Sean Gallagher  🐀 

@thepacketrat@infosec.exchange
4.2K Followers
935 Following
1,056 Posts
Principal Threat Poker @ Sophos X-Ops. Natsec/Infosec Editor Emeritus and now infrequent contributor @ Ars Technica. Ex Navy officer and actual battleship sailor. Verified cat furniture. Bird paparazzo. Still mostly s***posting as @thepacketrat@twitter.com. Also federating @thepacketrat and @thepacketrat
Works atSophos
Works asPrincipal Threat Researcher
Non-Infosec thingsbirds, pottery, shoulder cats, media criticism, natsec
Twitterhttps://twitter.com/thepacketrat
bloghttps://fancybearfriends.org
Work bloghttps://news.sophos.com/en-us/author/sean-gallagher/
Sean Gallagher  🐀 Jun 25
Show threadKevin BeaumontJun 24

An update on CVE-2025-5777, explaining why orgs should identify systems and patch.

https://doublepulsar.com/citrixbleed-2-electric-boogaloo-cve-2025-5777-c7f5e349d206

CitrixBleed 2: Electric Boogaloo — CVE-2025–5777 - DoublePulsar

Remember CitrixBleed, the vulnerability where a simple HTTP request would dump memory, revealing session tokens? CVE-2023–4966 You may have missed it, as the original CVE on 17th June 2025 referred…

DoublePulsar
Sean Gallagher  🐀 Jun 21
Night Herons nesting in Fells Point have gotten…numerous.
Sean Gallagher  🐀 Jun 21
Team building exercise.
Show threadSean Gallagher  🐀 Jun 19
For millenia these guys have swooped around marshes, creeks and ponds virtually unchanged (other than in size, possibly), the apex predators of airborne invertebrates (and in nymph node, of aquatic ones). Let's not f**k things up for one kind of evolutionary perfection (cats and sharks being other examples).
Sean Gallagher  🐀 Jun 19
Oh hi Evinrude
Sean Gallagher  🐀 Jun 19

Been on radio silence here for a bit. Things are going well. I have finished up the first portion of my onboarding experience at Cisco and am now getting myself up to speed on the ways of Talos threat intelligence. All the people here are awesome. I am stoked.

Also, here’s someone who dropped by today to give me some hints on using Synapse.

Sean Gallagher  🐀 Jun 7

Existing

I quit a job recently and started a new one. It was an act of surrender and of hope. Surrender because I had reached a point where I had fought to try to take control of my destiny at a company that, like many others, did not care about my dreams or feelings. Hope because I believed I could still grow somewhere else.

http://thepacketrat.com/2025/06/06/existing/

Existing

I quit a job recently and started a new one. It was an act of surrender and of hope. Surrender because I had reached a point where I had fought to try to take control of my destiny at a company tha…

The Packet Rat
Sean Gallagher  🐀 Jun 3

The Garden After the Burn

Another anonymously contributed post from one of our anonymously anonymous authors. Three months ago, I said it was time to admit how bad it’s gotten. I dragged the truth out into the daylight, bruised and blinking, for anyone still willing to look it in the eyes. I named the rot. I pointed at the collapse behind the curtains. I said the quiet part aloud because silence had begun to feel like complicity.

http://thepacketrat.com/2025/06/03/the-garden-after-the-burn/

The Garden After the Burn

Another anonymously contributed post from one of our anonymously anonymous authors. Three months ago, I said it was time to admit how bad it’s gotten. I dragged the truth out into the daylight, bru…

The Packet Rat
Sean Gallagher  🐀 May 5
Mockingbird auditioned for National Bird, but couldn't keep the sarcasm out of his voice.
Sean Gallagher  🐀 Apr 17
Brian ClarkApr 17

Security Firm @SophosXOps published another report, this one on incidents at small and medium-sized businesses by @thepacketrat and Anna Szalay. One of the things I always look for in these reports are easy #cybersecurity wins -- and this report has a bunch of them.

First off - take a look at this chart: Top 15 dual-use tools. Imagine the pain you can cause threat actors by blocking the use of these tools and disrupting their playbooks!