Shecky - Third Wheel

@[email protected]
958 Followers
221 Following
3.6K Posts
Dad, Security Engineer, Burbsec North Organizer, KQL nerd, BlueTeam, N9HAK, Padawan, Theatre Actor/Tech Man, Train Hobbyist, "Dammit Shecky" Opinions and more, GCIH, CISSP
Bloghttps://siliconshecky.com
Verificationhttps://twittodon.com/share.php?t=siliconshecky&[email protected]
Blueskyhttps://bsky.app/profile/siliconshecky.bsky.social
Shecky - Third Wheel5h ago
Redid my website siliconshecky.com so it looked newer when I wrote new blogs. Damn if I ain't wrote shit. Damn if I can't come up with something to write. Opinion pieces are a dime a dozen and I want substance which is tough for me.
Shecky - Third Wheel5h ago
Lesley Carhart 1d ago
Shouldn’t have taken this long for the market to turn on Palantir
Shecky - Third Wheel6h ago
Yesterday my #push4progress included a major test for the stability of my right knee. No brace on a slackline. Yes I had a crutch above but am proud of the advancement I made.
Shecky - Third Wheel6h ago
Xavier Ashe 8h ago

If you are doing legitimate security research with #Claude, #Anthropic is rolling out new guardrails. I just got stopped in the middle of a #bugbounty, and was asked to fill out this form. The approved me with an hour.

Wanted to get the word out. You might want to go ahead and fill this out before you get blocked mid-hack.
https://claude.com/form/cyber-use-case

Cyber Use Case | Claude by Anthropic

Claude
Shecky - Third Wheel3d ago
The end game I see for Project Glasswing with its limited partners is non-partner companies falling behind, besides the end of bug bounty programs, disguised as a way to protect from not ready for prime time AI.
Shecky - Third Wheel3d ago
Eddie.3d ago

RE: https://infosec.exchange/@lennyzeltser/116375945057451955

We get so focused on touchdowns we fail to see a first down gives us four more opportunities at that touchdown.

Empathize, speak their language, and build realtionships. That's the key.

And if you deal with business side decision makers, read the artcle.

Shecky - Third Wheel3d ago
Taggart 3d ago

Near as I can tell, this is all very good news. More things should take advantage of secure enclaves, and this open standard protects against one of the hardest current defense surfaces.

https://security.googleblog.com/2026/04/protecting-cookies-with-device-bound.html

Protecting Cookies with Device Bound Session Credentials

Posted by Ben Ackerman, Chrome team, Daniel Rubery, Chrome team and Guillaume Ehinger, Google Account Security team Following our April ...

Google Online Security Blog
Shecky - Third Wheel3d ago
Taggart 3d ago
Minor programming note: I'm going to probably push most of the threat intelligence material I usually post through @ifin, so it's a clear channel for actionable information.
Shecky - Third Wheel3d ago
BSides3123d ago
What if the biggest security gap in your environment isn't some zero-day, it's DNS?
At BSides312, Matt Scheurer is bringing live demos breaking down how DNS works, why attackers love it, and why most security teams are sleeping on it.
Easily one of the most versatile protocols; problem in your network? Somehow it always comes back to DNS. Don't sleep on this talk.
May 16th. Chicago.
🎟️ https://bsides312.org
#BSides312 #InfoSec #DNS #NetworkSecurity #CyberSecurity #Chicago
Shecky - Third Wheel3d ago
Interesting development in ClickFix working through a script editor on MacOS. Taking a step out of the process via copy/paste could result in more people getting infected.
https://www.jamf.com/blog/clickfix-macos-script-editor-atomic-stealer/
ClickFix Malware Uses macOS Script Editor to Deliver Atomic Stealer Threat Labs

Jamf Threat Labs uncovers a ClickFix-style attack that bypasses Terminal by exploiting macOS Script Editor via the applescript:// URL scheme to deliver an Atomic Stealer variant. Learn how it works.