Adrian Sanabria

@[email protected]
2K Followers
286 Following
2.4K Posts

🎙️ Enterprise Weekly Podcast
🤝 Founder @bsidesknoxville
🗣️ Faculty @IANS_Security
🕵️ Security Research
🍳 Cooking
⛰️ Hiking
🏎️ F1

"I rant with data!"

🤝 BSides Knoxvillehttps://bsidesknoxville.com
🎙️ Enterprise Security Weeklyhttps://securityweekly.com/esw
📚️ Cybersecurity Canonhttps://cybercanon.org
💣️ Destroyed by Breach Datasethttps://docs.google.com/spreadsheets/d/15CTPcgZQenWKDLDTQ2ibveUM4i7Of_n20TzdTi23xcg/edit?usp=sharing
Adrian Sanabria22h ago
Javvad Malik 22h ago

When Your Best Friend Is a Bot Who Never Says No

In 1966, an MIT computer scientist named Joseph Weizenbaum built a chatbot called ELIZA. It was extremely simple by today's standards which simply rephrased whatever you typed as a question. Tell it "my boyfriend made me come here" and it would respond "your boyfriend made you come here?" It was nothing more than a party trick.  What Weizenbaum didn't anticipate was how much people would fall for it.

http://javvadmalik.com/2026/03/27/when-your-best-friend-is-a-bot-who-never-says-no/

When Your Best Friend Is a Bot Who Never Says No

In 1966, an MIT computer scientist named Joseph Weizenbaum built a chatbot called ELIZA. It was extremely simple by today’s standards which simply rephrased whatever you typed as a question.&…

Javvad Malik
Adrian Sanabria5d ago

Pretty sure I've written this blog post in other places in the past, but if your inbox is a hot mess, I have some suggestions you can go through in about 15 minutes - the time it takes to drink a cup of tea or coffee.

https://open.substack.com/pub/defendersinitiative/p/fix-your-inbox-no-ai-needed?r=74yjk&utm_campaign=post&utm_medium=web&showWelcomeOnShare=true

Fix Your Inbox (no AI needed)

10-15 minutes can restore sanity to your inbox - no AI, no purchases

The Defender's Initiative
Adrian Sanabria5d ago

Every now and then, a new song becomes an obsession and just latches onto my brain.

That song right now is Nate Smith's cover of the Pointer Sisters' Automatic

https://open.spotify.com/track/7FeLKSPYTLi93vxqBO0Yku?si=023f84837089406d

AUTOMATIC

Nate Smith, Lalah Hathaway · LIVE-ACTION (Deluxe) · Song · 2026

Spotify
Adrian SanabriaMar 18

New message rule to keep your inbox clean

if body contains
"not sure if you're the right person"
move to trash

Adrian SanabriaMar 16
@pluralistic I'm probably not the first to share this with you, I can't run the risk you haven't seen it yet. Very important. https://www.youtube.com/watch?v=T4Upf_B9RLQ
A Day in the Life of an Ensh*ttificator

Digital products and services keep getting worse. In the new report Breaking Free: Pathways to a fair technological future, the Norwegian Consumer Council ha...

YouTube
Adrian SanabriaMar 12
Kim ZetterMar 11
Iranian hacktivists hit US medical device maker Stryker with a "severe" attack that wiped systems and shut down global operations for the company. The hacktivist group, Handala, claim they hit the company in retaliation for the US bombing of a girls' school in Iran and that they struck more than 200,000 of Stryker's servers, systems and devices and remotely wiped many of them. https://www.zetter-zeroday.com/iranian-hacktivists-strike-medical-device-maker-stryker-in-severe-attack-that-wiped-systems/
Iranian Hacktivists Strike Medical Device Maker Stryker in "Severe" Attack that Wiped Systems

Stryker, a leading maker of medical devices, was hit early this morning with a cyberattack that has reportedly caused the company's systems to shut down globally. A known Iranian hacktivist group named Handala posted messages on hacked systems and on social media taking credit for the hit, which they say

ZERO DAY
Adrian SanabriaMar 9
Javvad Malik Mar 9

We've invented service accounts all over again. MCP servers are quietly becoming the same overprivileged, under-monitored access brokers that have haunted enterprise security for years. Except this time, we're stacking them on top of the old ones.

https://go.aembit.io/s/mcp-servers-and-the-return-of-the-service-account-problem-25746

MCP Servers and the Return of the Service Account Problem

Agentic AI is turning MCP servers into persistent access brokers, reviving the service account problem and expanding the access surface enterprises struggle to control.

Aembit
Adrian SanabriaMar 9
BSides KnoxvilleMar 9
CFP CLOSES THIS SUNDAY!
https://buff.ly/mNjbPdT
Adrian SanabriaMar 6

Vulnerability management is in some trouble and I have thoughts on how to deal with it.

TL;DR - exploitation is happening too fast for traditional vuln mgmt to be effective.

https://open.substack.com/pub/defendersinitiative/p/reevaluating-vulnerability-management?r=74yjk&utm_medium=ios

Reevaluating vulnerability management

Things are getting complicated.

The Defender's Initiative
Adrian SanabriaMar 3
Joseph CoxMar 3
New from 404 Media: CBP tapped into the online advertising ecosystem to track peoples' movements, according to an internal DHS document. Shows for the first time DHS tracked phones via process for putting ads in ordinary apps—video games, fitness apps, many more https://www.404media.co/cbp-tapped-into-the-online-advertising-ecosystem-to-track-peoples-movements/
CBP Tapped Into the Online Advertising Ecosystem To Track Peoples’ Movements

An internal DHS document obtained by 404 Media shows for the first time CBP used location data sourced from the online advertising industry to track phone locations. ICE has bought access to similar tools.

404 Media