Archive - Damien’s Substack

Nothing Funny About It...

Threat Hunting for Living off the Land Binaries (LoLBins)

Jul 2 •

June 2025

Haveibeenpwned?

16 billion credentials, and I had just rotated my passwords…again

Jun 23 •

"The noise isn't false positives, it's all the stuff you're taking action on that didn't need action in the first place."

Signal to Noise: An Interview with Carl Steeves, Deputy CISO at Shutterfly

Jun 16 •

Finding the Needle Within the Needles

Signal to Noise Interview with Nick Bruno, CISO and SVP of IT at SHL

Jun 9 •

Vibe Coding + Cybersecurity: The Good, The Bad, and The Ugly

Stop treating AI-generated code like it's production-ready just because it runs

Jun 3 •

May 2025

Threat Hunting the DPRK's Remote Workers

Unmasking North Korea’s Stealthy Remote‑Access Tradecraft

May 27 •

Controlled Chaos: How Coinbase Turned a Breach into a Blueprint

A masterclass in breach disclosure and trust building in the face of $100s of millions in damages

May 19 •

Threat Hunting for AI-Generated Malware: A Practical Framework

Let’s go (threat) hunting today…

May 12 •

Vibe Coding Our Way to a Breach

Is the Future of Dev a Shortcut to Supply Chain Risk?

May 5 •

April 2025

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts