Update

After a bit of a hiatus I hope to start blogging more regularly, or at least to get caught up on posting about various topics I have spoken on at recent conferences.  For those who missed it I spoke on script based malware including so-called "fileless" intrusions, and taught a related training at BSides-Pittsburgh in June.  Last week, I co-presented a talk at DerbyCon about hacking maritime SCADA.  I will be working on some posts related to those talks, both technical deep-dives, and sharing some of my experiences with "soft-skill" topics like presenting at conferences, writing CFP responses, talking to reporters, and coordinating ethical disclosure of vulnerabilities.