Jake Williams

@[email protected]
8.4K Followers
257 Following
1.1K Posts
Breaker of software, investigator of incidents | GSE #150 | Faculty at IANS Research | Stuff: jake at malwarejake dot com | He/him
Jake WilliamsMar 14
Looks like doggo is getting ready to take flight :)
Jake WilliamsMar 10
Not a week passes that I don't find more evidence that Copilot was a rush job from Microsoft and has serious limitations for enterprises.
https://learn.microsoft.com/en-us/purview/dlp-microsoft365-copilot-location-learn-about
Jake WilliamsMar 9
I couldn't get rid of this pop-out without submitting an email, so I did the only responsible thing I could think of...
Jake WilliamsMar 6

That Iranian Navy ship we torpedoed had no ammunition on board because that was a requirement to participate in the MILAN 2026 exercise (organized by the Indian Navy).

The US Navy knew this because IT ALSO PARTICIPATED IN THE EXERCISE. What a national embarrassment.
https://newrepublic.com/post/207429/us-attack-iran-naval-ship

The Most Chilling Detail in the U.S. Attack on an Iranian Naval Ship

The Iranian warship was taking part in an international exercise with many other countries—including the United States.

The New Republic
Jake WilliamsFeb 28

RE: https://infosec.exchange/@malwarejake/116149477150967871

It's confirmed that Khamenei is dead. Intentionally killing a country's sitting leader, especially the religious leader in a theocracy, is NOT how you go about regime change.

This will NOT end well.
https://www.reuters.com/world/iran-crisis-live-explosions-tehran-israel-announces-strike-2026-02-28/

Show threadJake WilliamsFeb 28
Cyber may have been augmented by HUMINT or other sources, but it was almost certainly a decisive component of the targeting package.
Jake WilliamsFeb 28
Given reports that Israeli intelligence assesses Khamenei was killed, I assess with high (extreme) confidence that cyber was used to:
1. Confirm his location and direct the attacks.
2. Using collection on Iranian gov officials (e.g., email) reactions of the strike.
Jake WilliamsFeb 28

Iran is a theocracy. It is likely to stay a theocracy. There is no viable replacement for Khamenei that is friendly to the US/Israel.

Killing Khamenei takes us from bad to likely worse. The Iranian people don't want this and that's critical for regime change.
https://www.reuters.com/world/middle-east/prior-iran-attacks-cia-assessed-khamenei-would-be-replaced-by-hardline-irgc-2026-02-28/

Jake WilliamsFeb 28

I've already had questions from a FinServ client about Iran replicating Operation Ababil (2012-2013 DDoS targeting FS orgs).

My assessment is that is not likely to happen. Iran has limited capacity for cyberattacks and given the current situation, they have MUCH higher priorities for cyberattacks. Realistically, they are FAR more likely to use their limited cyber resources for intelligence collection instead of destructive attacks that would have limited impacts. They are likely unable to perform another Shamoon-style attack either, since that requires significant prepositioning. In any case, it's unlikely they have enough prepositioning in US orgs (especially FS) to create that type of impact.

One other note, is that FS orgs are in a much different position today to deal with any DDoS attacks that Iranian-linked threat actors might attempt. Operation Ababil was a wakeup call for the whole industry and they've definitely become more resilient to DDoS in the last decade+ since.

Jake WilliamsFeb 28

The administration is getting US service members killed over the fucking Epstein files. I am livid. I hope to live to see Hegseth and every other member of the administration enabling this hanging on a wall.

This is so triggering for my PTSD. Fuck man. This is not okay. I am not okay.