Brian Walter

@[email protected]
6 Followers
49 Following
23 Posts
Information Security professional. Runner. KY Colonel. Musician. @UofL & @BellarmineU MBA grad. Cat & Dog Daddy.
Brian WalterMay 24, 2025
Researchers deployed a GPT honeypot to catch bad actors abusing AI and wow, did it work. From fake app devs to phishing pros, turns out the bots attract all kinds of sketchy traffic.
#Cybersecurity
#Infosec
#honeypot
https://observablehq.com/@coalition-research-ws/gpt-honeypot-finding-the-needle-in-the-haystack
GPT Honeypot: Finding the Needle in the Haystack

Over the past 9 months, the research team at Coalition has been developing a process to streamline our identification of vulnerabilities being exploited in the wild. This blog post will take you on a deeply technical journey exploring why and how we built this, how we use it, and the results we're seeing in our mission to protect the unprotected. Why? Over time as computers have gotten faster and internet speeds have skyrocketed, threat actors have changed their methods. Sending a single request to every pu

Observable
Brian WalterMay 20, 2025

TeleMessage: for when you need “secure” government comms and don’t mind a casual 410GB heap dump showing up on DDoSecrets. It’s not a breach, it’s an archival service!

#signal #Cybersecurity #Infosec

https://micahflee.com/ddosecrets-publishes-410-gb-of-heap-dumps-hacked-from-telemessages-archive-server/

DDoSecrets publishes 410 GB of heap dumps, hacked from TeleMessage's archive server

This morning, Distributed Denial of Secrets published 410 GB of data hacked from TeleMessage, the Israeli firm that makes modified versions of Signal, WhatsApp, Telegram, and WeChat that centrally archive messages. Because the data is sensitive and full of PII, DDoSecrets is only sharing it with journalists and researchers. There's

micahflee
Brian WalterApr 29, 2025
75 #zeroday vulnerabilities exploited in 2024, with over 50% linked to #spyware attac
#Cybersecurity
Brian WalterApr 28, 2025
Dark Web Informer Apr 28, 2025

🚨🇺🇸USA Tax Service Database Access for Sale

A threat actor is offering access to a US-based Tax Service database containing highly sensitive financial and personal records.

🔸 Access Type: Database
🔸 Client Data:
 🔹 ~1600 clients
 🔹 ~450 IDs (Driver’s License, Passport, State ID – front and back)
 🔹 ~1000 Tax return entries
 🔹 ~500 Bank information records (including ~280 checks/proofs of ownership)
 🔹 ~240 Employment records
 🔹 ~3400 attached database files (1099s, W2s, tuition, mortgage docs, etc.)
🔸 25 employee/admin accounts

💰 Start Price: 2500$
⏳ Auction Step: 500$

Brian WalterApr 27, 2025

#NSA’s has some pretty interesting data acquisition programs 😳
Introducing Firewalk, the bidirectional network implant of your air gapped dreams
#Cybersecurity #Infosec

https://youtu.be/e8uT53Srk_E?si=Qwp9_yqC6UtUnGal

How NSA Can Spy on Air-Gapped Networks? Meet FIREWALK

YouTube
Brian WalterApr 24, 2025
Google’s like, ‘Nah, keep those third-party cookies, who needs privacy?’
Brian WalterApr 24, 2025
thejikzApr 24, 2025
S ure
H appy
I t's
T hursday
!
Brian WalterApr 24, 2025
Harry SintonenApr 24, 2025

You wouldn't download a font and music like Federation Against Copyright Theft and the Motion Picture Association of America did?

https://en.wikipedia.org/wiki/You_Wouldn't_Steal_a_Car#Copyright_concerns

You Wouldn't Steal a Car - Wikipedia

Brian WalterApr 24, 2025

New from Microsoft: Recall takes screenshots every few seconds.
Great for finding lost files…
Terrifying if you’re a hospital accidentally logging PHI.

Copilot+ PCs in healthcare?
Maybe let’s not chart patient data like it’s a Netflix binge recap.

#Cybersecurity #HealthIT #HIPAA

https://doublepulsar.com/microsoft-recall-on-copilot-pc-testing-the-security-and-privacy-implications-ddb296093b6c

Microsoft Recall on Copilot+ PC: testing the security and privacy implications

Last year, Microsoft announced Recall, a feature which screenshots your PC every few seconds, OCRs the screenshots and produces a searchable text database of everything you’ve ever viewed or written…

DoublePulsar
Brian WalterApr 23, 2025
AI can now go from “Here’s a patch” to “Here’s an exploit” in a single afternoon. GPT-4 and Claude Sonnet 3.7 debugged and delivered a working PoC for an Erlang SSH vuln—no Erlang degree required.
#CyberSecurity
#ai
#Infosec
https://www.theregister.com/2025/04/21/ai_models_can_generate_exploit/
Today's LLMs craft exploits from patches at lightning speed

: Erlang? Er, man, no problem. ChatGPT, Claude to go from flaw disclosure to actual attack code in hours

The Register