Kevin Beaumont
@doublepulsar.com
cybersecurity weather man. scanning the horizons for cloudy cyber. Expert at nothing except computer rubbish. Anti-ransomware since 2015.
these guys have $70m in VC investment and can't afford a graphic designer for a day
November 10, 2025 at 4:17 PM
these guys have $70m in VC investment and can't afford a graphic designer for a day
indeed, just calmly take appropriate measures, i.e. do some work. The cyber industry is not good at being calm, or doing work.
November 10, 2025 at 1:25 PM
indeed, just calmly take appropriate measures, i.e. do some work. The cyber industry is not good at being calm, or doing work.
Windows XP end of life
Windows 7 end of life
Windows Server 2003 end of life
Windows Server 2008 end of life
I still regularly see them in businesses and it turns out, it is not the end of the world.
Windows 7 end of life
Windows Server 2003 end of life
Windows Server 2008 end of life
I still regularly see them in businesses and it turns out, it is not the end of the world.
a man standing in front of a crowd with the words everybody panic
ALT: a man standing in front of a crowd with the words everybody panic
media.tenor.com
November 10, 2025 at 1:24 PM
Windows XP end of life
Windows 7 end of life
Windows Server 2003 end of life
Windows Server 2008 end of life
I still regularly see them in businesses and it turns out, it is not the end of the world.
Windows 7 end of life
Windows Server 2003 end of life
Windows Server 2008 end of life
I still regularly see them in businesses and it turns out, it is not the end of the world.
LinkedIn, pass the bong.
November 7, 2025 at 4:40 PM
LinkedIn, pass the bong.
Ars Technica’s coverage is excellent by the way, as they took the time to check what the report said rather than jizzing in their pants. arstechnica.com/security/202...
5 AI-developed malware families analyzed by Google fail to work and are easily detected
You wouldn’t know it from the hype, but the results fail to impress.
arstechnica.com
November 7, 2025 at 10:40 AM
Ars Technica’s coverage is excellent by the way, as they took the time to check what the report said rather than jizzing in their pants. arstechnica.com/security/202...
LinkedIn has predictably gone full cyberslop.
November 7, 2025 at 10:32 AM
LinkedIn has predictably gone full cyberslop.
About 70% of orgs still haven't patched those Cisco ASA vulns btw. If I was a ransomware group I'd invest in n-day (old) Cisco ASA AnyConnect vulns, as vast majority of orgs don't bother patching as they're too busy having a mass wank about quantum and AI risks.
cyberplace.social/@GossiTheDog...
cyberplace.social/@GossiTheDog...
November 6, 2025 at 11:35 PM
About 70% of orgs still haven't patched those Cisco ASA vulns btw. If I was a ransomware group I'd invest in n-day (old) Cisco ASA AnyConnect vulns, as vast majority of orgs don't bother patching as they're too busy having a mass wank about quantum and AI risks.
cyberplace.social/@GossiTheDog...
cyberplace.social/@GossiTheDog...
If anybody is wondering that CBO.gov Cisco ASA box is offline now, if you try browsing to it via IP. It is on @shodanhq.bsky.social timeline mode.
November 6, 2025 at 11:31 PM
If anybody is wondering that CBO.gov Cisco ASA box is offline now, if you try browsing to it via IP. It is on @shodanhq.bsky.social timeline mode.
So it's a bit too punk rock for the mainstream on BlueSky but on Mastodon I publish scan data for high profile vulns nowadays. It's been wild. I had threads for AttorneyGeneral.gov being unpatched and then owned via CitrixBleed2 (became a ransomware incident) and many others. Fave was the NSA.
November 6, 2025 at 11:19 PM
So it's a bit too punk rock for the mainstream on BlueSky but on Mastodon I publish scan data for high profile vulns nowadays. It's been wild. I had threads for AttorneyGeneral.gov being unpatched and then owned via CitrixBleed2 (became a ransomware incident) and many others. Fave was the NSA.
The CBO got hacked via this, it's China. They hadn't patched for over a year. www.washingtonpost.com/business/202...
Congressional Budget Office believed to be hacked by foreign actor
The Congressional Budget Office formulates economic projections for lawmakers, and every bill taken up in either chamber of Congress gets a CBO “score” of how much it would add to the national debt.
www.washingtonpost.com
November 6, 2025 at 11:12 PM
The CBO got hacked via this, it's China. They hadn't patched for over a year. www.washingtonpost.com/business/202...
the data is public if anybody wants it, I haven't updated for a month github.com/GossiTheDog/...
November 6, 2025 at 11:11 PM
the data is public if anybody wants it, I haven't updated for a month github.com/GossiTheDog/...
This isn’t a shitpost btw, I’ve been getting all of Safe Security’s content and having it analysed for GenAI usage.
Essentially, Safe Security are a vomit machine of AI slop. GenAI is then training on the content, to output more cyberslop.
Essentially, Safe Security are a vomit machine of AI slop. GenAI is then training on the content, to output more cyberslop.
November 6, 2025 at 8:59 PM
This isn’t a shitpost btw, I’ve been getting all of Safe Security’s content and having it analysed for GenAI usage.
Essentially, Safe Security are a vomit machine of AI slop. GenAI is then training on the content, to output more cyberslop.
Essentially, Safe Security are a vomit machine of AI slop. GenAI is then training on the content, to output more cyberslop.
Also aside from the research, the entire website is things like this.
November 6, 2025 at 8:53 PM
Also aside from the research, the entire website is things like this.
There’s a bit rabbit hole here btw. In particular, take a look at Safe Security’s research. It’s.. well, Pandora’s box of problems.
November 6, 2025 at 8:52 PM
There’s a bit rabbit hole here btw. In particular, take a look at Safe Security’s research. It’s.. well, Pandora’s box of problems.