Drew (@bugfire.io) — bluesky.baby

IMO it’s often used as a generic catch all title for those who wear a lot of hats in their jobs such as threat research, malware analysis, detection engineering, etc.

06.03.2026 02:23 👍 1 🔁 0 💬 0 📌 0

You are hitting it hard this week, well done!

06.03.2026 00:19 👍 1 🔁 0 💬 0 📌 0

Wait, AI can’t replace that right?

04.03.2026 00:08 👍 1 🔁 0 💬 1 📌 0

On this episode of Discarded, our team explores how #artificialintelligence is shaping modern #malware analysis and detection workflows.

Listen now on your favorite #podcast platform, and you'll get a balanced view of AI's growing impact on cybersecurity.

🎙️: www.proofpoint.com/us/podcasts/...

26.02.2026 18:57 👍 2 🔁 1 💬 0 📌 0

🤓 Happy to see that my DEFCON talk on crypto money laundering and tracking techniques was featured in the DEFCON 33 Almanac!

Read it here: https://harris.uchicago.edu/sites/default/files/the_def_con_33_hackers_almanack.pdf

16.02.2026 01:12 👍 2 🔁 1 💬 0 📌 0

I started making comics, in part, as a respite from the grind that is cybersecurity.

Only hackers/scammers are everywhere. I’m no @johnhammond.bsky.social but here is my video on how scammers try to take advantage of creators on Kickstarter.

14.02.2026 14:09 👍 3 🔁 4 💬 0 📌 0

This looks very interesting! 👇

09.02.2026 15:14 👍 0 🔁 0 💬 0 📌 0

Spotify – Web Player

Episode 2 of Breach Log is now available! Special thanks to Max Margolis for joining me and telling his story.
If you have a story you'd like to share, get in contact and we can have some fun! breachlogpodcast [@] gmail[.]com
open.spotify.com/episode/4SDz...

08.02.2026 08:29 👍 1 🔁 1 💬 0 📌 0

🤓 Let me introduce you to MoltThreats: The first AI Threat Intel Feed for Ai Agents!

In one week, OpenClaw became a widely used general AI agent. People started to run their own agents all over the world and connect them directly to the internet.

But this […]

[Original post on infosec.exchange]

01.02.2026 20:21 👍 3 🔁 1 💬 1 📌 1

You do an amazing job of staying on top of all these things!

01.02.2026 21:51 👍 0 🔁 0 💬 0 📌 0

Nothing says optimal workout recovery like cream cheese

01.02.2026 01:54 👍 1 🔁 0 💬 0 📌 0

2026-01-31 (Friday): I've posted a new traffic analysis exercise. It's Lumma in the room-ah! Join the fun at www.malware-traffic-analysis.net/2026/01/31/i...

I mean, this guy looks like he's having fun.

31.01.2026 05:58 👍 4 🔁 2 💬 0 📌 0

yolo

29.01.2026 22:48 👍 1 🔁 0 💬 0 📌 0

Screenshot from an infected Windows host showing Remcos RAT and how it is persistent.

2026-01-22 (Thursday): #RemcosRAT infection persistent on an infected Windows host. This was caused by #ClickFix instructions from #SmartApeSG through a fake CAPTCHA page. Details of this #Remcos #RAT infection are available at www.malware-traffic-analysis.net/2026/01/06/i...

29.01.2026 02:36 👍 3 🔁 2 💬 0 📌 0

Practical Threat Hunting for Beginners Learn the core knowledge and practical skills required to perform effective threat hunting in real-world environments.

I've released my new course:
Practical Threat Hunting for Beginners

Similar courses: $$$$
This course: $$

academy.bluraven.io/course/pract...

#ThreatHunting #DetectionEngineering

27.01.2026 22:12 👍 3 🔁 2 💬 0 📌 0

Malware Analysis - Malicious MS Office files without Macros YouTube video by MalwareAnalysisForHedgehogs

🦔 📹 New Video: Can office files be malicious without Macros?

➡️ VSTO Add-Ins
➡️ External Templates
➡️ Checklist for Office analysis
#MalwareAnalysisForHedgehogs
www.youtube.com/watch?v=RtHH...

25.01.2026 07:30 👍 6 🔁 4 💬 2 📌 1

Nice work on this one and how it works with blockchain for storing payloads. Do you have any IOCs for the initial html/javascript from the compromised websites? Thanks!

23.01.2026 21:36 👍 0 🔁 0 💬 0 📌 0

Karsten's samplepedia is a great resource for malware samples and analysis solutions!

23.01.2026 19:18 👍 1 🔁 0 💬 0 📌 0

How quaint that was

23.01.2026 02:12 👍 0 🔁 0 💬 0 📌 0

It keeps you employed

22.01.2026 15:06 👍 1 🔁 0 💬 0 📌 0

Is the 9-5 a thing of the past? 💀 Dhillon Kannabhiran (HITB) says the "hacker ethos" is replacing the corporate ladder. From on-demand bug hunting to working across time zones, the rules of the game have changed.

podcasts.apple.com/us/podcast/e...

21.01.2026 18:01 👍 2 🔁 1 💬 0 📌 0

Hopefully you got most of your birthday back!

16.01.2026 04:56 👍 0 🔁 0 💬 0 📌 0

Is drunk Bajiri good for IR?

16.01.2026 04:25 👍 1 🔁 0 💬 1 📌 0

Nice work, Lenny! I plan to take advantage of this tool.

16.01.2026 04:21 👍 0 🔁 0 💬 0 📌 0

😵‍💫 The Chrome extension ecosystem really is the wild west, and remains largely uncharted territory for security teams. You need visibility into what’s actually running in the browser.

cc: @campuscodi.risky.biz @zackwhittaker.com @bleepingcomputer.com

15.01.2026 21:35 👍 8 🔁 5 💬 0 📌 1

Infection repeatedly adds scheduled tasks and increases traffic to the same C2 domain Infection repeatedly adds scheduled tasks and increases traffic to the same C2 domain, Author: Brad Duncan

Nice work from @malware-traffic-analysis.net in the ISC diary blog on Lumma scheduled tasks from yesterday: isc.sans.edu/diary/Infect...

15.01.2026 13:11 👍 2 🔁 0 💬 0 📌 0

Good for you, glad it’s helping

13.01.2026 01:42 👍 1 🔁 0 💬 0 📌 0

I always think first about the personality, how well would they fit into the team and work well with others. Assuming some base level of technical expertise is there.

12.01.2026 22:27 👍 0 🔁 0 💬 0 📌 0

Publishing Your Website Content to AI Assistants When people ask AI assistants about your product or project, they often get outdated information. Here's how to publish your static website content directly to AI tools using Cloudflare Workers and th...

I released a tool for making your website or docs easily available to AI assistants via an MCP server. This helps ensure people's AI tooling can access the latest details at the right time. For instance, this is how REMnux users now can get info about its malware analysis tools.

12.01.2026 19:47 👍 1 🔁 2 💬 0 📌 0

Recommending this one, it’s a great idea! 👇

12.01.2026 02:36 👍 1 🔁 0 💬 0 📌 0

Drew

Latest posts by Drew @bugfire.io