, forensics, OSINT, reverse engineering, etc.. The feedback form is available now for folks who have been playing along with our month-long game. Player certificates will be available at the start of November. We will leave the infrastructure up for a week or so for folks to still have access for writeups or tasks they want to revisit. If you haven't took a look back at the CTF for a bit, jump in before the end of the game! :) ctf.huntress.com

Welcome to our live show! x.com/i/broadcasts/1lDxLBNVl…

oh shoot i forgot to tag my job again sorry @HuntressLabs

hey hi hello we've been seeing summa dat WSUS sussy baka CVE-2025-59287 remote code execution exploitation windows servers with WSUS ports 8530 & 8531 exposed ( -- why?) getting point-and-shoot popped from a POC already public huntress.com/blog/exploitati… prolly limited ITW exploitation because those ports shouldn't be exposed but 4 incidents so far from last night patch your potatoes, IOCs and Sigma rule in da blog

Special thanks to @NotNordgaren for sharing cool knowledge, stories, and resources with #TISU cohort 7 and for helping to elevate our game this semester!!