Lightnews — Scholar-powered news

Bajiri @bajiri.bsky.social · 2h

First thing with calories I’ve consumed all day

Bajiri @bajiri.bsky.social · 4h

- Responding to events
- Automating Security Operations
- Applying lab work to a professional career

This was just off the dome, so it will change when I actually start writing things out. But this is my general project outline atm. I'm gearing this more towards students/learners.

1 2

Bajiri @bajiri.bsky.social · 4h

Subject to change:
- Highlight the need for practical hands-on experience
- Difficulty of getting access to enterprise tools
- High-cost solutions vs low-cost solutions
- Actual configuration of tools
- Things intentionally excluded from this project
- Detection engineering the SOC

1 2

Bajiri @bajiri.bsky.social · 4h

Talk outline draft done?

Now to see if I actually finish it

1 1

Bajiri @bajiri.bsky.social · 7h

Nothing makes you feel more like a cryptid than going to your old college and all the students know you

I left one of the talks they were doing because I was disrupting it with people talking to me and asking questions lol

2

Bajiri @bajiri.bsky.social · 7h

Forgot to bring my lactose pills with me today. I’ll be out all day in St. Paul, and won’t be able to eat anything 😭

Guess my calories will again be coming from alcohol 💀

Bajiri @bajiri.bsky.social · 8h

Great time at @bsidestc.org yesterday!

It was my first talk and I didn't completely bomb it! It was also kind of addicting, and I'm planning out another talk. Maybe for secretcon next year 👀

I put my slides up on my blog if anyone wants to get a copy: alertoverload.com/posts/2025/1...

BSides TC Talk: Click, Paste, Compromise: Unpacking ClickFix

alertoverload.com

1 3

Bajiri @bajiri.bsky.social · 8h

A malware wall of shame is such a good idea. I might have to make my own 🤣

1 1

Bajiri @bajiri.bsky.social · 18h

It's operational now, with agents deployed, but it hasn't been configured for anything. There's no automation in place either. Still a lot of work to do.

I'm planning on throwing some agents on my sandbox and doing some detection engineering on all the malware I leave running lol

1 1

Bajiri @bajiri.bsky.social · 19h

Wazuh for SIEM, Velociraptor for EDR, DFIR-IRIS as a ticketing system, and Shuffle for automation.

I have plans to add in a cmdb, misp, and a few other things.

Some things are FOSS*, but most are legit.

*Paid enterprise version available, but self hosting options with public source.

2 1

Bajiri @bajiri.bsky.social · 19h

Already planning another talk 💀

"Building a SOC in a garage. With a box of scraps."

Based on one of my current projects. Simulated SOC based on everything I'd want as a soc analyst. Using only FOSS tools.

Still working out details, but I think this could be fun topic.

2 2

Bajiri @bajiri.bsky.social · 20h

SLC Punk is a movie I think every young person should watch at least once

www.youtube.com/watch?v=RIge...

Slc Punk

YouTube video by YouTube Movies

www.youtube.com

1

Reposted by Bajiri

CYBERWARCON @cyberwarcon.bsky.social · 1d

We're excited to have Kaitlin Martin join us this year!

Her talk, "Is Your North Korean IT Worker Quiet Quitting?", will map TTPs + demonstrate how illicit earnings from North Korean IT Workers are funneled to Pyongyang.

Check out her full bio + talk description!

www.cyberwarcon.com

1 2

Bajiri @bajiri.bsky.social · 1d

Shouting out the blog on every slide pays off lol

1

Bajiri @bajiri.bsky.social · 1d

I did shout out the blog a lot, but I didn't add the disclaimer that half of those articles are written or started while intoxicated.

The quality of each post varies quite a bit.

1