Posted on Mon 18 March 2024 in Thought • Tagged with security, LLM, AI, mistral, llama2
Because why not? I've already built a couple of LLM-specific focus bots that are truly locally hosted. But, documenting the process? That's new to me. Plus, I aimed for this to be a self-contained/isolated application. So, in this event, I wanted to document the basic setup since I …
Posted on Thu 22 February 2024 in Thought • Tagged with alerts, malware, vulnerabilities, security, IT, devops, sre, lgd
Earlier, I was having a discussion with some friends about what feeds into alert severity. Given our background in cybersecurity, we've seen our fair share of security alerts, but also a fair amount outside of the security domain (think IT, SRE, DEVOPS, Compliance, Business risk, etc.). So, what goes into …
Posted on Mon 19 February 2024 in Thought • Tagged with RE, reverse engineering, macOS, exploit dev, VM, virtual machine
Setting up virtual machines (VM) has always been fun for me, yet it seems to be a practice from the past. When setting up a VM of macOS Sonoma on Apple Silicon, particularly the Apple M1 Max with 64GB of memory, I was in search of …
Posted on Sat 10 February 2024 in Thought • Tagged with RE, decompilers, reverse engineering
I have been delving back into some lower-level code, specifically assembly. The goal is essentially a refresher for me on reverse engineering and exploit development techniques. It has been refreshing to relearn some of the techniques and tooling available today.
Currently, I have been experimenting with …
Posted on Mon 03 April 2023 in Thought, Cybersecurity, Vulnerability Management, CVSS, CVE
The topic of vulnerability management and prioritization has been garnering significant attention lately. Traditional methods of prioritizing vulnerabilities often rely on the Common Vulnerability Scoring System (CVSS) or severity ratings, such as critical, high, medium, and low.
However, CVSS and severity ratings lack context, limiting their effectiveness as prioritization systems …