Rik Ferguson
@rikferguson.com
Immigrant. VP Security Intelligence @Forescout, Co-founder @RespectInSec. Board @vaultree, Cybersecurity Futurist, Researcher, Award-winning writer/producer. He/Him. Pussy in bio.
Substack - Ferguson.ink
Slava Ukraini 🇺🇦
Substack - Ferguson.ink
Slava Ukraini 🇺🇦
Pinned
Rik Ferguson
@rikferguson.com
· Nov 8
Reposting this tweet from Oct 2017, so I can pin it here too.
Public note: If you ask me to sit on any public panel I will decline if there are no women on the panel. I can’t do much but I can do this.
Public note: If you ask me to sit on any public panel I will decline if there are no women on the panel. I can’t do much but I can do this.
Never a dull moment with Mister Cluley, and his Smashing Security podcast ❤️
Terrific to have @rikferguson.com join me on episode 446 of the Smashing Security podcast, where we discussed how a teenage cybercriminal's attempt to mock a sextortion scammer badly backfired, and take a crystal ball look ahead to what 2026 might have in store...
open.spotify.com/episode/0paB...
open.spotify.com/episode/0paB...
A hacker doxxes himself, and social engineering-as-a-service
open.spotify.com
December 5, 2025 at 11:04 AM
Never a dull moment with Mister Cluley, and his Smashing Security podcast ❤️
Dear America, I have tried your “chocolate” and it is awful. So bad that I completely fail to grasp why Hallowe’en ever even took off in the US.
Do better.
Do better.
November 22, 2025 at 1:37 PM
Dear America, I have tried your “chocolate” and it is awful. So bad that I completely fail to grasp why Hallowe’en ever even took off in the US.
Do better.
Do better.
Anthropic’s report is being called the first AI-orchestrated cyber-espionage campaign. For many it’s the moment the alarm bell was finally audible.
For me, it’s different: the moment a warning I’ve been giving since 2017 stopped being “nightmare scenario” panel fodder & started leading the news.
For me, it’s different: the moment a warning I’ve been giving since 2017 stopped being “nightmare scenario” panel fodder & started leading the news.
We Built the Kill Chain for Humans. AI Didn’t Get the Memo.
Right now, Anthropic is all over the news for exposing what it calls the first largely AI-orchestrated cyber-espionage campaign: a suspected Chinese state-sponsored group, GTG-1002, hijacking Claude C...
www.linkedin.com
November 17, 2025 at 9:09 PM
Anthropic’s report is being called the first AI-orchestrated cyber-espionage campaign. For many it’s the moment the alarm bell was finally audible.
For me, it’s different: the moment a warning I’ve been giving since 2017 stopped being “nightmare scenario” panel fodder & started leading the news.
For me, it’s different: the moment a warning I’ve been giving since 2017 stopped being “nightmare scenario” panel fodder & started leading the news.
Lars Ulrich is definitely one of the drummers of all time.
November 3, 2025 at 9:38 PM
Lars Ulrich is definitely one of the drummers of all time.
Xi-phoon or Xi-clone? It’s so difficult to tell them apart.
Salt, Volt, Flax, Silk; they all rely on Xiploits.
Remember, just because something is not “required” doesn’t mean you shouldn’t do it.
Salt, Volt, Flax, Silk; they all rely on Xiploits.
Remember, just because something is not “required” doesn’t mean you shouldn’t do it.
FCC will vote to scrap telecom cybersecurity requirements
The commission’s Republican chair, who voted against the rules in January, calls them ineffective and illegal.
www.cybersecuritydive.com
October 30, 2025 at 9:26 PM
Xi-phoon or Xi-clone? It’s so difficult to tell them apart.
Salt, Volt, Flax, Silk; they all rely on Xiploits.
Remember, just because something is not “required” doesn’t mean you shouldn’t do it.
Salt, Volt, Flax, Silk; they all rely on Xiploits.
Remember, just because something is not “required” doesn’t mean you shouldn’t do it.
TAFKNAP - The Andrew Formerly Known As Prince.
October 30, 2025 at 9:18 PM
TAFKNAP - The Andrew Formerly Known As Prince.
Our team at Forescout has discovered multiple new vulnerabilities in TP-Link routers. You may have noticed an uncredited vulnerability disclosure from TP-Link yesterday, that was us.
Several additional vulnerabilities are still in the disclosure process and will be detailed in upcoming publications.
Several additional vulnerabilities are still in the disclosure process and will be detailed in upcoming publications.
New TP-Link Router Vulnerabilities: A Primer on Rooting Routers
Forescout’s Vedere Labs research uncovers TP-Link router vulnerabilities that allow attackers to root devices. See how, including mitigation guidance.
www.forescout.com
October 23, 2025 at 5:16 PM
Our team at Forescout has discovered multiple new vulnerabilities in TP-Link routers. You may have noticed an uncredited vulnerability disclosure from TP-Link yesterday, that was us.
Several additional vulnerabilities are still in the disclosure process and will be detailed in upcoming publications.
Several additional vulnerabilities are still in the disclosure process and will be detailed in upcoming publications.
I almost sliced off the tip of my finger with a breadknife the other day.
It’s given me a great idea for Hallowe’en canapés though.
#finger_food
It’s given me a great idea for Hallowe’en canapés though.
#finger_food
October 15, 2025 at 11:07 AM
I almost sliced off the tip of my finger with a breadknife the other day.
It’s given me a great idea for Hallowe’en canapés though.
#finger_food
It’s given me a great idea for Hallowe’en canapés though.
#finger_food
1981, the year of antmusic, is now as far behind us at 1937 was in 1981… Damn.
October 10, 2025 at 8:55 PM
1981, the year of antmusic, is now as far behind us at 1937 was in 1981… Damn.
PromptLock. Was. An. Academic. PoC. Not. An. AI. Revolution. In. Cybercrime.
Stop putting it in your blogs and presentations.
Thank you for your attention to this matter ;)
Stop putting it in your blogs and presentations.
Thank you for your attention to this matter ;)
October 8, 2025 at 10:11 PM
PromptLock. Was. An. Academic. PoC. Not. An. AI. Revolution. In. Cybercrime.
Stop putting it in your blogs and presentations.
Thank you for your attention to this matter ;)
Stop putting it in your blogs and presentations.
Thank you for your attention to this matter ;)
But, will the Conservatives give everyone (except “illegals” fkors) a free puppy “if they win the next election?
October 8, 2025 at 11:15 AM
But, will the Conservatives give everyone (except “illegals” fkors) a free puppy “if they win the next election?
If you edit for a security title and you follow me, I’ve a new column looking for a home: Operational Truth. Accuracy is a security property. It’s practical: exposure SLOs, drift measurement and enforced controls. and it has a funky Stranger Things tie-in. Want it as a contributed piece? DM me.
October 6, 2025 at 9:44 AM
If you edit for a security title and you follow me, I’ve a new column looking for a home: Operational Truth. Accuracy is a security property. It’s practical: exposure SLOs, drift measurement and enforced controls. and it has a funky Stranger Things tie-in. Want it as a contributed piece? DM me.
Terminal 2 at Prague airport is currently evacuated
October 5, 2025 at 9:04 AM
Terminal 2 at Prague airport is currently evacuated
Post you from a different era. Describe that era.
Sep 1992, Buckinghamshire. 22 & graduated. In a recession so couldn’t find a job, so I worked in my local boozer and lived up in the roof. Life was very good. After this I went to live in Paris and work in a bookshop.
Sep 1992, Buckinghamshire. 22 & graduated. In a recession so couldn’t find a job, so I worked in my local boozer and lived up in the roof. Life was very good. After this I went to live in Paris and work in a bookshop.
September 30, 2025 at 5:02 AM
Post you from a different era. Describe that era.
Sep 1992, Buckinghamshire. 22 & graduated. In a recession so couldn’t find a job, so I worked in my local boozer and lived up in the roof. Life was very good. After this I went to live in Paris and work in a bookshop.
Sep 1992, Buckinghamshire. 22 & graduated. In a recession so couldn’t find a job, so I worked in my local boozer and lived up in the roof. Life was very good. After this I went to live in Paris and work in a bookshop.
Boarding at Heathrow is still hit and miss after the recent #ransomware attack against Collins Aerospace .
Some gates are working. Some gates are still operating manual boarding procedures.
Be prepared for delays.
Some gates are working. Some gates are still operating manual boarding procedures.
Be prepared for delays.
September 25, 2025 at 9:13 AM
Boarding at Heathrow is still hit and miss after the recent #ransomware attack against Collins Aerospace .
Some gates are working. Some gates are still operating manual boarding procedures.
Be prepared for delays.
Some gates are working. Some gates are still operating manual boarding procedures.
Be prepared for delays.
I the ten years I have lived here in Warsaw, I’ve never seen a swan.
Suspiciously though, I have seen brogue-shaped footprints by the lake, just deep enough to hold half a pint of real ale, and a vague waft of stale tobacco. The was a clue in the tread although I could quite make it out.
Suspiciously though, I have seen brogue-shaped footprints by the lake, just deep enough to hold half a pint of real ale, and a vague waft of stale tobacco. The was a clue in the tread although I could quite make it out.
September 25, 2025 at 8:30 AM
I the ten years I have lived here in Warsaw, I’ve never seen a swan.
Suspiciously though, I have seen brogue-shaped footprints by the lake, just deep enough to hold half a pint of real ale, and a vague waft of stale tobacco. The was a clue in the tread although I could quite make it out.
Suspiciously though, I have seen brogue-shaped footprints by the lake, just deep enough to hold half a pint of real ale, and a vague waft of stale tobacco. The was a clue in the tread although I could quite make it out.
Best, most raw, thing I have written in ages. So much so that it can't go on LinkedIn, they'd crucify me :)
Anchored in the Cupboard - Growing up in the 80s.
Anchored in the Cupboard - Growing up in the 80s.
Anchored in the Cupboard
Growing up in the 80s, or... growing up as me.
open.substack.com
September 19, 2025 at 11:49 PM
Best, most raw, thing I have written in ages. So much so that it can't go on LinkedIn, they'd crucify me :)
Anchored in the Cupboard - Growing up in the 80s.
Anchored in the Cupboard - Growing up in the 80s.
Wouldn’t it be nice if folks quit telling you how to improve?
Nice to find a feed not full of humblebrag platitudes?
Respectful if those who’ve “cracked it” didn’t claim their recipe fits every cookie?
You do you.
Keep going, even when no one’s looking.
Practice makes perfect. You’re worth it.
Nice to find a feed not full of humblebrag platitudes?
Respectful if those who’ve “cracked it” didn’t claim their recipe fits every cookie?
You do you.
Keep going, even when no one’s looking.
Practice makes perfect. You’re worth it.
September 18, 2025 at 11:25 PM
Wouldn’t it be nice if folks quit telling you how to improve?
Nice to find a feed not full of humblebrag platitudes?
Respectful if those who’ve “cracked it” didn’t claim their recipe fits every cookie?
You do you.
Keep going, even when no one’s looking.
Practice makes perfect. You’re worth it.
Nice to find a feed not full of humblebrag platitudes?
Respectful if those who’ve “cracked it” didn’t claim their recipe fits every cookie?
You do you.
Keep going, even when no one’s looking.
Practice makes perfect. You’re worth it.
The late-night drive feeling of isolation, discomfort, dislocation. A few lines echo the rhythm of tyres ticking over cats-eyes. UK folks will know that heartbeat under the tyres that tells you you’re already drifting. The uncanny, fog-lit stretch between fatigue and focus. I hope the mood lands
Steer Through Silence Dislocated
“Streetlights staple the night to the sky”
rikferguson.substack.com
September 18, 2025 at 10:11 PM
The late-night drive feeling of isolation, discomfort, dislocation. A few lines echo the rhythm of tyres ticking over cats-eyes. UK folks will know that heartbeat under the tyres that tells you you’re already drifting. The uncanny, fog-lit stretch between fatigue and focus. I hope the mood lands
You don’t predict the future. You feel the gradient under your boots
2017 I said AI would enter adversarial ops & we’d need AI to meet it. 2019, impersonation would mature & that defenders must reason like machines. Today, AI accelerates crime before it automates it & change windows are still human
2017 I said AI would enter adversarial ops & we’d need AI to meet it. 2019, impersonation would mature & that defenders must reason like machines. Today, AI accelerates crime before it automates it & change windows are still human
Autonomous Cyber Weapons? The future of AI in Cybersecurity.
What I called in 2017–2019, what landed by 2025, and what still needs fixing.
open.substack.com
September 18, 2025 at 1:30 PM
You don’t predict the future. You feel the gradient under your boots
2017 I said AI would enter adversarial ops & we’d need AI to meet it. 2019, impersonation would mature & that defenders must reason like machines. Today, AI accelerates crime before it automates it & change windows are still human
2017 I said AI would enter adversarial ops & we’d need AI to meet it. 2019, impersonation would mature & that defenders must reason like machines. Today, AI accelerates crime before it automates it & change windows are still human