Oh shoot. Madoka Magica is on Netflix. Time to warp some minds.
You're all like WAT, A WEEB SHOW?
Fine, go watch it. It's just some magical girls fighting evil, nbd
*without your children present.
Wherein we ask the age old question, "but what would really happen if you gave a bunch of 15 year old girls superpowers and told them to fight "evil"?"
• • •
Missing some Tweet in this thread? You can try to
force a refresh
I love @SouthwestAir *tons*, but flying into O’Hare instead of Midway is an awful experience. One baggage carousel for all flights in the crowded international arrivals, and not even anywhere to get a bottle of water while waiting after McDonalds closes. Midway is so much nicer…
Terminal 5 rideshare pickup is free for all chaos, too 😢😑
I don’t get people who bash Midway. It’s a really nice and manageable airport since the refurb. Great food, too.
Sometimes instead of blogging I feel like making a big old Twitter thread, so let's talk about Cobalt Strike for people only vaguely familiar (or misinformed) with the concept. Maybe I'll blog it later.
Cobalt Strike is an adversary enumeration tool used to train teams how to do incident response and threat hunting. It was made by a genius I genuinely like and will not disparage, Raphael Mudge. The first time I met him he flew across the floor air-guitaring in his dress clothes.
A lot of you are familiar with the easy-button hacking tool, Metasploit. Well, he made this shnazzy GUI for Metasploit called Armitage.
But, he realized it was still tough for a lot of defenders to get highly skilled Red Teams to train them. Or sommat, I'm not in his head...
One of the most talented young martial artists I’ve ever worked with burnt out and suddenly quit after a decade today. I’m reeling.
I don’t know if any teens at all read my account at all but like... if there are a bunch of adults really invested in mentoring you it’s... (1/x)
... totally okay to say you’re like, overwhelmed, need a break, you need to switch learning styles or speed, or just that you need more support.
Please don’t just give up and vanish because you don’t think you can meet our expectations, or because you think you messed up.
This goes for like your hobbies, infosec, hacking, whatever. Like, people who mentor can be self-centered jerks, but most of us really just want you to succeed - even if your measure of success changes over time! We are emotionally invested in you.
I don’t think people appreciate how effectively Darkside has been ramping up operations mostly under the radar for the last year. This was a very big “oops”. They were doing a really good job of decimating businesses, including infrastructure - and everyone has been really quiet.
Oh: “we don’t call threat hunting ‘threat hunting’ here when we do it, though”
I don’t care
You still have to do it if you want to catch stuff your automated detection misses
Your people had better know what to search for in reality when they need any education or references
WTF
Stop making ridiculous job titles and renaming common Cybersecurity terms just because it internal politics? All it hurts is your current and future analysts?
Every Cybersecurity monitoring organization today with any bandwidth available after detection automation and response not *performed by a hamster* should be doing the proactive task which is, in fact, called threat hunting.