hashp4

Have you noticed that those deep-dive stories about complex Windows malware have pretty much vanished, especially in recent years? It feels like the era of "blockbuster" Windows malware has just gone silent, and this blog post tries to give some answers why. https://t.co/sFsf3uPm5o

We were contacted by a journalist at Le Parisien newspaper with this prompt: > I am preparing an article on the use of your secure personal data phone solution by drug traffickers and other criminals. Have you ever been contacted by the police? Are you aware that some of your clients might be criminals? And how does the company manage this issue? Absolutely no further details were provided about what was being claimed, who was making it or the basis for those being made about it. We could only provide a very generic response to this. Our response was heavily cut down and the references to human rights organizations, large tech companies and others using GrapheneOS weren't included. Our response was in English was translated by them: "we have no clients or customers" was turned into "nous n’avons ni clients ni usagers", etc... GrapheneOS is a freely available open source privacy project. It's obtained from our website, not shady dealers in dark alleys and the "dark web". It doesn't have a marketing budget and we certainly aren't promoting it through unlisted YouTube channels and the other nonsense that's being claimed. GrapheneOS has no such thing as the fake Snapchat feature that's described. What they're describing appears to be forks of GrapheneOS by shady companies infringing on our trademark. Those products may not even be truly based on GrapheneOS, similar to how ANOM used parts of it to pass it off as such. France is an increasingly authoritarian country on the brink of it getting far worse. They're already very strong supporters of EU Chat Control. Their fascist law enforcement is clearly ahead of the game pushing outrageous false claims about open source privacy projects. None of it is substantiated. iodéOS and /e/OS are based in France. iodéOS and /e/OS make devices dramatically more vulnerable while misleading users about privacy and security. These fake privacy products serve the interest of authoritarians rather than protecting people. /e/OS receives millions of euros in government funding. Those lag many months to years behind on providing standard Android privacy and security patches. They heavily encourage users to use devices without working disk encryption and important security protections. Their users have their data up for grabs by apps, services and governments who want it. There's a reason they're going after a legitimate privacy and security project developed outside of their jurisdiction rather than 2 companies based in France within their reach profiting from selling 'privacy' products. https://t.co/uWVPGoiEUs Here's that article: https://t.co/5TvYFemejg

Once in a blue moon as a red teamer, we encountered environments with canary technology deployed across their infrastructure. The tables flipped. Blue teams caught us immediately. Canary technology uniquely detects adversaries by exploiting their behavior - digital assets with no legitimate use that trigger immediate, high-fidelity alerts when interacted with. However, most organizations struggle to extract these benefits. Existing canary solutions don't provide the primitives, token catalog, automation, and tooling needed for deployment and management at scale. They require dedicated security engineers to own and maintain. As a result, high-fidelity detection has remained reserved for the most mature security teams. For organizations already utilizing canary technology - did it catch your last red team engagement? Today we're launching DeceptIQ - the cloud-native canary technology platform built from first principles. We looked at enterprises who successfully deployed canary technology - what they did, what worked, what they wanted. Coupled with our experience as adversaries, we rebuilt the tried and tested concept from first principles. We spent eight months researching how to fingerprint our own tokens, then doing it again and again. The result: the most comprehensive, configurable, scalable canary token platform available. over 15 new canary token providers designed to exploit adversary behavior - including 5 ephemeral that each scale to over a million an hour, and 10 new persistent canary tokens. API-first deployment integrates with custom canary channels to enable visibility and deployment of canary tokens across Kubernetes, CI/CD pipelines, MDM platforms, and many more - at scale! Our success metric: would we catch ourselves on a red team engagement? With today's launch, we believe we can. We built DeceptIQ to be what we wish every organization we compromised had in place.

I’m turning 41, but I don’t feel like celebrating. Our generation is running out of time to save the free Internet built for us by our fathers. What was once the promise of the free exchange of information is being turned into the ultimate tool of control. Once-free countries are introducing dystopian measures such as digital IDs (UK), online age checks (Australia), and mass scanning of private messages (EU). Germany is persecuting anyone who dares to criticize officials on the Internet. The UK is imprisoning thousands for their tweets. France is criminally investigating tech leaders who defend freedom and privacy. A dark, dystopian world is approaching fast — while we’re asleep. Our generation risks going down in history as the last one that had freedoms — and allowed them to be taken away. We’ve been fed a lie. We’ve been made to believe that the greatest fight of our generation is to destroy everything our forefathers left us: tradition, privacy, sovereignty, the free market, and free speech. By betraying the legacy of our ancestors, we’ve set ourselves on a path toward self-destruction — moral, intellectual, economic, and ultimately biological. So no, I’m not going to celebrate today. I’m running out of time. WE are running out of time.

Excited to share our latest research on APT37(a.k.a ScarCruft, Ruby Sleet, and Velvet Chollima)’s new infection chain and C2 operation: 1⃣ Initial Access: Leveraging LNK and CHM files to deliver Rust-based and PowerShell-based malware. 2⃣ Post-Recon: Deployment of FadeStealer via a Python loader using Process Doppelgänging, followed by hands-on-keyboard activity. 3⃣ C2: A simple yet highly effective C2 script orchestrating the entire operation Please check this out: https://t.co/P9nUYObvz2

Stop talking about doing things and just do them. The incessant theory crafting about how to learn something, what the best books are, what courses to take, where the best place to learn etc... is tedious dithering. If you actually wanted to do it, you would be doing it. Endless talking isn't a strategy. You don't need another reddit thread, youtube deep dive or curated book list to get started. You are not researching, you are procrastinating. If you actually cared about doing the thing, you’d already be doing it. You romanticize the idea of doing something so much that you forget it actually requires effort. You are stalling because deep down, you know you won’t follow through. Now prove me wrong and actually start learning how to hack, or whatever it is you never shutup about wanting to do.