Zapa  

@[email protected]
166 Followers
102 Following
477 Posts

Cyber threat vibe-checker.

All publications here are of my own volition and my opinion, and do not represent the views, opinions, or expressions of my employer.

Things I am: Light-hearted, sarcastic, inoffensive-ish, objective, a volunteer, kinda vulgar-ish.

Things I am not: a bot, a liar.

Hashtags of interest:
#CTI #threatintelligence
#threatintel #infosec #cybersecurity

Raíces Cyberhttps://www.raicescyber.org/
Military Cyber Professionals Associationhttps://public.milcyber.org/
PhantomGraphhttps://phantomgraph.io
Zapa  1d ago

Handala is a bunch of fucking liars about their water attack claims. Don’t take it serious.

#cybersecurity
#cyberthreatintelligence
#threatintel
#infosec

Zapa  2d ago

Más meows

#caturday #caturdayeveryday

Zapa  4d ago
I seriously can’t fucking read this and it’s infuriating.
Zapa  4d ago
watchTowr4d ago

Happy Friday... again.

Yes, we've been left unattended, allowing us to run amok and publish our analysis of CVE-2026-20253 - an Arbitrary File Write in Splunk Enterprise that can be turned into Pre-Auth RCE...

Enjoy, friends!

https://labs.watchtowr.com/why-use-app-level-auth-when-every-database-has-auth-splunk-enterprise-cve-2026-20253-pre-auth-rce

Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE)

Three posts in three days? Are we insane? We're home alone, there's no-one to stop us, and we're up past bed time. So, we need to talk about Splunk. On June 10th, Splunk published this CVE-2026-20253 advisory: It has everything that we love: * No

watchTowr Labs
Zapa  4d ago

I’m probably not getting responses because hiring managers think I forgot my contact info. Thing is, reading some of these hiring boards they say they use AI systems to parse through your résumé to speed up the hiring process.

Thing is, I don’t know what that means for my personal information, and I don’t know what system they use. It’s bad enough that some places require the creation of an account to a system that will likely never be logged into again after getting/not getting the job. Now they’re putting info into a black box system and your only option is to consent or not apply.

Some may wonder, “Well they already have your info from XYZ,” or “what’s that going to prevent,” or worse, “why bother?” Control. I want to maintain the control I have of whatever I have. If that means me not putting my contact info on my resume when it’s easily found in the application database, then great. It’s one less leak of my information that I’ve been fighting to scrub off public databases.

And I would explain that if I could because I’m sure nobody else wants some other person to shove your info into a black box AI system.

Zapa  5d ago
ChatGPT 5.5 believes Mario Kart World doesn’t exist.
Zapa  5d ago

I have operationalized threat intel platforms, integrating them with SIEMs and modernizing SOC workflows. This enabled greater coverage and visibility for cyber defense, reducing the severity by improving MTTx. It also enhanced intelligence reporting because understanding your environment and your threats leads to more effective products.

I have built and led CTI teams and functions that span across the intelligence spectrum, driving threat hunt operations with F3EAD/OODA Loop frameworks, applied selection of structured analytic techniques. Frameworks are important to anchor analysis into trusted methods to produce high confidence assessments, detections, hunts, and strategies.

I’ve coached analysts to foster a holistic approach to threat intelligence instead of maintaining a single view of tactical, operational, or strategic. Intelligence is a full lifecycle, touching each stratum of intelligence when the whole is greater than the sum of its parts. Seeing analysts grow from simply observing and reporting to ATT&CK mapping intrusions, clustering, and campaign tracking brings more excitement to me than finding the smoking gun myself.

I have influenced strategic visions and directions based on a concrete understandings of an organization’s key risks and considerable threats. Successfully influencing stakeholders to implement positive change at the highest levels requires an innate ability to understand the problem(s) at hand through empathy and objectivity which is a balancing act in and of itself.

Need CTI to fit, conform, grow, scale, perform, succeed? I’ll do it.

#cti
#threatintelligence
#cyberthreatintelligence
#threatintel
#infosec
#cybersecurity

Zapa  6d ago

New meow

#caturday #caturdayeveryday

Zapa  6d ago

Am I the only one who walks away from applying to a job that requires the creation of a workday account?

Or how about those archaic systems that ingest your resume just to inaccurately prefill the information/have you re-enter all your resume info?

Bless you all who moved to GreenHouse.

Zapa  Jun 9
Jun 9

Outlook ->

Rules and alerts ->

New Rule ->

with specific words in the message header ->

X-PHISH
X-Phishtest
X-ThreatSim-ID
X-ThreatSim-Header
X-PhishMe
X-PhishMeTracking
X-PhishMe-Tracking
X-Gophish-Contact
X-Gophish-Signature
X-CanIPhish
X-Disclaimer: This email was set up by Hornetsecurity GmbH
X-Dcoya-Identification

stop processing more rules and permanently delete ->

Finish.