Founder & CEO of runZero (@runZeroInc - https://runzero.com), previously the founder and lead developer of Metasploit, a CSO, a consultant, and the head of various security research teams.
My work is focused on #infosec, #security, #networking, #discovery, #osint, #postgresql, #aws, #engineering, #opensource, #devops, and #startup stuff. For fun I write #golang, build #IoT projects, and #run in circles.
| Home | https://hdm.io |
| Github | https://github.com/hdm |
| Work | https://www.runzero.com/ |
| https://twitter.com/hdmoore | |
| Bluesky | https://bsky.app/profile/hdm.bsky.social |
| Signal | hdm.01 |
ATX Go is TONIGHT (a week early this month):
Hey gophers! Join us Wednesday (May 6th, today), 6:30β8:30pm at Station Austin (ie. Capital Factory) 16th floor, in "Antones" for our monthly meetup. You know the drill: π pizza, π» beer, and a few short talks on Go. Bring a talk, a friend, or an idea!
ATX Go is a week early this month, tomorrow night!
Hey gophers! Join us Wednesday, 6:30β8:30pm at Station Austin (ie. Capital Factory) 16th floor, in "Antones" for our monthly meetup. You know the drill: π pizza, π» beer, a few short talks on Go, and general discussion. Whether you write Go all day or just dabble on the weekends, come hang out and meet other folks in the Austin Go community.
RE: https://infosec.exchange/@runZeroInc/116493908814143481
Excited to share what we've been cooking for the last few months:
Interactive attack graphs, with hop-by-hop planning, support for over 220 protocols, and no-auth backplane enumeration to identify non-IP systems unauth over the network!
Our free trial includes a fun Demo Organization you can explore and converts into our free Community Edition at the end (with all of the same capabilities, just a lower asset limit)!
π¨ New runZero 4.9: Shatter the segmentation illusion and reveal hidden attack paths across IT and #OT environments!
Experience the power of our latest release:
π Interactive attack path mapping
ποΈ Multi-homed & bridge detection
πΊοΈ 2D/3D searchable topology
π§ Deep OT intelligence, including field-level discovery
π₯ Real-world risk prioritization
β
Identify protocol exposures
π» UI/UX enhancements
π Learn more at: https://www.runzero.com/blog/runzero-4-9
There is a bunch of buzz along the lines of "Apple FINALLY backports DarkSword related fixes to 18.x and will release this on April 1".
Based on publicly available information this is incorrect.
What Apple has actually done broadened the device models that are eligible to upgrade to iOS/iPadOS 18.
Per Google [1] every vuln in the DarkSword kit except for CVE-2026-20700 had already been patched in iOS 18 as of 18.7.3 which was released on Dec 12, 2025.
Per Apple [2], CVE-2026-20700 is not included in 18.7.7 which was released today.
Apple has placed an easy to miss note at the top of the release notes:
"We enabled the availability of iOS 18.7.7 for more devices on April 1, 2026, so users with Automatic Updates turned on can automatically receive important security protections from web attacks called Darksword. The fixes associated with the Darksword exploit first shipped in 2025."
Unfortunately I don't see an indication of which devices are newly eligible to upgrade to iOS/iPadOS 18.
References:
Google DarkSword writeup - https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
Apple iOS/iPadOS 18.7.7 release notes:
https://support.apple.com/en-us/126793
Network asset inventory is basically Frogger. πΈ You're hopping between subnets, dodging unmanaged devices, weaving through cloud instances, and just when you think you've made it across β some rogue IoT device runs you over from the lane you forgot to check. It's ex-HAUST-ing. And most of us are running on empty. That's why I wrote about runZero β built by Metasploit creator HD Moore, it finds and fingerprints every device on your network without credentials or agents. Three discovery methods. One unified inventory. And a completely free Community Edition for up to 100 assets.
Joseph Menn, renowned journalist & author of "The Cult of the Dead Cow," joins us for a special book signing event at RSAC! runZero and Mallory are thrilled to co-host a private book signing with renowned investigative journalist Joseph Menn during RSA Conference 2026! This is your chance to meet the man who writes the stories the industry talks about.
Join us to grab a signed copy:
Join author Caroline Wong for the release of "The AI Cybersecurity Handbook" at RSAC! runZero and Mallory are thrilled to co-host a private book signing with the AI cybersecurity strategist Caroline Wong during RSA Conference 2026! This is your chance to meet the woman Fortune 500 organizations are turning to for AI guidance on governance, risk, and resilience.
Space is limited. Register to request access to this event:
runZero, Inc
Tom Sellers