Bill21h ago

For those getting questions about Glasswing from their executives, give them this article.

https://tryaether.ai/blog/anthropic-glasswing-frontier-attack

While Everyone Watches Glasswing, Attackers Are Walking Through Your Front Door. - Aether AI

Aether AI's agents pressure test your attack surface continuously, across every attack vector, internally and externally. The same agents then dynamically generate the unique defensive signals required to protect your organisation at machine speed.

Show threadcR0w   21h ago

@Sempf Yeah, that's a no for me. My risk models remain unchanged.

He is right that AI gives us the catalyst and the tools.

Show threadBill21h ago
@cR0w When you say your risk models remain unchanged, does that mean you are not receiving pressure from management to change them due to Glass Wing, or that you already have and you're not changing them back?
Show threadScott Francis21h ago

@Sempf @cR0w "We have a different question. When did zero days become the threat you were supposed to be worried about?"

I mean, yeah, but also just because somebody is doing the basics poorly does not mean that advanced techniques are not *also* a threat. Many threats simultaneously! And some of them just became more risky and easier for attackers to leverage ...

Show threadcR0w   21h ago
@darkuncle @Sempf Easier for attackers means a potentially higher likelihood of occurrence, but it does not change the severity of impact. And while the likelihood does theoretically impact the risk score, for at least some orgs, it's minimal to no change when your adversaries are at the top of the field already. The rising tide of AI may be lifting all attackers' boats, but the high water mark remains the same, despite the industry continuously claiming a tsunami is coming. I just don't see it.
Show threadBill21h ago
@cR0w @darkuncle You should start a blog. Oh, wait.
Soatok Dreamseeker14h ago
Show threadcR0w   
@Sempf @darkuncle
Apr 9 at 6:44pmWeb
Show threadNosirrahSec 🏴‍☠️ guillotine enthusiast21h ago
@cR0w @Sempf @darkuncle I feel attacked.
Show threadAaron14h ago
@NosirrahSec @cR0w @Sempf @darkuncle Came here to say this.
Show threadScott Francis21h ago
@cR0w @Sempf I am in this picture and not sure how I feel about it
Show threadBill21h ago
@darkuncle @cR0w which one? I'm apparently the skeleton.
Show threadRob O 20h ago

@Sempf @darkuncle @cR0w This is pretty funny. I was literally having this conversation with a colleague (less technical, less security focus) a couple of hours ago. The gist:

Him: Anthropic's stuff is so cool! It's amazing at vulnerability discovery. It's going to revolutionize the way the attackers do their work. Just imagine, 0-days and full kill chains at the push of a button.

Me: Yeah, it does seem pretty cool, and I'm pretty happy I didn't take that job as a vulnerability researcher a while back... but how is this going to really change behavior when most of what we see exploited are unpatched N-days? Why would attackers need to waste money on this when they can just, say, ../ on a public, unpatched Ivanti box?

Show threadnixFREAK20h ago
@cR0w @Sempf @darkuncle lol yep I need to rig up a cattle prod or something else that hurts and have it on a timer to remind me.
Show threadmusing_sys🇨🇦19h ago
@cR0w @Sempf @darkuncle “wait…. Which one?”
Show threadDDR12h ago
me fr fr 😭
Show threadblami11h ago
@cR0w @Sempf @darkuncle this is so me. I bought domain in 2010, now I think blogs are already irrelevant
Show threadScott Francis11h ago
@blami @cR0w @Sempf I still write and read a lot but by the time I’d have time to do blog writing I’m too tired to computer anymore
Show threadcR0w   3h ago
@blami @Sempf @darkuncle I don't think they're irrelevant, they're just not as mainstream anymore. I actually value good blogs more now than I did a decade ago. I just keep forgetting I should take a step back and write out more long-form thoughts instead of hiding them in a series of shitposts.
Show threadvxo7h ago
@cR0w
Oh you mean that thing I put pictures of my cat on
@Sempf @darkuncle