Running automatic CTI sources monitoring with Hermes Agent from Nous Research using GLM 5.1 (via ollama-cloud). Automatic monitoring of a list of provided sources + LLM summaries + IoC parsing and alerting via Discord integration.

Everything runs directly from the shell via local agents - no frontend, no hassle.

Total of 2 hours of work, half of which was fighting with a misconfiguration of my local Gitea server. Hermes + GLM 5.1 is really powerful; I'm quite impressed.

Adding keywords/threat actor monitoring, and IoC acquisition and monitoring tomorrow. In the future, maybe also automatic modeling, because why not.

I tried to do something similar as a web app for months, but there was too much hassle fighting with UI quirks. This is much better.

#threatintelligence #cti #llm #artificialintelligence #hermesagent #agenticcti

RE: https://infosec.exchange/@zaufanatrzeciastrona/115378472259147919

Moja prelekcja z zeszłego roku z Oh My Hack, jeżeli ktos jeszcze nie widział. Niestety w tym roku nie będzie dane mi być na konferencji, ale nie wątpię, że będzie niesamowicie soczysta jak co roku.

📣 NEW VIDEO ALERT!

I've resurrected my YouTube channel to dive into Prompt Lock ransomware. Discovered by ESET and branded as "first known AI-powered ransomware.", it caused a lot of buzz in the media earlier this year.

Even though this was exposed just as a Proof-of-Concept, I was curious how it would perform in the lab environment. I didn't see anyone actually testing this malware before so, I've done just that. Does it live up to the hype? Is AI-driven ransomware the future of threat?

Spoiler alert: It failed miserably. 🤯

In this video, we go deep into the reverse engineering:

Setting up the lab: Using LMStudio and Burp Suite to successfully proxy the malware's Ollama API calls to a local LLM server.

Watching it run: We analyze the verbose Lua script generation chain in real-time.

The Flop: We uncover the hilarious and critical failure points, including massive LLM hallucinations where it invented sensitive files (Resumes, Bank Statements, Medical Records) that didn't exist, and completely botched the final ransom note!

This highlights the critical limitations of integrating LLMs into live exploit chains.

Watch the full breakdown and the spectacular failure here: https://www.youtube.com/watch?v=-qex_aqN3LA

#Cybersecurity #Ransomware #AI #LLM #MalwareAnalysis #ReverseEngineering #PromptLock #ThreatIntelligence #MalfindLabs

You can watch my presentation from the yesterday's Not The Hidden Wiki "Hackuj Dobroczynnie" (Hack for good) event below.

In this presentation I'm talking about how to use LLMs equipped with MCP to power up your malware reverse engineering.

In the live demo, I'm showing how to use Google's Gemini-CLI to reverse engineer a sophisticated APT backdoor.

https://www.youtube.com/watch?v=NDA-bSo5wxc

#reverseengineering #malware #malwareanalysis #ai #llm #google hashtag#gemini #vibecoding #vibere #vibereversing

Microsoft, what in seven hells is that? This just randomly popped up on my screen, and yes it's animated.

Also how cool is the fact that according to Microsoft I need to throw away my $5k PC just because I don't have TPM module (yes I know there are workarounds)