happy international women's day to trans women in particular

@alex good old days :)

I like ARGO it still comes with CD. 🫣

Are there any #Permacomputing #SolarPunk or #Luddite -adjacent communities in #Brighton -- especially ones that meet in person? Would love to find people locally to mix ideas with.

Honored to be quoted in @techcrunch_official 's latest article on the hijacking of WordPress sites to distribute Windows and Mac malware. It's crucial for website owners to stay vigilant and implement robust security measures.
Read more: https://techcrunch.com/2025/01/29/hackers-are-hijacking-wordpress-sites-to-push-windows-and-mac-malware/

I was expecting a crash, but I guess the system's a bit rusty…

Pretty interesting usecase we found. The malJS injected was like a CTF challenge that ask players to escalate from XSS to RCE.

https://cside.dev/blog/over-5k-wordpress-sites-caught-in-wp3xyz-malware-attack

When to expect next Ivanti 0day?

> My prediction 1 more this quarter.

Quick one: if you're on Wayland (in my case, Sway), and you need to present only a specific window, you can work around missing support here (which seems to be moving on as per https://github.com/emersion/xdg-desktop-portal-wlr/issues/107) by creating a virtual output and mirroring it. Add this file:

$ cat ~/.config/xdg-desktop-portal-wlr/config
[screencast]
max_fps      = 30
exec_before  = wl-mirror "$(swaymsg -t get_outputs | jq --raw-output '[.[] | select(.name | startswith("HEADLESS-"))][0] | .name')"
exec_after   = swaymsg output "$(swaymsg -t get_outputs | jq --raw-output '[.[] | select(.name | startswith("HEADLESS-"))][0] | .name')" unplug
chooser_type = dmenu
chooser_cmd  = swaymsg -t get_outputs | jq --raw-output '.[] | .name' | dmenu

(You'll need wl-mirror and dmenu or similar installed)

And remember to create the virtual output before starting the screen-share:

swaymsg create_output

This will typically create an output to the right of your current setup, but will also assign a workspace to it -- navigate to the workspace to switch to the output, all while keeping the mirrored view on your main output. Ending the screen-share will unplug the output; re-create it whenever you want to start a new share.

Brace yourself bug collisions are coming. #P2OIreland #PWN2OWN

BSIDES London, a few tickets left.
https://www.eventbrite.co.uk/e/bsides-london-2024-tickets-1001295711427

Now you probably know where your pet went. Thank you for such an enlightening debate.

For the past year or so, I've been lugging around the Stanford Encyclopedia of Philosophy on my Kobo eReader; officially, the way to do this is by becoming a friend of the SEP (which you should definitely consider!) and downloading articles as PDF.

The experience with PDF is pretty awful, and so I ended up writing a small script to convert the SEP to ePub:

https://git.deuill.org/deuill/plato-epub

Hope someone else finds this useful!

🔥 Excited to present CalMal (https://github.com/unknownhad/CalMal) at #BlackHatAsia! 🛠️ Our open-source tool uses #MachineLearning for malware clustering and is adaptable for various sandboxes. Check it out 👉 GitHub and join my session 👉 Details (https://www.blackhat.com/asia-24/arsenal/schedule/#malware-clustering-using-unsupervised-ml--calmal-37611).
Let’s meet up for a coffee and talk security! #InfoSec #CyberSecurity

Twitter just doing a "redirect links in tweets that go to x.com to twitter.com instead but accidentally do so for all domains that end x.com like eg spacex.com going to spacetwitter.com" is not absolutely the funniest thing I could imagine but it's high up there

Happy CVE-2024-0001

🚀 Exciting News: We've Launched the Cloud Intel Atomic Indicators API! 🌐

I'm thrilled to announce the release of our latest project - the Cloud Intel Atomic Indicators API. This innovative tool provides updated data on malicious IP addresses, leveraging Cloudflare's powerful infrastructure for maximum efficiency and security.

🔍 What's in it for you?
- Updated data every 24 hours.
- Free access to crucial cybersecurity information.
- Easy-to-use API, detailed in our latest blog post.

🔑 Get your FREE API key now and join us in strengthening cyber defenses!

Read more about how you can use this API and the technology behind it: https://lnkd.in/e6ApxaMG

#CyberSecurity #API #Cloudflare #threatintelligence #cloudsecurity

I just received #TristanPerich’s newest circuit album, “Composition for Three Small Speakers”. This is part of Tristan’s 1-bit music series. https://tristanperich.bandcamp.com/album/composition-for-three-small-speakers

🔒 New RCE Botnet Alert: Akamai's recent blog exposes a Mirai virus spread via zero-days. Interestingly, #AWSAttacks had identified some of these IOCs prior to the blog's release, highlighting the proactive nature of our threat detection.

We're consistently updating our `AWSAttacks` GitHub repository with daily IOC updates, aiding the cybersecurity community in staying one step ahead.

Discover more: https://github.com/unknownhad/AWSAttacks. Your feedback and insights are crucial. Please feel free to email us or contribute by opening a ticket on GitHub.

#CyberSecurity #ThreatIntelligence #MiraiBotnet #Akamai #ProactiveSecurity

#blackfriday deal, it's #free .