Tony/Humpty (CJ)'s Avatar

Tony/Humpty (CJ)

@c-b.io

Lead SOC analyst | Malware enjoyer | Horrible dev

180
Followers 544
Following 57
Posts 18.10.2024
Joined
Posts Following

Latest posts by Tony/Humpty (CJ) @c-b.io

Getting SaaSy with SIEMs - Introduction - Humpty's Blog A field guide for SOC analysts drowning in SaaS audit logs. Learn how to turn nested JSON chaos into usable detections: normalization, stacking, common SaaS logging pitfalls, and how to avoid the clas...

New blogpost is out! This time we're getting SaaSy πŸ’…
c-b.io/getting-saas...

26.01.2026 23:17 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Incident Response Chaos Club Incident Response Chaos Club - embracing the chaos of cybersecurity through DFIR, incident response, and security research.

Yo! Kinda forgot to post here but I created irchaos.club.

I'll let yall discover it :)

25.10.2025 04:35 πŸ‘ 6 πŸ” 5 πŸ’¬ 0 πŸ“Œ 1
Post image Post image

Extremely grateful to have had the opportunity to not only give my first talk today but to do so alongside Josh Reynolds from @invokereversing.bsky.social

In case you missed it, you can find our slides on GitHub here github.com/CoveoSec/tal...

06.10.2025 02:31 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

Had a fantastic turnout for our talk at BSides Toronto about the scavenger malware today! Huge thanks to @c-b.io for co-presenting and thank you to everyone for attending!

05.10.2025 21:03 πŸ‘ 5 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Post image

A reminder that @c-b.io and Joshua Reynolds will be speaking at BSides Toronto this Sunday (Oct 5th) at 11:45AM about the Scavenger NPM supply chain attack. See you there!

29.09.2025 19:53 πŸ‘ 1 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Post image

We are excited to announce that our founder Joshua Reynolds and @c-b.io have been accepted to speak at BSides Toronto with their talk titled "When Prettier Gets Ugly: The Scavenger Supply Chain Campaign" more info here: pretalx.com/bsides-toron...

17.09.2025 14:44 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Scavenger Malware Distributed via num2words PyPI Supply Chain Compromise Technical blog detailing the num2words v0.5.15 PyPI supply chain compromise used to distribute Scavenger malware

IT HAPPENED AGAIN

invokere.com/posts/2025/0...

@invokereversing.bsky.social is on FIRE

28.07.2025 19:26 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Scavenger Malware Distributed via eslint-config-prettier NPM Package Supply Chain Compromise Technical blog detailing the eslint-config-prettier supply chain compromise used to distribute Scavenger malware

We did a full technical blog on the NPM eslint-config-prettier supply chain compromise that was used to distribute the Scavenger malware with @c-b.io check it out! invokere.com/posts/2025/0...

21.07.2025 17:17 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
2025-06-29 - Supper is served - Tony/Humpty's RE blog Recommend song to listen to while reading: If you find something off with what I say, please let me know. I'll gladly amend my content and credit you for the fix. Some thanks in alphabetical order

Hey folks! Here's my first technical deep-dive into a PE malware sample that touches on why including more information/proofs in threat intelligence reports is important.
c-b.io/2025-06-29+-...

29.06.2025 23:18 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Rethinking Deception: Why We're Moving from Product to Enablement After years of building deception technology and watching SOC teams struggle with yet another dashboard, we've made a fundamental shift in how we deliver cyber deception.

Yo nerds, if you're thinking about deploying canaries please read this

deceptiq.com/blog/rethink...

07.06.2025 19:07 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
The so-called Department of Government Efficiency: We saved $1M per year by converting 14,000 magnetic tapes (70 year old technology for information storage) to permanent modern digital records

The so-called Department of Government Efficiency: We saved $1M per year by converting 14,000 magnetic tapes (70 year old technology for information storage) to permanent modern digital records

YOU DID WHAT?

07.04.2025 03:05 πŸ‘ 5153 πŸ” 1000 πŸ’¬ 309 πŸ“Œ 620

In sum: an economically illiterate "conservative" institutes the biggest tax hike in history in an effort to revive the policies that led to the Great Depression.

Cool.

02.04.2025 23:00 πŸ‘ 962 πŸ” 137 πŸ’¬ 19 πŸ“Œ 3
Post image
27.03.2025 16:03 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
RedTiger Stealer (Malware Family) Details for the RedTiger Stealer malware family including references, samples and yara signatures.

Got a new family added to malpedia nerds

malpedia.caad.fkie.fraunhofer.de/details/py.r...

23.03.2025 21:15 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Just turn off bluetooth to avoid BLE spam from skids lol

17.03.2025 16:04 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Analyzing the RedTiger Malware Stealer Analyzing the RedTiger Malware Stealer Today we’ll dive into a fresh malware stealer dubbed RedTiger, a sample targeting personal user data, particularly Discord tokens, browser-stored credentials, an...

Another day, another stealer
c-b.io/blog/redtige...

16.03.2025 21:22 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
SOC Analyst | Province of Quebec (Canada) | Coveo Here you'll find jobs in corporate cybersecurity, business law, corporate law, labor law, compliance and others!

CALLING ALL INCIDENT RESPONSE NERDS, MY TEAM IS LOOKING FOR A FRIEND

www.coveo.com/en/company/c...

16.03.2025 14:43 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

It think people with humility just dont post often at this point. Theres just no point. Assholes are often the loudest

04.03.2025 01:15 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Dissecting a fresh BlankGrabber sample Dissecting a fresh BlankGrabber sample BlankGrabber is nothing new. It’s been documented by multiple companies such as ThreatMon, K7Security and has even had it’s source code disclosed on GitHub. So w...

Hello fellow nerds, here's my latest blogpost on how BlankGrabber targets Discord by injecting malicious JS to steal credit card info

c-b.io/blog/dissect...

16.02.2025 06:14 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

Does anyone know what's up with these brand spanking new youtube accounts posting bogus seed phrases here?
Whats the scheme?
πŸ€”

14.01.2025 04:31 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Yeah last summer was pretty fucked. We could easily see the fires from NOAA sats

10.01.2025 05:18 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

FWIW Quebec also has multiple deals in place with a few US states where we send HydroQuebec guys (linemans) to help when disaster strikes and power needs to be restored ASAP. We're fairly big on mutual aid.

10.01.2025 05:08 πŸ‘ 6 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

I'm always amazed at the confidence some people have. Even _I'm_ smart enough to know when I don't know something and lord knows I'm far from being smart

03.01.2025 20:56 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Phooooomp

25.12.2024 17:59 πŸ‘ 11 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Wishing everyday some resting and incident free holidays ❀️

25.12.2024 17:35 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

I will keep on living in denial and only believe there's two.

25.12.2024 01:11 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

I didn't believe it but holy shit, who's idea was it to make 6?!

25.12.2024 01:06 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

I like VPNs for privacy purposes. @mullvad.bsky.social makes some fucking cool shit

20.12.2024 03:36 πŸ‘ 9 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Of course I won't, got too many blogposts to publish 😁

17.12.2024 14:54 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0