RogueShoten

@[email protected]
24 Followers
45 Following
13 Posts
Show threadRogueShotenNov 14, 2023
@taylorlorenz If you provided the name, “Bobbi Storm,” and asked me to guess her profession…”Gospel singer” would not have been on my list of guesses…
Show threadRogueShotenOct 24, 2023
@Chirael Finally, a lock that I can non-destructively open with a crowbar!
Show threadRogueShotenSep 20, 2023

@Balmy4285 That’s not how CTI works… “chatter” is intercepts from signals intelligence, something that doesn’t exist in CTI. Sure, criminals talk in forums, but they don’t coordinate their activities there.

CTI is about identifying the overall trends in attacker behavior and TTPs so that you can consider what parts of your own organization may become “interesting” to bad actors in the near future. But it’s not like you get some indication that someone is planning something specifically aimed at you.

Also, you never stop doing CTI to do other blue team activities, any more than the NSA or G-2 shut down when the military prepares to defend against an attack. It’s not an either/or kind of thing in either context. The two actually feed into each other, if you’re doing it right.

Show threadRogueShotenSep 20, 2023
@godlessmom He was a darling of the “manosphere,” going back to long ago, so I’m not sure that it’s a pivot as much as leaning on the part of his base that he knows won’t abandon him.
Show threadRogueShotenDec 29, 2022
@InfoSecSherpa NGL, I would try them. But that might be a side effect of living in Japan where the potato chips with crazy flavors are usually quite good…
RogueShotenDec 25, 2022

Overheard here in Tokyo:
(In Japanese)

“I’m so tired of Mariah Carey.”

RogueShotenDec 19, 2022
@SeanWrightSec it’s not underestimation as much as slack-jawed awe at the sheer audacity. Like going to a Van Gogh exhibition: you know you’ll be floored by the majesty of it, but that doesn’t keep you from being floored.
Show threadRogueShotenDec 19, 2022
@jasonelrod as the leader of a red team at a large MNC I agree with this. But there’s another approach: I started as a penetration tester a million years ago, and later transitioned to doing a variety of work; I was purple before it was a team color. And I found that having the offensive experience was invaluable for defensive projects. So red team skills can be viewed as an investment towards more options down the road, rather than a direct line to maximizing compensation in the near term.
RogueShotenDec 19, 2022
All it seems to be is a rudimentary SAST scanner that happens to be able to parse Jupyter notebooks? And then they’re calling it a novel way to defend AI? Am I reading that right?
Show threadRogueShotenDec 8, 2022

@adschina “Amnesty International is all up in our shit about…everything…what should we do about it?”

“Let’s hack the one chapter that’s in the same country as Citizen Lab!”