https://ricanwarfare.com/ Recent content on ricanwarfare | Cyber & Lab https://github.com/ricanwarfare.png https://github.com/ricanwarfare.png Hugo en Mon, 13 Apr 2026 20:05:21 -0500 https://ricanwarfare.com/labs/proxmox-hardening/ Sun, 15 Mar 2026 10:00:00 -0500 https://ricanwarfare.com/labs/proxmox-hardening/ From fresh install to production-ready. A comprehensive guide to securing your Proxmox homelab. https://ricanwarfare.com/posts/undefend-windows-defender-dos/ Mon, 13 Apr 2026 19:00:00 -0500 https://ricanwarfare.com/posts/undefend-windows-defender-dos/ New tool from the BlueHammer researcher disables Windows Defender signature updates — or the entire engine — from a standard user account. No admin required. https://ricanwarfare.com/cve/bluehammer-windows-defender-lpe/ Sun, 12 Apr 2026 10:00:00 -0500 https://ricanwarfare.com/cve/bluehammer-windows-defender-lpe/ Unpatched local privilege escalation in Windows Defender's signature update mechanism. 7-stage chain from standard user to SYSTEM. No CVE assigned. https://ricanwarfare.com/posts/bluehammer-week-two-still-unpatched/ Sun, 12 Apr 2026 10:00:00 -0500 https://ricanwarfare.com/posts/bluehammer-week-two-still-unpatched/ Nine days after public disclosure, BlueHammer remains unpatched. The SNEK reimplementation has 67+ stars, only 8 of 72 vendors detect the PoC, and MSRC's disclosure breakdown reveals a deeper problem. https://ricanwarfare.com/posts/self-improving-agents-weekly-trio/ Sun, 12 Apr 2026 09:00:00 -0500 https://ricanwarfare.com/posts/self-improving-agents-weekly-trio/ How a three-agent team autonomously audits, consolidates, and hardens its own infrastructure every week — with real results from the latest cycle. https://ricanwarfare.com/posts/bluehammer-deep-dive-update/ Thu, 09 Apr 2026 07:08:00 -0500 https://ricanwarfare.com/posts/bluehammer-deep-dive-update/ A technical deep-dive into BlueHammer's 7-stage exploit chain that weaponizes Windows Defender's own update workflow to achieve SYSTEM privileges. https://ricanwarfare.com/posts/bluehammer-windows-zero-day/ Tue, 07 Apr 2026 22:00:00 -0500 https://ricanwarfare.com/posts/bluehammer-windows-zero-day/ A disgruntled researcher publicly released exploit code for BlueHammer, an unpatched Windows local privilege escalation zero-day. No patch available. https://ricanwarfare.com/cve/cve-2026-35616/ Tue, 07 Apr 2026 15:00:00 -0500 https://ricanwarfare.com/cve/cve-2026-35616/ Critical improper access control vulnerability in FortiClient EMS. Actively exploited before disclosure. https://ricanwarfare.com/posts/fortinet-zero-day-cve-2026-35616/ Tue, 07 Apr 2026 15:00:00 -0500 https://ricanwarfare.com/posts/fortinet-zero-day-cve-2026-35616/ CISA has added CVE-2026-35616 to its Known Exploited Vulnerabilities catalog. Here's what offensive and defensive teams need to know. https://ricanwarfare.com/posts/oauth-gateway-voice-tts/ Tue, 07 Apr 2026 14:00:00 -0500 https://ricanwarfare.com/posts/oauth-gateway-voice-tts/ Migrating from manual OAuth token refresh to Maton gateway, and adding voice responses for messaging platforms. https://ricanwarfare.com/posts/claude-code-review/ Tue, 31 Mar 2026 17:00:00 -0500 https://ricanwarfare.com/posts/claude-code-review/ A practical look at Claude Code (claude.ai/code) for terminal-based AI development, comparing it to other coding assistants and how to integrate it into a homelab workflow. https://ricanwarfare.com/posts/openclaw-personal-ai-assistant/ Tue, 31 Mar 2026 16:55:00 -0500 https://ricanwarfare.com/posts/openclaw-personal-ai-assistant/ How I use OpenClaw to run Clawd, a hierarchical AI assistant that manages my homelab, coordinates subagents, and maintains memory across sessions. https://ricanwarfare.com/posts/local-llm-ollama-guide/ Tue, 31 Mar 2026 16:50:00 -0500 https://ricanwarfare.com/posts/local-llm-ollama-guide/ How to set up, optimize, and integrate Ollama for running local language models in your homelab infrastructure. https://ricanwarfare.com/posts/automating-with-clawd/ Fri, 20 Mar 2026 12:00:00 -0500 https://ricanwarfare.com/posts/automating-with-clawd/ How I built Clawd, a hierarchical AI assistant system to automate homelab operations, security monitoring, and daily workflows. https://ricanwarfare.com/posts/toolshell-sharepoint-apocalypse/ Wed, 04 Mar 2026 19:30:00 -0600 https://ricanwarfare.com/posts/toolshell-sharepoint-apocalypse/ Microsoft dropped CVE-2025-53770 on a Saturday. By the time many teams saw the advisory, attackers were already inside. Here's what you need to know about ToolShell. https://ricanwarfare.com/posts/network-edge-device-crisis/ Wed, 04 Mar 2026 19:15:00 -0600 https://ricanwarfare.com/posts/network-edge-device-crisis/ In 2024-2025, over 20 zero-day exploits targeted network-edge devices. Here's why your perimeter is under siege and what to do about it. https://ricanwarfare.com/posts/react2shell-log4shell-2025/ Wed, 04 Mar 2026 19:00:00 -0600 https://ricanwarfare.com/posts/react2shell-log4shell-2025/ React2Shell (CVE-2025-55182) emerged as a critical RCE vulnerability affecting React Server Components. Here's what you need to know about detection, remediation, and lessons learned. https://ricanwarfare.com/posts/homelab-audit-q1-2026/ Wed, 25 Feb 2026 20:15:00 -0600 https://ricanwarfare.com/posts/homelab-audit-q1-2026/ Quarterly homelab audit covering Signal alert migration, centralized automation, Proxmox disk health findings, and model failover validation for resilience. https://ricanwarfare.com/posts/bash-scripting-syntax/ Sun, 15 Feb 2026 19:40:00 +0000 https://ricanwarfare.com/posts/bash-scripting-syntax/ A concise reference for essential Bash scripting syntax, from variables to functions. https://ricanwarfare.com/posts/defensive-osint/ Thu, 12 Feb 2026 21:20:00 +0000 https://ricanwarfare.com/posts/defensive-osint/ How defenders can use open-source intelligence to find leaked credentials and shadow IT before attackers do. https://ricanwarfare.com/posts/local-llm-exploitation/ Thu, 12 Feb 2026 21:15:00 +0000 https://ricanwarfare.com/posts/local-llm-exploitation/ Analyzing the security risks of self-hosted AI stacks and how to defend against indirect prompt injection. https://ricanwarfare.com/posts/offensive-ai/ Thu, 12 Feb 2026 21:00:00 +0000 https://ricanwarfare.com/posts/offensive-ai/ How Large Language Models are changing the game for red teams and threat actors alike. https://ricanwarfare.com/posts/zero-trust-mindset/ Thu, 12 Feb 2026 20:50:00 +0000 https://ricanwarfare.com/posts/zero-trust-mindset/ Moving beyond the castle-and-moat mentality in modern cybersecurity. https://ricanwarfare.com/posts/hardening-proxmox/ Thu, 12 Feb 2026 20:45:00 +0000 https://ricanwarfare.com/posts/hardening-proxmox/ A guide on securing your Proxmox virtual environment and containerized workloads.