Disclaimer: Every time I get an unsolicited sales email from a vendor wanting to do an introductory call, and that vendor is already used by my employer, that vendor owes me $20

@sycophantic
Love it, nicely done. At some point I also need details on your Meshtastic and ADS/ACARS stuff. I got a Heltec v3 for MT and a ADS-B antenna for my RTL but want to get something stationary mounted higher up and more powerful for both.

@sycophantic

Me Before: "Oh neat, this program needs an update, they probably fixed some bugs and added new features!"

Me Now: "Oh fuck, this program needs an update. they probably put more ads in and moved features behind a paywall."

Given Iran's internet shutdown, is it feasible or even possible for the US gov't to shutdown it's domestic internet access given A) that private companies provide the service and B) a significant portion of global internet data runs through or is hosted from the US?

Can someone explain why a service would need to do full TLS decryption/inspection just to allow for decisioning on the SNI field? (Assuming no encrypted SNI is present)

#aws #infosec #frustration

@FritzAdalis If only...

Is there a better way to start the day than having meetings cancelled?

SpaceX is building a company town. How far off is this from becoming a form of company scrip?

https://gizmodo.com/amazon-and-walmart-may-issue-their-own-company-crypto-2000615826

https://en.wikipedia.org/wiki/Company_scrip

When there are reports of "President X holds phone call with Prime Minister Y", are they actually on a phone, or is everything video based now?

Remember the good ol' days when we could just blame Level3?

#gcp #cloudflare

I finally wrapped up a project that had been on my mind for over a year.

Introducing RBAC ATLAS - 🔗 https://rbac-atlas.github.io

RBAC ATLAS is a curated database of identities and the Role-Based Access Control (RBAC) policies tied to them in popular Kubernetes open-source projects. Each entry includes security annotations that highlight granted permissions, potential risks, and possible abuse scenarios (inspired by classics like GTFOBins and LOLBAS).

Why does RBAC matter?

RBAC is the last line of defense in Kubernetes security. If a workload gets compromised and an identity is stolen, a misconfigured or overly permissive RBAC policy (often seen with Operators) can let an attacker move laterally through the cluster — potentially leading to a full takeover. Alongside RBAC ATLAS, I’ve also been working on a tool called RBAC Scope — a static analyzer that checks RBAC policies against 100+ rules to flag risks and abuse scenarios. It’s built to be flexible and open for contributions, so the community can create their own rules. I’ll be releasing that project soon as well!

In the meantime, if you're curious to learn more — or want to invite me to speak at your conference — feel free to reach out. I’ll be talking about these tools at the Red Team Village during DEFCON 33.

Damnit. @eff just dropped new merch, and I want it.

Something something Posse Comitatus Act
https://en.wikipedia.org/wiki/Posse_Comitatus_Act

#resist

This whole liquid glass thing from the #WWDC is giving me major Windows Vista vibes.

#mac #apple #macos

#memes #pride #pridemonth

Them: We're an open source company!
Us: Here's a long running issue thread that's been open for the past 7 years and has more interactions/votes than any feature you've ever added.
Them: We just don't understand why you'd want to use it that way

@accidentalciso Good point, time to schedule a meeting to make the strategy actionable.

@mttaggart I forget where I heard/read it, but it went something like "...if a single email or USB drive in an end-user system can take down your entire organization, the problem is not with the user, email, or USB drive."