Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
John Hammond Profile picture
John Hammond
@_JohnHammond
Cybersecurity Researcher @HuntressLabs || Just Hacking Training @JustHackingHQ w/ @ethicalhacker || https://t.co/UtsNJiyQtS || https://t.co/narO3sz7y6
Aug 12, 2024 31 tweets 12 min read
Luke shared the URL from the original phishing email with me, so I'd like to showcase it a bit.

Planning to record a video to walk through it, but don't have a chance to record for the next few hours... so will roll with a Twitter/X thread for now 🧵
Image I won't show the full URL, but here's the big link redacted and defanged.

Cutesy that it is from a SendGrid tracking link. Obviously a juicy treat for attacker to be able to mass spam emails with a trusted/common delivery service like SendGrid, and a perk of click tracking. Image
Jul 19, 2024 11 tweets 4 min read
A thread of new domains following the CrowdStrike catastrophe: 🧵 clownstrike[.]co

Presumably selling legitimate merchandise for this 😂
Image
Image
Jul 19, 2024 7 tweets 3 min read
CrowdStrike Falcon agents are imploding right now and causing a Blue Screen of Death boot loop on every endpoint. Reports of massive outages globally.
reddit.com/r/crowdstrike/… I'd love to be able to see their messaging, but it is behind a login.
Image
Image
Jun 7, 2024 28 tweets 15 min read
ok lets go Image I set up Recall in an Azure VM with AmperageKit, which seems like the easiest thing to get going so far.

1. Ensure you have a Microsoft account so you can login at login.live.com
Image
Oct 11, 2023 10 tweets 4 min read
curl/libcurl HIGH CVE-2023-38545 seemed to have a patch diff out early?
gitlab.com/redhat/centos-…
Image This is the vulnerability that had curl maintainers cut an early release, slated for October 11.
github.com/curl/curl/disc…
Jan 1, 2023 18 tweets 10 min read
Want to know what a YouTube channel with half a million subscribers looks like behind the scenes?

As we're cruising into 2023 and the new year, I'd like to peel back the curtain.

I want to be as transparent as possible here, in the hopes that this might help other creators. 🧵 This year in 2022, I uploaded ~170 videos, with most being released in the latter half of the year.

Trying with a certain of amount of grace and dignity, I did lean into the "cringy" thumbnails with the exaggerated expressions or more modern titles.
Sep 21, 2022 7 tweets 5 min read
"Would you like to earn millions of dollars $$$ ?"
Aug 29, 2022 10 tweets 5 min read
Today I got a notification on my phone that YouTube had sent me a copyright report, claiming one of my videos violated copyright and my channel was going to receive a strike.

Except, my video didn't violate copyright. And YouTube didn't really send me a copyright report. ImageImage Turns out, pikkunovuriij[@]gmail[.]com sent me this fake copyright claim PDF. It was easily recognizable as bogus (especially since that video is me just recording my screen showing how to install a free Linux distribution in a virtual machine), but, thanks for the fun.
Jun 2, 2022 7 tweets 3 min read
Since ms-msdt: is now readily detected and the conversation has changed to search-ms: and some more staggered social engineering tricks, here is a useless thread on a silly thing tricksters might be able to pull off with some of the new fun things we have learned: 🧵 1. Stage an HTML webpage with the dumbo "IMPORTANT SECURITY UPDATE" pretense, with the cheesy Microsoft logos and arrows and all the nonsense that fools your grandparents
1a. Use JavaScript in the HTML page to force a drive-by-download/http-smuggler-whatever you want to call it.