Notices by Lesley Carhart :unverified: (hacks4pancakes@infosec.exchange)

This isn’t targeted at anyone in specific - I have had the conversation like 6 times this week,
Americans -
You need a work visa to work in another country, -even remote- unless they allow digital nomad
You can’t just go to most countries on a tourist visa and start looking for a visa sponsor & job

This Threads series is … really a great synopsis of how insane the past 24 hours have been on X since the location feature was switched on and then… quite promptly off 😀😅🫠

https://www.threads.com/@barrettpall/post/DRYI50AknvO

Nobody really knows what screenshots are real or fake, nobody knows what’s just broken on geolocation because X fired their engineers, but a statistically improbable bunch of “American” alt right accounts popped up as created in Thailand and Nigeria.

It’s pretty expected 2025 bananagrams.

In conclusion this is screwing over everyone except five problematic red team “rock star” seniors in a trench coat.

Cybersecurity also isn’t ready for the conversation about how we as an entire industry trick young men into perceiving red team as a way to be legally allowed to be a high tech, vigilante thief and then hire them for crap salaries to write repetitive and futile vulnerability assessment reports.

Women and older career switchers are generally not even exposed to red team as an option of interest that they’d be good at using socialized skills, which is kinda crazy when the most ignored people in society who can pretty much walk in anywhere are older women. Instead we portray it like esports.

Cybersecurity isn’t ready for the conversation about how bad sexism and ageism are in the whole pen test / red team community, or how influencer culture and the saturated market are enabling it to get worse. https://www.linkedin.com/pulse/tryhackmes-advent-cyber-2025-zero-women-creators-look-josh-mason--rz7ie?utm_source=share

I have Medicare for the time in my life.

I can get all the small things I could never get fixed… fixed. I don’t ever have to hoard medicine or give myself stitches again.
I have no idea what happens now. My plans only went to Tuesday. Maybe I do the reserves again, get another degree. I don’t know.

(You should all 👀 when established US hacking cons start losing venues over current politics,)

I have a friend who prefers to stay anonymous who gives this amazing talk in non US (but allied) countries about how long their internet will -really- function if they lose all comms with American data centers and it’s… phew. It’s a thing. Some resilient ones will last a few weeks before certificates expire. But CF is a wrench.

I have an AMA starting now on Reddit. https://www.reddit.com/r/SecurityCareerAdvice/comments/1otznp9/ama_ot_cybersecurity_jobs_training_ot_dfir_stories/

I have this weird, horrible, learned calculus about approving my hundreds of waiting LimkedIn requests. Do I know them? Did they send me a note? Have
I met them? Are they somewhere people want queer people dead? I’m sorry. It’s so hard to know who to trust anymore.

It’s entirely (unfortunately) possible lackluster turnout, disinformation, gerrymandering, and overconfidence cost the bulk of swing states last year. And that reaction to a horrific six months caused this swing. We have to look at every possible cause and the facts to be successful in 2026 and 2028

I know it’s tempting to look at yesterday’s election numbers in America and speculate about lack of 2024 election integrity, but I really caution against doing so without measured skepticism and evidence. Trust in overall election integrity and certification is vital to US stability going forward.

The whole MIT / @GossiTheDog malware study saga is so funny, because aside from the paper absolutely being crazy AI marketing FUD, there’s a crack of accidental admission about the fact that what the industry been hyping this whole time as 📣✨AI✨📣 is just sparkling ML and polymorphism.

The rest of the world is moving on.

This is a good Reddit post about cybersecurity cons for junior people and newcomers, with a lot of good and genuine answers from community friends. https://www.reddit.com/r/cybersecurity/s/YZakYHIwNJ

I taught a live translated class remotely to business people in Japan on OT malware reversing while wearing a kuromi onesie for Halloween, from a friends spare bedroom in a third country if you were wondering how shit is going

I know it’s overwhelming right now, but kick in your rational brain and risk measures and then evaluate if things are the same or as good as they were a year ago, ten years ago, etc. Is this something you would have considered normal or noteworthy? Is this what you’d expect from the gov or media?

This is a natural reaction of your brain to repeatedly seeing horrific things. It will pay less and less attention to those images and have less of a visceral reaction. You can accept horrors.

This is what the fascists want. They want you to accept things continually getting worse and more violent.