Lesley Carhart 

@hacks4pancakes@infosec.exchange
48.2K Followers
2.3K Following
20.8K Posts

I am eminently qualified to speak from experience about a variety of dumpster fires.

Director of Incident Response at Dragos, ICS cybersecurity person, @pancakescon organizer, martial artist, marksman, humanist, level 14 Neutral Good rogue, USAF retired. Speaker available for gigs.

Gin connoisseur. Rodent parent. Some dipshit from Chicago. Now an immigrant in Melbourne.

I post *very serious* things about infosec. Thoughts are entirely my own.

'they/them' 🏳️‍🌈  

Verified byhttps://fedified.com
Bloghttps://tisiphone.net
Instagram / Threadshttps://www.instagram.com/hacks4pancakes/
Mentoringhttps://calendly.com/lesleycarhart
Lesley Carhart 7h ago
Seriously I don’t know either, man. Maybe someone white in Congress should do something other than send fundraising emails.
Lesley Carhart 7h ago
Show threadChance 'Um10h ago
@noplasticshower Our country needs more people with his character and courage.
Lesley Carhart 7h ago
noplasticshower12h ago

Good for Krebs. I am disgusted with the Republican party.

https://www.wsj.com/politics/policy/chris-krebs-trump-cybersecurity-executive-action-31cb99cb

Lesley Carhart 7h ago
Harry Sintonen13h ago

Update your #Apple devices ASAP. Two vulnerabilities, CVE-2025-31200 and CVE-2025-31201, have been fixed: https://support.apple.com/en-us/122282

"Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS."

While iOS has been known to be targeted, the fixes are available for all Apple devices and should be installed as soon as possible.

#activeexploitation #CVE_2025_31200 #CVE_2025_31201

About the security content of iOS 18.4.1 and iPadOS 18.4.1 - Apple Support

This document describes the security content of iOS 18.4.1 and iPadOS 18.4.1.

Apple Support
Lesley Carhart 12h ago
Kit Bashir13h ago

The blacksmith put her hammer down. The apprentice had been dealing with a walk-in but wanted a word. “She wants us to do, what, boy?”

“Transplant an enchantment from a sword to a spade.”

“Why on Krull would someone want an enchanted spade?”

“Adventurer wants to retire to grow roses. Sword wants to retire, too.”

“Tell her okay. Goddess, we get all the weird jobs on Grunedays.”

“I think they’re sweet, boss”

#Tootfic #MicroFiction #PowerOnStoryToot

Lesley Carhart 13h ago
Show threadRachel Lee Nabors1d ago
@hrbrmstr Can I get all my news like this?
Lesley Carhart 13h ago
boB Rudis 🇺🇦 🇬🇱1d ago
#CVE
Show threadLesley Carhart 17h ago
🫠😂
Lesley Carhart 17h ago
Oh my god. Kevin!!! https://www.linkedin.com/posts/kevin-beaumont-security_the-cve-memes-are-flowing-activity-7318217220935831553-jIw0
The CVE memes are flowing | Kevin Beaumont | 35 comments

The CVE memes are flowing | 35 comments on LinkedIn

Lesley Carhart 21h ago
Lesley Carhart 1d ago
Hello everyone! I’m proud and honored to introduce my very first academic white paper through SANS, which discusses the nuances and needs for planning for #ransomware in OT / industrial networks. https://www.sans.org/mlp/ics-ot-malware-and-ransomware/?utm_medium=Email&utm_source=HL-Global&utm_content=1468901_Simple_Framework_Whp_image&utm_campaign=ICS_OT_Malware_Ransomware_2025&utm_rdetail=Global&utm_goal=Leads&utm_type=Global_Campaign&is=be394332d8ab70db9bb29b280bd08c2899042252f80b48f1e01cd5b75d22b1c1
A Simple Framework for OT Ransomware Preparation White Paper | SANS Institute

Your Guide for an OT-Specific Incident Response IT incident response plans aren’t built for the realities of ICS/OT environments. This white paper provides a practical, engineering-driven framework for developing ransomware response playbooks tailored to industrial environments —emphasizing life safety, operational continuity, and realistic ICS tabletop exercises. With a focus on cross-disciplinary collaboration and sector-specific threats, the guide outlines how to detect, contain, eradicate, and recover from ransomware attacks without compromising industrial operations. It also underscores the importance of treating response plans as living documents—continually tested and refined as environments and threats evolve.