i spent the weekend researching mac os x Aqua interface elements, and stumbled upon this classic collection of #OSX icons from 2000.

in the early 2000s, PixelJerk aka Samuel Krueger was one of the first to publish high-quality Aqua-themed icons for the new Mac OS X operating system.

few other icon designers demonstrated such skill and creativity with their icon sets.

it took the entire day, but i (by hand) converted each of these 200 Macintosh Icon format files into PNG and ICNS formats used in modern macOS. 😓

pixeljerk.com has been offline for 20 years... huge thank-you to macmonkies.com for keeping the only copy of these icons that exists on the web!

macOS version:
https://rootmarm.com/pixeljerk_icons/PixelJerk_macOSX_ICNS.zip

png version:
https://rootmarm.com/pixeljerk_icons/PixelJerk_PNG.zip

macintosh system7/8/9 version:
https://rootmarm.com/pixeljerk_icons/pixeljerk_pack_macintosh.zip

mac garden entry:
https://macintoshgarden.org/apps/pixeljerk-os-x-aqua-icon-collection

My colleague @r00tbsd wrote an awesome tool for parsing pesky malicious .one files we ( @volexity ) have been seeing around lately:

https://github.com/volexity/threat-intel/tree/main/tools/one-extract

If you wanna analyze these files in bulk, look no further!

I wrote a small Python library to extract metadata and embedded files in a #OneNote documents (.one). The OneNote file format is not really documented but it seems to work on the files I tested.

It is published on the @volexity GitHub repository: https://github.com/volexity/threat-intel/tree/main/tools/one-extract
It can be used in #standalone or included easily on any #pipeline.
#CTI #threathunting #maldoc #maliciousdocuments

Our monthly Intelligence Insight for January is out!

https://redcanary.com/blog/intelligence-insights-january-2023/

We saw a ton of testing at the end of the year which we think boosted Mimikatz & BloodHound pretty high on our trending threats list.

We observed increased #ProxyNotShell exploitation of Exchange servers at the end of the year & have shared some thoughts on that as well!

Fleet's head of security, Guillaume, shows us his top 10 day-to-day osquery tables 😎

Having access to information is one thing. Knowing why it's essential is another 🚀

Find Fleet's guide on osquery tables here:
https://fleetdm.com/tables/

I wanted to take a few moments and apologize to many of my former students.

In the past I said the industry needs people who look at security as a vocation and an avocation.

I was wrong.

Have a life outside of this industry.

Have hobbies that have nothing to do with your computer.

Get outside.

The problems of the industry are not problems of people not working hard enough.

They are not problems of people not being "hard core" enough.

They are problems of education and resource prioritization.

I was wrong.

I am sorry.

Stop breaking yourself on rocks for people who don't really care if you break yourself on rocks.

Douglas Adams' three rules of technology are great examples of normalization of deviance:

1/ Anything that is in the world when you’re born is normal and ordinary and is just a natural part of the way the world works.

2/ Anything that's invented between when you’re fifteen and thirty-five is new and exciting and revolutionary and you can probably get a career in it.

3/ Anything invented after you've turned thirty-five is against the natural order of things.