coleman kane
@malware.re
https://class.malware.re creator, random open-source contributor, IRL "dog and dad" meme
Engineering Director @ deepseas.com
Blog: https://blog.malware.re/
Engineering Director @ deepseas.com
Blog: https://blog.malware.re/
If you are wondering "How can they be so incompetent", you are forgetting that the ball initially got rolling on this when the President of the USA tried to text indictment instructions to AG Pam Bondi but instead accidentally posted it as a tweet on the Xitter knock-off social media site he owns.
Folks: Lindsey did not just cross out the no-billed charge, tho she epically fucked up the docketing in another way.
There are actually THREE versions of document:
The no-billed indictment as originally docketed. (The fucked no-bill.)
storage.courtlistener.com/recap/gov.us...
There are actually THREE versions of document:
The no-billed indictment as originally docketed. (The fucked no-bill.)
storage.courtlistener.com/recap/gov.us...
November 19, 2025 at 10:32 PM
If you are wondering "How can they be so incompetent", you are forgetting that the ball initially got rolling on this when the President of the USA tried to text indictment instructions to AG Pam Bondi but instead accidentally posted it as a tweet on the Xitter knock-off social media site he owns.
Reposted by coleman kane
George Orwell’s Animal Crossing
October 7, 2025 at 4:29 PM
George Orwell’s Animal Crossing
Reposted by coleman kane
Very Mussolini, famously the reign that never ended
August 27, 2025 at 6:13 PM
Very Mussolini, famously the reign that never ended
Reposted by coleman kane
So this is as good a time as I’ll ever get to explain what I think is the difference between “software supply chain compromise” and “operational enablement” when it comes to cyber operations. It’s very easy to lump these two together, especially since they are both means of access development (1/x)
Breaking: The Post reports that Chinese government-backed hackers have been using the disastrous flaw in Microsoft #SharePoint to break into classic espionage targets. GIFT LINK with usual strings attached. wapo.st/46rKTbH
China-backed hackers used Microsoft flaw in attacks, defenders say
Researchers say Chinese actors, along with other criminal hackers, exploited a security flaw in SharePoint software widely used by governments and businesses.
wapo.st
July 22, 2025 at 3:38 PM
So this is as good a time as I’ll ever get to explain what I think is the difference between “software supply chain compromise” and “operational enablement” when it comes to cyber operations. It’s very easy to lump these two together, especially since they are both means of access development (1/x)
Reposted by coleman kane
DOOCY: So what happened to the Epstein client list that the attorney general said she had on her desk?
LEAVITT: I think if you go back and look at what the attorney general said
DOOCY: I've got the quote. She said, it's sitting on my desk right now to review.
LEAVITT: I think if you go back and look at what the attorney general said
DOOCY: I've got the quote. She said, it's sitting on my desk right now to review.
July 7, 2025 at 5:51 PM
DOOCY: So what happened to the Epstein client list that the attorney general said she had on her desk?
LEAVITT: I think if you go back and look at what the attorney general said
DOOCY: I've got the quote. She said, it's sitting on my desk right now to review.
LEAVITT: I think if you go back and look at what the attorney general said
DOOCY: I've got the quote. She said, it's sitting on my desk right now to review.
Reposted by coleman kane
Every time I post it, he goes up five more points.
June 12, 2025 at 12:44 AM
Every time I post it, he goes up five more points.
Reposted by coleman kane
Thoughts concerning "what (really) is 'Salt Typhoon'" and the danger of "TA A, also known as TA B" statements without detail, explaination, or background:
pylos.co/2025/06/11/a...
pylos.co/2025/06/11/a...
Attribution With A Pinch of Salt (Typhoon)
Salt Typhoon first emerged in the public consciousness with media reporting in late 2024. The previously unknown (or overlooked) threat actor was quickly linked to widespread intrusions in major US…
pylos.co
June 11, 2025 at 11:49 AM
Thoughts concerning "what (really) is 'Salt Typhoon'" and the danger of "TA A, also known as TA B" statements without detail, explaination, or background:
pylos.co/2025/06/11/a...
pylos.co/2025/06/11/a...
@nytpitchbot.bsky.social "As Musk and Trump's row devolves into unrestrained mutually-assured destruction with global consequences, let's discuss how Joe Biden's administration betrayed the public trust by concealing his mental decline" - A guest column by Jake Tapper
June 5, 2025 at 8:22 PM
@nytpitchbot.bsky.social "As Musk and Trump's row devolves into unrestrained mutually-assured destruction with global consequences, let's discuss how Joe Biden's administration betrayed the public trust by concealing his mental decline" - A guest column by Jake Tapper
Reposted by coleman kane
I rarely publish anything outside of Poasts™️ but very happy to see this hit the World Wide Web.
DPRK IT workers, remote IT, remote employment fraud — whatever you call it, there are behavioral detections that you can spot early and increasingly often.
DPRK IT workers, remote IT, remote employment fraud — whatever you call it, there are behavioral detections that you can spot early and increasingly often.
Imposters at the Gate: Spotting Remote Employment Fraud Before It Crosses the Wire | Splunk
Remote Employment Fraud actors don’t steal credentials—they’re issued them. This blog explores early detection and why security can’t face this threat alone.
www.splunk.com
May 5, 2025 at 7:43 PM
I rarely publish anything outside of Poasts™️ but very happy to see this hit the World Wide Web.
DPRK IT workers, remote IT, remote employment fraud — whatever you call it, there are behavioral detections that you can spot early and increasingly often.
DPRK IT workers, remote IT, remote employment fraud — whatever you call it, there are behavioral detections that you can spot early and increasingly often.
New #AI #CTI Blog post where I implement some tools in Model Context Protocol for CTIgor
blog.malware.re/2025/04/29/c...
blog.malware.re/2025/04/29/c...
Adding MCP to CTIgor
<p>The <a href="https://modelcontextprotocol.io/introduction">Model Context Protocol</a> is an API standard that has been making the rounds in the GenAI community recently. It is an open standard that...
blog.malware.re
April 29, 2025 at 9:43 PM
New #AI #CTI Blog post where I implement some tools in Model Context Protocol for CTIgor
blog.malware.re/2025/04/29/c...
blog.malware.re/2025/04/29/c...
Reposted by coleman kane
My first blog with Proofpoint is live! And we love a good crossover. State-sponsored actors try their hand at ClickFix - the hottest thing in cybercrime. Meet the North Koreans, Iranians, and Russians who are upping their social engineering game www.proofpoint.com/us/blog/thre...
Around the World in 90 Days: State-Sponsored Actors Try ClickFix | Proofpoint US
Key Findings While primarily a technique affiliated with cybercriminal actors, Proofpoint researchers discovered state-sponsored actors in multiple campaigns using the ClickFix social
www.proofpoint.com
April 17, 2025 at 11:12 AM
My first blog with Proofpoint is live! And we love a good crossover. State-sponsored actors try their hand at ClickFix - the hottest thing in cybercrime. Meet the North Koreans, Iranians, and Russians who are upping their social engineering game www.proofpoint.com/us/blog/thre...
Reposted by coleman kane
get em Chris.
News: @thekrebscycle.bsky.social, a target of Trump's wrath last week, is resigning from SentinelOne to focus fully on fighting back against against the White House's campaign to punish dissent. www.wsj.com/politics/pol...
Exclusive | Former Trump Official Targeted With Government Probe Vows to Fight
Chris Krebs, the cybersecurity official from the first Trump administration who was fired after saying the 2020 election wasn’t stolen, vowed to fight back against a White House investigation.
www.wsj.com
April 16, 2025 at 8:56 PM
get em Chris.
Reposted by coleman kane
Reposted by coleman kane
I wrote your cybersecurity mentorship guide as requested: tisiphone.net/2025/02/16/o...
On Cybersecurity Mentorship
I want to take a moment to articulate my thoughts on cybersecurity mentorship and what it should entail. I speak a lot about problems I see doing extensive mentoring and career clinics, but I have …
tisiphone.net
February 16, 2025 at 9:03 PM
I wrote your cybersecurity mentorship guide as requested: tisiphone.net/2025/02/16/o...
Published a new Blog article today about #GenAI and RAG, complete with some simplistic #Python coding examples:
blog.malware.re/2025/02/08/g...
blog.malware.re/2025/02/08/g...
Local GenAI Code Completion With Context
<p>A couple weeks ago, <a href="https://www.nature.com/articles/d41586-025-00229-6">news</a> about a new large-language model (LLM), named
<a href="https://github.com/deepseek-ai/DeepSeek-R1">DeepSeek...
blog.malware.re
February 10, 2025 at 1:15 AM
Published a new Blog article today about #GenAI and RAG, complete with some simplistic #Python coding examples:
blog.malware.re/2025/02/08/g...
blog.malware.re/2025/02/08/g...
Reposted by coleman kane
Matt Scheurer: Finding Your Passion in Cybersecurity podcasters.spotify.c...
Matt Scheurer: Finding Your Passion in Cybersecurity by Phillip Wylie Show
In this episode, Phillip Wylie is joined by Matt Scheurer, a digital forensics and incident response expert. They discuss Matt's hacker origin story, his work in digital forensics and incident response, and the education path for aspiring professionals in this field. They also touch on the importance of professional networking and the benefits of public speaking in the cybersecurity industry.
Takeaways
Digital forensics and incident response (DFIR) professionals play a crucial role in investigating and responding to cybersecurity incidents.
Having a background in systems administration and networking can provide a solid foundation for a career in DFIR.
Building a professional network and seeking mentorship from experienced professionals can greatly enhance career opportunities in the cybersecurity industry.
Public speaking can help establish credibility and open doors for career advancement in the cybersecurity field.
Exploring different areas of cybersecurity and finding one's passion can lead to a more fulfilling and successful career.
Sound Bites
"I was just always enthralled with hackers and hacker lore and all the things that people would do with technology that the people that designed it didn't anticipate."
"Understanding basic networking, learning the Linux command line, and knowing where things should be on a Windows endpoint are essential skills for aspiring DFIR professionals."
"Having a background in SOC (Security Operations Center) analysis can provide a solid foundation for understanding digital forensics and incident response."
Resources
https://www.linkedin.com/in/mattscheurer/
https://twitter.com/c3rkah
podcasters.spotify.com
February 2, 2025 at 7:54 PM
Matt Scheurer: Finding Your Passion in Cybersecurity podcasters.spotify.c...
Reposted by coleman kane
@thorcollective.bsky.social dropped a new blog "Helloooooooo, Thrunters!" 😤
It kicks off a series from a workshop @letswastetime.bsky.social and I gave at #DEATHCon on #threathunting with the PEAK framework.
Read at: thorcollective.com/helloooooooo...
#cybersecurity #thrunting #THORCollective
It kicks off a series from a workshop @letswastetime.bsky.social and I gave at #DEATHCon on #threathunting with the PEAK framework.
Read at: thorcollective.com/helloooooooo...
#cybersecurity #thrunting #THORCollective
Helloooooooo thrunters 👋
A DEATHCON Thrunting Workshop Overview
thorcollective.com
January 26, 2025 at 5:44 PM
@thorcollective.bsky.social dropped a new blog "Helloooooooo, Thrunters!" 😤
It kicks off a series from a workshop @letswastetime.bsky.social and I gave at #DEATHCon on #threathunting with the PEAK framework.
Read at: thorcollective.com/helloooooooo...
#cybersecurity #thrunting #THORCollective
It kicks off a series from a workshop @letswastetime.bsky.social and I gave at #DEATHCon on #threathunting with the PEAK framework.
Read at: thorcollective.com/helloooooooo...
#cybersecurity #thrunting #THORCollective
Reposted by coleman kane
My 8yo, who has watched a ton of WW2-related content, looking over my shoulder:
"Dad why's that man doing a Nazi salute?"
"Dad why's that man doing a Nazi salute?"
January 21, 2025 at 9:55 PM
My 8yo, who has watched a ton of WW2-related content, looking over my shoulder:
"Dad why's that man doing a Nazi salute?"
"Dad why's that man doing a Nazi salute?"
Reposted by coleman kane
Perhaps Pete Hegseth didn’t learn in the Army that when you go in front of a board and they ask you hypothetical questions, you answer directly, with integrity, honor, and personal courage.
January 15, 2025 at 1:06 AM
Perhaps Pete Hegseth didn’t learn in the Army that when you go in front of a board and they ask you hypothetical questions, you answer directly, with integrity, honor, and personal courage.
Me this afternoon, looking at the snow falling
a man in a white tank top walks down a street with the words okay here we go again below him
ALT: a man in a white tank top walks down a street with the words okay here we go again below him
media.tenor.com
January 10, 2025 at 10:18 PM
Me this afternoon, looking at the snow falling
Reposted by coleman kane
The Nick Fuentes situation has to be the fuck around/find out scenario of the year
December 25, 2024 at 7:47 PM
The Nick Fuentes situation has to be the fuck around/find out scenario of the year
Reposted by coleman kane
