@konigstein.bsky.social
Reposted
Don't get too excited about AI's ability to find software vulnerabilities, @rgblights.bsky.social said today — we'll never be able to keep up w/ the patching, esp. for unsupported & poorly maintained software. My report from Google's Cyber Defense Summit: www.cybersecuritydive.com/news/ai-vuln...
September 22, 2025 at 4:00 PM
Don't get too excited about AI's ability to find software vulnerabilities, @rgblights.bsky.social said today — we'll never be able to keep up w/ the patching, esp. for unsupported & poorly maintained software. My report from Google's Cyber Defense Summit: www.cybersecuritydive.com/news/ai-vuln...
They’re just like us fr
Robot meets bollard. Nothing beats the #WorldBollardAssociation
August 23, 2025 at 10:54 PM
They’re just like us fr
Reposted
One thing I'll say about the book, it confirms one of the biggest stories I've ever worked on. The one about sabotage missions inside Russia. Many of you told me I was wrong. I looked right back and said, fuck you, you're wrong.
Only place you can find that story:
web.archive.org/web/20231122...
Only place you can find that story:
web.archive.org/web/20231122...
May 14, 2025 at 2:01 PM
One thing I'll say about the book, it confirms one of the biggest stories I've ever worked on. The one about sabotage missions inside Russia. Many of you told me I was wrong. I looked right back and said, fuck you, you're wrong.
Only place you can find that story:
web.archive.org/web/20231122...
Only place you can find that story:
web.archive.org/web/20231122...
Reposted
NEW from me: A whistleblower says DOGE may have taken sensitive labor data...and then someone posted a threatening letter to his door.
www.npr.org/2025/04/15/n...
www.npr.org/2025/04/15/n...
A whistleblower's disclosure details how DOGE may have taken sensitive labor data
A whistleblower tells Congress and NPR that DOGE may have taken sensitive labor data and hid its tracks. "None of that ... information should ever leave the agency," said a former NLRB official.
www.npr.org
April 15, 2025 at 12:07 PM
NEW from me: A whistleblower says DOGE may have taken sensitive labor data...and then someone posted a threatening letter to his door.
www.npr.org/2025/04/15/n...
www.npr.org/2025/04/15/n...
Reposted
4chan was completely pwned. Email addresses and ips of the mods, captcha tokens, source code, everything.
www.the-sun.com/tech/1402906...
www.the-sun.com/tech/1402906...
Thousands of 4Chan users report issues accessing controversial website
CONTROVERSIAL website 4Chan has gone down for thousands with users unable to access the message board. More than 1,000 users of the site have logged complaints on the Downdetector website, which me…
www.the-sun.com
April 15, 2025 at 12:44 PM
4chan was completely pwned. Email addresses and ips of the mods, captcha tokens, source code, everything.
www.the-sun.com/tech/1402906...
www.the-sun.com/tech/1402906...
Reposted
The arbitrage opportunities for Northern Ireland will be mind-boggling.
US impose 10% tariff on the UK, 20% on EU. Nothing to do with deals, but probably at the lower end of what either were expecting. Add in auto tariffs 25% on top presumably though.
April 2, 2025 at 9:11 PM
The arbitrage opportunities for Northern Ireland will be mind-boggling.
Reposted
You would assume that the development of a senior DOGE figure - a young cybersecurity engineer - briefly becoming a Fannie Mae board member would be seen as a bigger story/mystery with more attention from Congress. But I guess not
March 24, 2025 at 2:38 PM
You would assume that the development of a senior DOGE figure - a young cybersecurity engineer - briefly becoming a Fannie Mae board member would be seen as a bigger story/mystery with more attention from Congress. But I guess not
Reposted
Fascinating look at how deeply surveilled we all are and how dogged law enforcement can follow the tiniest bread crumbs to capture perpetrators they prioritize.
In other news, the person who planted pipe bombs in Washington DC ahead of January 6th is still unidentified.
In other news, the person who planted pipe bombs in Washington DC ahead of January 6th is still unidentified.
How three alleged Tesla vandals got caught
Automatic license plate readers, Instagram captions, and fingerprints.
🔗 www.404media.co/how-three-al...
Automatic license plate readers, Instagram captions, and fingerprints.
🔗 www.404media.co/how-three-al...
March 20, 2025 at 11:18 PM
Fascinating look at how deeply surveilled we all are and how dogged law enforcement can follow the tiniest bread crumbs to capture perpetrators they prioritize.
In other news, the person who planted pipe bombs in Washington DC ahead of January 6th is still unidentified.
In other news, the person who planted pipe bombs in Washington DC ahead of January 6th is still unidentified.
It’s really incredible getting a front row seat to the richest person to ever live admitting that he has no idea how governments work.
March 19, 2025 at 6:23 PM
It’s really incredible getting a front row seat to the richest person to ever live admitting that he has no idea how governments work.
Reposted
"Zen and the Art of Microcode Hacking"
Tragic signature bypass enables custom microcode loading on AMD processors, and a tool to do it. The blog is extremely well written and provides concise explanations of topics mentioned + plenty of resources! A must read.
bughunters.google.com/blog/5424842...
Tragic signature bypass enables custom microcode loading on AMD processors, and a tool to do it. The blog is extremely well written and provides concise explanations of topics mentioned + plenty of resources! A must read.
bughunters.google.com/blog/5424842...
Blog: Zen and the Art of Microcode Hacking
This blog post covers the full details of EntrySign, the AMD Zen microcode signature validation vulnerability recently discovered by the Google Security team.
bughunters.google.com
March 6, 2025 at 2:32 AM
"Zen and the Art of Microcode Hacking"
Tragic signature bypass enables custom microcode loading on AMD processors, and a tool to do it. The blog is extremely well written and provides concise explanations of topics mentioned + plenty of resources! A must read.
bughunters.google.com/blog/5424842...
Tragic signature bypass enables custom microcode loading on AMD processors, and a tool to do it. The blog is extremely well written and provides concise explanations of topics mentioned + plenty of resources! A must read.
bughunters.google.com/blog/5424842...
Reposted
Two stories published Friday reporting that Trump admin had ordered US Cyber Command and CISA to "stand down" on their work to detect/counter Russian cyber threats. But new info has come out to contradict them. I dug into what we know and don't know. www.zetter-zeroday.com/did-trump-ad...
Did Trump Admin Order U.S. Cyber Command and CISA to Stand Down on Russia?
Two blockbuster stories published on Friday that appear to confirm what many Americans suspected would occur under the Trump administration – that the new regime is going to be softer on Russia than p...
www.zetter-zeroday.com
March 4, 2025 at 4:02 PM
Two stories published Friday reporting that Trump admin had ordered US Cyber Command and CISA to "stand down" on their work to detect/counter Russian cyber threats. But new info has come out to contradict them. I dug into what we know and don't know. www.zetter-zeroday.com/did-trump-ad...
Reposted
PPL Exploit PoC : Exploitation of Windows Protected Pro Light by leveraging COM-to-.NET redirection & reflection techniques for code injection: github.com/T3nb3w/ComDo...
Abusing IDispatch for Trapped COM Object Access & Injecting into PPL Processes: mohamed-fakroud.gitbook.io/red-teamings...
Abusing IDispatch for Trapped COM Object Access & Injecting into PPL Processes: mohamed-fakroud.gitbook.io/red-teamings...
GitHub - T3nb3w/ComDotNetExploit: A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and reflection techniques for cod...
A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and reflection techniques for code injection. This PoC showcases...
github.com
March 3, 2025 at 2:51 PM
PPL Exploit PoC : Exploitation of Windows Protected Pro Light by leveraging COM-to-.NET redirection & reflection techniques for code injection: github.com/T3nb3w/ComDo...
Abusing IDispatch for Trapped COM Object Access & Injecting into PPL Processes: mohamed-fakroud.gitbook.io/red-teamings...
Abusing IDispatch for Trapped COM Object Access & Injecting into PPL Processes: mohamed-fakroud.gitbook.io/red-teamings...
Reposted
Fantastically brutal review of Palantir CEO Alex Karp's new book, The Technological Republic by @lioneltrolling.bsky.social.
www.bloomberg.com/news/article...
www.bloomberg.com/news/article...
February 23, 2025 at 2:07 PM
Fantastically brutal review of Palantir CEO Alex Karp's new book, The Technological Republic by @lioneltrolling.bsky.social.
www.bloomberg.com/news/article...
www.bloomberg.com/news/article...
Reposted
Teenage DOGE worker Edward Coristine is grandson of former KGB spy Valery Martynov who was an officer in Line X - the technical espionage division of the KGB. Martynov became a double agent after FBI recruited him and began feeding Soviet secrets to the Bureau
www.jacobsilverman.com/p/prominent-...
www.jacobsilverman.com/p/prominent-...
Prominent DOGE Staffer Is Grandson Of Turncoat KGB Spy
Edward “Big Balls” Coristine happens to be the descendant of Valery Martynov, a KGB agent who spied for the US.
www.jacobsilverman.com
February 21, 2025 at 7:11 PM
Teenage DOGE worker Edward Coristine is grandson of former KGB spy Valery Martynov who was an officer in Line X - the technical espionage division of the KGB. Martynov became a double agent after FBI recruited him and began feeding Soviet secrets to the Bureau
www.jacobsilverman.com/p/prominent-...
www.jacobsilverman.com/p/prominent-...
Reposted
Russia targeting Signal is a pretty good sign of how important that app is. cloud.google.com/blog/topics/...
cloud.google.com
February 19, 2025 at 10:01 PM
Russia targeting Signal is a pretty good sign of how important that app is. cloud.google.com/blog/topics/...
Reposted
NEW from me:
The Trump administration is moving quickly to roll back long-standing work to counter foreign influence in U.S. elections.
The latest: CISA staff working on disinformation as well as regional election security advisors on administrative leave.
www.npr.org/2025/02/11/n...
The Trump administration is moving quickly to roll back long-standing work to counter foreign influence in U.S. elections.
The latest: CISA staff working on disinformation as well as regional election security advisors on administrative leave.
www.npr.org/2025/02/11/n...
Efforts to fight foreign influence and protect elections in question under Trump
Staffers at the U.S. cybersecurity agency working on countering foreign disinformation and on election security have been put on leave, according to sources who spoke anonymously for fear of reprisal.
www.npr.org
February 12, 2025 at 4:07 AM
NEW from me:
The Trump administration is moving quickly to roll back long-standing work to counter foreign influence in U.S. elections.
The latest: CISA staff working on disinformation as well as regional election security advisors on administrative leave.
www.npr.org/2025/02/11/n...
The Trump administration is moving quickly to roll back long-standing work to counter foreign influence in U.S. elections.
The latest: CISA staff working on disinformation as well as regional election security advisors on administrative leave.
www.npr.org/2025/02/11/n...
Reposted
Any USAID folks working on cybersecurity, infrastructure, technology projects: please feel free to reach out. How will DOGE impact the work you do?
I'm on Signal at JennaMcLaughlin.54.
I'm on Signal at JennaMcLaughlin.54.
February 3, 2025 at 4:39 PM
Any USAID folks working on cybersecurity, infrastructure, technology projects: please feel free to reach out. How will DOGE impact the work you do?
I'm on Signal at JennaMcLaughlin.54.
I'm on Signal at JennaMcLaughlin.54.
Reposted
At 19-24, these brogrammers have not yet achieved full frontal lobe maturity. Is it too much to hope that many of these systems are still COBOL or FORTRAN?
February 2, 2025 at 7:22 PM
At 19-24, these brogrammers have not yet achieved full frontal lobe maturity. Is it too much to hope that many of these systems are still COBOL or FORTRAN?
Reposted
Part 2 of our administrator protection blog is up techcommunity.microsoft.com/blog/microso...
January 29, 2025 at 7:20 PM
Part 2 of our administrator protection blog is up techcommunity.microsoft.com/blog/microso...
Reposted
DeepSeek meme shitposting day
January 28, 2025 at 12:23 PM
DeepSeek meme shitposting day
Reposted
I spent the last month reverse engineering Call of Duty's anti-cheat!
Blog post here: ssno.cc/posts/revers...
Blog post here: ssno.cc/posts/revers...
Reverse Engineering Call Of Duty Anti-Cheat
I’ve been reversing Black Ops Cold War for a while now, and I’ve finally decided to share my research regarding the user-mode anti-cheat inside the game. It’s not my intention to shame or promote chea...
ssno.cc
January 20, 2025 at 9:49 PM
I spent the last month reverse engineering Call of Duty's anti-cheat!
Blog post here: ssno.cc/posts/revers...
Blog post here: ssno.cc/posts/revers...