About

I’m Tess, better known online as killrbunn3.

I work in cybersecurity as a researcher and practitioner, with a focus on how real attacks happen, why they succeed, and how defenders can respond without unlimited budgets, perfect tooling, or ideal conditions. My writing and research center on translating active threats — ransomware, malware families, zero-day vulnerabilities, and state-aligned activity — into language that is technically accurate, operationally useful, and grounded in reality.

I’m especially interested in the human edge of security: how insider threats emerge, how users become attack vectors without malicious intent, and how defenders can build resilience instead of blame.

What I Write About

My work spans both technical analysis and practical defense, often bridging the gap between threat intelligence and day-to-day security operations. Topics I regularly cover include:

  • Ransomware ecosystems and attacker tradecraft
  • Malware families and historical context (RATs, loaders, MaaS)
  • High-impact vulnerabilities and zero-days (Log4Shell, Follina, PrintNightmare)
  • Insider threats, credential abuse, and access misuse
  • Budget-constrained security strategies for small and mid-sized organizations
  • Censorship resistance, privacy tooling, and secure communications
  • Nation-state and state-aligned threat activity, particularly Russian APTs

Across this work, I aim to answer one core question: What actually matters when you’re on the hook to defend something real?

Selected Writing & Research

A selection of my published work is available in the ‘posts’ section of this site, and includes:

  • Bad Luck: BlackCat Ransomware Bulletin — analysis of BlackCat/ALPHV tradecraft, affiliate behavior, and mitigation strategies
  • Drawing the RedLine: Insider Threats in Cybersecurity — a deep dive into RedLine malware and the broader reality of insider risk
  • Follina Zero-Day Vulnerability Breakdown — technical analysis, detection guidance, and remediation strategies
  • Log4J / Log4Shell Breakdown — impact assessment and operational response guidance during active exploitation
  • PrintNightmare Analysis — privilege escalation mechanics and real-world defensive considerations
  • History of Malware: Remote Access Trojans (RATs) — historical and modern context for one of the most persistent malware categories
  • How to Protect Yourself from Ransomware on a Budget — pragmatic security guidance for organizations without enterprise-scale resources
  • Under the Wire: Evading Censorship & Protecting Sensitive Information — tools and techniques for secure communication under hostile conditions
  • Weathering Russian Winter: The Current State of Russian APTs — threat actor history, tactics, and defensive implications
  • Yet Another Hacker Summercamp Survival Guide — a grounded, human-centric look at navigating security conferences safely and sustainably

Approach & Philosophy

I don’t write to sensationalize threats or chase headlines. I write to document how things actually work — including the messy parts.

Security doesn’t happen in a vacuum. Attackers reuse tools. Defenders inherit technical debt. Users make mistakes. Budgets are finite. My goal is to help practitioners recognize patterns, prioritize realistically, and build defenses that hold up outside of whitepapers and demos.

I value curiosity, accessibility, and community knowledge-sharing, and I believe that good security writing should be understandable without being simplified into uselessness.

Elsewhere

You’ll usually find me online under killrbunn3, whether I’m writing, researching, attending conferences, or contributing to community discussions. If you’re into knitting, I even post my projects on socials sometimes!

This site serves as a home for my longer-form work, projects, research notes, and writing that doesn’t fit neatly into social media or vendor blogs.