Jimmy Wylie

@[email protected]
1,073 Followers
476 Following
417 Posts
Distinguished Malware Analyst at Dragos. Lead #Malware Analyst on TRISIS and PIPEDREAM. Spend my time searching for and tearing apart #ICS threats.
BlueSkyhttps://bsky.app/profile/mayahustle.com
LinkedInhttps://www.linkedin.com/in/jimmywyliejr
Twittodonhttps://twittodon.com/share.php?t=mayahustle&[email protected]
Twitterhttps://twitter.com/mayahustle
Jimmy WylieFeb 19

I earned my first CVE credit (CVE-2025-7676) for helping with a Windows ARM vuln. So, to commemorate the credit, @reverseics presented me last week with a Trophy of Perpetual Futility, because there’s always more work to do.

https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/refs/heads/main/2025-04.txt

Jimmy WylieFeb 10

I've spent a lot of time reversing ICS malware. Recently, I've been building it with AI tools. While there's been plenty of commentary and news about AI and malware, I'm excited to share what I learned actually trying to build some at S4x26.

Stage 2, Feb 24, 12pm.

Jimmy WylieDec 16

I spent a couple months arguing with Claude and Copilot while building FrostyGoop variants for DNP3 (and Modbus), keeping detailed notes on what worked and what didn't. At S4, I'll share my honest assessment: where these tools actually help, where they fail, and how much skill an attacker needs to make them useful.

See you in Miami!

#ICS #malware #otsecurity

Jimmy WylieOct 27

I'm speaking at S4x26 on creating a FrostyGoop-style tool using AI. This experiment has been a good avenue to explore a few questions like:

How much does AI know about ICS protocols?

Does AI truly lower the barrier for entry? If not, is that an AI limitation or am I just "holding it wrong"?

Is it shortening my development time? Or just solving some problems but creating new ones for a net-zero time benefit?

More simply, how easy is it?

I'm excited to share what I learn come February.

#ics #otsecurity

Jimmy WylieOct 10

In ICS, malware analysis can feel like archaeology. I started the week with a 13 year old sample and ended the week with @secureloon pinging me about an 18 year old sample.

So, save your old Windows ISOs and VMs, you might need them!

(I couldn’t think of a picture, so here’s an image from an old show that probably planted the seed for me to become a malware analyst.)

Jimmy WylieOct 8

Thanks to CYBER.SEC.CON / HOU.SEC.CON for having us last week. (and for a really unique speaker gift!) The conference has grown into a valuable industry event, and I enjoyed catching up with folks I haven't seen in quite some time. I'm looking forward to the next one!

ICYMI we posted resources from our talk here:
https://gist.github.com/mayahustle/9b686d46f531dced43e65d1150e84ff6

#ICS #otsecurity #houseccon

Jimmy WylieSep 3, 2025

Sam Hanson and I are speaking at HOU.SEC.CON. on hunting for Python and Go ICS-related malware. You'll walk away with playbooks for approaching these kinds of malware, and stories about malware we found this year targeting ICS. The talk is on October 1st, at 1 p.m., Track 1. I hope you can make it!

#ICS #OTSecurity #houseccon

Jimmy WylieAug 25, 2025
My reading list for the rest of the year, inspired by DEFCON 33 and the starting chapters of the first book:
- Microcontroller Exploits - Goodspeed
- Hack to the Future - Crose
- Hardware Hacker - bunnie
- Hardware Hacking Handbook - Van Woudenberg + O’Flynn
- Art of Mac Malware (Vol 1+2) - Wardle
Jimmy WylieAug 18, 2025

You want @hermit (ackmage) on your team. If you know of anything, send it their way.

Original post: https://bsky.app/profile/did:plc:n742yekmk7d4zmgw6tr6rwgi/post/3lwp2lluu3k23

Jimmy WylieAug 15, 2025
Played “In the Footsteps of Marie Curie” tonight. More of a family game, light on the strategy, easy playing. Good one for folks just getting into independent #boardgames