[USPol]

The gigantic and obvious Hatch Act violation that is the USDA shutdown notice continues, and is frankly breathtaking in its naked partisanship.

https://www.usda.gov/shutdownplans

So gross.

@mauvehed woah. So how do you play it?

yo voté

New sticker drop just in time to REALLY disappoint some neighborhood trick or treaters

design by one of my innumerable children

Just like chocolate and peanut butter, runZero and BloodHound are an amazing combination. Today we are introducing runZeroHound - an open source toolkit for bringing runZero Asset Inventory data into BloodHound attack graphs, using the brand new OpenGraph […]

[Original post on infosec.exchange]

I fixed an electrical problem in my truck. I used a multimeter. I’m very proud of this butch feat.

I also put in for a couple @bsidessf proposals for fun infosec talks, dozens of hours before the deadline

all in all a pretty good Sunday.

Hmm. I have a sudden influx of targeted spam/scam email that's addressing me as "Jessica" to my long-standing personal email address (which isn't named Jessica).

I wonder who Jessica is, why they used todb at packetfu dot com.

I have a dim recollection […]

[Original post on infosec.exchange]

@hrbrmstr you gave away dark mode for free?!

;)

@pluralistic saw your book on display today in Alpine, Texas. Front Street Books.

When a chatbot joins your live Zoom webinar and starts bullying the hosts.

runZero Hour from @runZeroInc never ceases to entertain.

So #cisa has reverted back to just calling this month CASM, huh.

Cool. Caring about acronym collisions is too DEI woke I guess.

(As an industry we tried to sidestep this with **National** Cyber Security Awareness Month, or NCSAM, but I guess CISA isn't on board with that any more.) […]

RE: https://infosec.exchange/@runZeroInc/115372914426473099

Welp, today is the day of the #winpocolypse -- unless you pay up with money or data.

https://www.microsoft.com/en-us/windows/extended-security-updates

Note the consumer level ESU (extended support updates) won't work if your Win10 […]

@g this graph is mislabelled. The NVIDIA block is two blocks up from that block.

NVIDIA has a market cap north of $4 trillion. If this one company were itself an entire industry sector, that would make it the fifth most capitalized sector in the US.

this-is-fine.png

While you're convincing your org to block a few ASNs, perhaps also consider banning commercial VPNs from at least talking to your remote access gear.

Hey, next week, @rk will be chatting it up with none other than captn3m0 about all things EOL, and I'm unreasonably excited about it. Reg here to get in on the chat action:

https://www.runzero.com/research/runzero-hour/

Oh no, that’s not a great idea…

https://www.reddit.com/r/OutOfTheLoop/s/MPeThS9dhs

Win7 is seeing a resurgence? Really?

Listening to Brooke Gladstone read ad copy for AI slop generators at about 17m30s this week is really jarring.

I kept waiting for the “and here’s why that’s bad” coda, which never came.

#onthemedia

https://podcasts.apple.com/us/podcast/on-the-media/id73330715?i=1000729978646

Hey, now that #cisa 2015 is done and over (no not that CISA, the other CISA) does this make you less likely to voluntarily provide IOCs, TTPs, etc with the feds? DM me, especially if you're interested in talking with a journalist who's covering the ending of CISA 2015.

(it really sucks that […]

I especially like how biotech and pharma is classed in NAICS under "Wood, Paper, and Chemicals Manufacturing" (NAICS prefix 32). When I saw that, I assumed it was all lumberjacks and Dunder Mifflin and, I dunno, toxic waste barrels.

But nope, real and critically serious companies like Pfizer […]

[USPol]

welp won’t be needing these any more

(spotted at a law firm I was hanging out in today)

Just published episode 70, our discussion of a tale of corpse-snuggling, "The Loved Dead," by HP #lovecraft but actually by #cmeddy, first published in the May/June issue of Weird Tales.

You're going to want a cold shower after this one. Especially if you're […]

[Original post on defcon.social]

@jerry working on this vuln disclosure gave me comfort that a Terminator-style human-cyborg war will be trivially easy to overcome with people like Bin4ry and h0stile on the human side.

(for more detailed writeup of the technicals, btw, see […]

An unpatched workable vulnerability in humanoid robots. The future is bright for humanity. https://spectrum.ieee.org/unitree-robot-exploit

Okay I think I'm getting the hang of actually publishing GCVEs.

Anyway, @AustinHackers just published a new #unitree robotics bug. Read up on these, especially if you're the sort of person that uses Unitree robots to do dangerous stuff with guns and bombs and such. TL;dr: Mass mind-control on […]