Mastodawn

GeorgeVHulme Jul 27, 2025

evacide Jul 24, 2025

Another day, another conversation with the press team where I explain that I did not give the quote in that story and the whole thing is AI slop. This happens once every few weeks now.

GeorgeVHulme Jul 2, 2025

Mike Mimoso Feb 22, 2024

New on @Claroty Nexus from @George_V_Hulme -- what the #volttyphoon takedown means for critical infrastructure. https://nexusconnect.io/articles/volt-typhoon-takedown-highlights-critical-infrastructure-security-complexities

Volt Typhoon Takedown Highlights Critical Infrastructure Security Complexities

The Volt Typhoon takedown highlights the challenges the world faces in defending against such threats and the private industry/government collaboration that's necessary to succeed.

Nexus

GeorgeVHulme May 31, 2025

Patrick C Miller

May 31, 2025

A Love Letter to Embedded Systems by V. Hunter Adams https://hackaday.com/2025/05/28/a-love-letter-to-embedded-systems-by-v-hunter-adams/

A Love Letter To Embedded Systems By V. Hunter Adams

Today we’re going to make a little digression from things that we do to look at perhaps why we do the things that we do. This one is philosophical folks, so strap yourselves in. We’ve h…

Hackaday

GeorgeVHulme May 24, 2024

Show thread

Kevin Beaumont May 23, 2024

I got ahold of the Copilot+ software.

Recall uses a bunch of services themed CAP - Core AI Platform. Enabled by default.

It spits constant screenshots (the product brands then “snapshots”, but they’re hooked screenshots) into the current user’s AppData as part of image storage.

The NPU processes them and extracts text, into a database file.

The database is SQLite, and you can access it as the user including programmatically. It 100% does not need physical access and can be stolen.

GeorgeVHulme Aug 4, 2023

Appears Microsoft has decided to circle back to 1999 when it comes to dealing with its software vulnerabilities.

GeorgeVHulme Aug 3, 2023

Chris Sistrunk Aug 2, 2023

Check out this article¹ from
@George_V_Hulme @Claroty Nexus which discusses cyber security risks to the bulk electric system & how utilities are managing these risks, especially using the Idaho National Labs CCE methodology.

Quotes from yours truly.

For more reading, check out the findings from the 2023 NERC State of Reliability Technical Assessment² and INL CCE³.
__
¹https://nexusconnect.io/articles/bulk-power-system-risks-span-complexity-vulnerabilities-advanced-actors
²https://nerc.com/pa/RAPA/PA/Performance%20Analysis%20DL/NERC_SOR_2023_Overview.pdf
³https://inl.gov/cce/

GeorgeVHulme Aug 3, 2023

If you're an employer and have to force employees into the office through mandates, maybe you should ask yourself why you have to drag your workers back into the environment you created.

GeorgeVHulme Jul 19, 2023

Number of Victims Breached Via MOVEit Zero-Day Keeps Climbing

https://www.databreachtoday.com/number-victims-breached-via-moveit-zero-day-keeps-climbing-a-22573

Number of Victims Breached Via MOVEit Zero-Day Keeps Climbing

How bad is the breach of the MOVEit zero-day to businesses, government agencies and their customers? The short answer is that the known fallout from the Clop

GeorgeVHulme Jul 14, 2023

I just paired my smart watch to my coffee cup. What an age to be alive.

GeorgeVHulme Jul 13, 2023

Still true

Current work	SecurityBoulevard, DarkReading, DigitalCxO, DevOps.com, others
Muckrack Profile	https://muckrack.com/george-v-hulme