Lightnews — Scholar-powered news

Steve YARA Synapse Miller @stvemillertime.bsky.social · Jul 3

Hang on gotta pump up the valuation so my series B folks can exit

Steve YARA Synapse Miller @stvemillertime.bsky.social · Jul 3

Those of you building modern edge devices, packet tools, network sensors, SSL decrypt, Suricata, etc -- it'll be a couple years yet, but your day will come again. Slow and steady like erosion, the attention, the investment, the market will come crawling back to you.

1 4

Steve YARA Synapse Miller @stvemillertime.bsky.social · Jul 3

Imo the security product market is almost always a decade behind needs, but over time ends up being pulled to meet the adversary where they are operating. In the 2010s the market came late to the endpoint, in the 2020s late to the cloud, in the 2030s it'll be back to the network.

2 5

Steve YARA Synapse Miller @stvemillertime.bsky.social · Jun 19

Summer of George

1 1 8

Steve YARA Synapse Miller @stvemillertime.bsky.social · May 28

I'll give it a top 10 :D

2

Steve YARA Synapse Miller @stvemillertime.bsky.social · May 28

My top 5 movies about ~hacking probably say more about my age than anything else, but still:

#1 - Hackers (1995)
#2 - War Games (1983)
#3 - Johnny Mnemonic (1995)
#4 - Ghost in the Shell (1995)
#5 - Office Space (1999) <- surprisingly full of hacks

5 14

Steve YARA Synapse Miller @stvemillertime.bsky.social · May 11

True Lies

1

Steve YARA Synapse Miller @stvemillertime.bsky.social · May 9

The Wire, but a cybercrime version of it

1 1 4

Steve YARA Synapse Miller @stvemillertime.bsky.social · May 8

imo, great defenders think like attackers
and great attackers think like defenders
and great security folks think like both
and great intelligence folks think like neither
beep boop
computers

1 10

Steve YARA Synapse Miller @stvemillertime.bsky.social · Apr 27

I used to secretly judge folks that don't *love* music. But I learned that not everyone has the same ability to _detect_ musical features (pitch, rhythm, harmony etc). This happens not in the ear but in the brain. W/ diff neuro wiring & genes, folks don't always hear what I hear.

2

Steve YARA Synapse Miller @stvemillertime.bsky.social · Apr 12

"The game is out there, and it's either play or get played." - Omar

1

Steve YARA Synapse Miller @stvemillertime.bsky.social · Apr 11

Which of the Warhammer 40K races and factions should I get into? Sisters of Battle? Space Wolves? Henry Cavill?

1

Steve YARA Synapse Miller @stvemillertime.bsky.social · Apr 7

Really neat exposé on RDP tradecraft to include signed .rdp configs, resource redirection, RemoteApps and probably PyRDP.

cloud.google.com/blog/topics/...

Windows Remote Desktop Protocol: Remote to Rogue | Google Cloud Blog

A novel phishing campaign by Russia-nexus espionage actors targeting European government and military organizations.

cloud.google.com

1 4 13

Reposted by Steve YARA Synapse Miller

gab 🇺🇦🇵🇸 @gabagool.ing · Apr 7

Excellent breakdown of the “Rogue RDP” TTP we’ve seen susp Russian APT UNC5837 using in their campaigns written by my colleague Rohit (@IzySec over on X)

Windows Remote Desktop Protocol: Remote to Rogue | Google Cloud Blog

A novel phishing campaign by Russia-nexus espionage actors targeting European government and military organizations.

cloud.google.com

8 16

Reposted by Steve YARA Synapse Miller

Ronnie Salomonsen @r0ns3n.dk · Apr 7

Windows Remote Desktop Protocol: Remote to Rogue
cloud.google.com/blog/topics/...

Windows Remote Desktop Protocol: Remote to Rogue | Google Cloud Blog

A novel phishing campaign by Russia-nexus espionage actors targeting European government and military organizations.

cloud.google.com

1 3

Steve YARA Synapse Miller @stvemillertime.bsky.social · Apr 6

"NIST to purge 'wasteful' algorithms, return to using DES"

1

Steve YARA Synapse Miller @stvemillertime.bsky.social · Mar 22

gorge

1

Steve YARA Synapse Miller @stvemillertime.bsky.social · Mar 8

We most definitely trained at the same dojo! and lots of folks rotated through it over the years, I think there is a hybrid 100DoY-fu slowly developing :D

1

Reposted by Steve YARA Synapse Miller

Doug Metz @dwmetz.bsky.social · Mar 3

Introducing MalChela. A YARA and Malware Analysis utility written in Rust. #DFIR #MalwareAnalysis #YARA #Hashing

MalChela – A YARA and Malware Analysis Toolkit written in Rust

Saturday was for Python. Sunday was for Rust. After my success with the Python + YARA + Hashing, I decided to take things to the next level. Over the past few years I've created a number of Python and PowerShell scripts related to YARA and Malware Analysis. What if I combined them into a single utility? While we're at it, let's rewrite them all from scratch in Rust.

bakerstreetforensics.com

3 7

Reposted by Steve YARA Synapse Miller

Doug Metz @dwmetz.bsky.social · Mar 2

Seeing these scrips run brings me joy. #DFIR #MalwareAnalysis #Python #YARA

3 8

Reposted by Steve YARA Synapse Miller

Doug Metz @dwmetz.bsky.social · Mar 1

Creating custom hash sets with YARA and Python

I don't like to brag, he said, but you should see the size of my malware library. For a recent project, I wanted to produce a hash set for all the malware files in my repository. Included in the library are malware samples for Windows and other…

Creating custom hash sets with YARA and Python

I don't like to brag, he said, but you should see the size of my malware library. For a recent project, I wanted to produce a hash set for all the malware files in my repository. Included in the library are malware samples for Windows and other platforms. Within the library there are also a lot of pdf's with write ups corresponding to different samples.

bakerstreetforensics.com

2 9

Steve YARA Synapse Miller @stvemillertime.bsky.social · Mar 1

Do not despair, my friends, the only way out is through;
And the climate will probably kill us all pretty soon anyway

2 10

Steve YARA Synapse Miller @stvemillertime.bsky.social · Feb 25

One rule's FP is another rule's FN.

4

Steve YARA Synapse Miller @stvemillertime.bsky.social · Feb 21

SSH is the cyber blood magick of both the world's most stalwart orgs and the world's toughest adversaries.

1

Reposted by Steve YARA Synapse Miller

Horkos @wylienewmark.bsky.social · Feb 5

You’re an MSS or SVR cyber targeter who’s spent years trying to find an access vector into SPS/PAM; then suddenly a pack of high-profile, right-wing, edgelord zoomers — who will definitely click on any link they think will get them laid — just get admin access. Prepositioning acquisition speedrun.

2 14 63